Sie sind auf Seite 1von 44

Smart Install Tutorial and

Deployment

N Krishnamoorthy ESTG Technical Marketing

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Agenda
Chapter 1 : SmartInstall Introduction

Chapter 2: SmartInstall Very Simple Deployment


Chapter 3: SmartInstall - Medium Complexity
Chapter 4: SmartInstall - Fully Loaded
Chapter 5: SmartInstall Best Practices

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Chapter 1 : SmartInstall Introduction


In this chapter, you will learn:

Why to use SmartInstall ?


What is SmartInstall ?
SmartInstall in the network
SmartInstall Groups
Supported Hardware Platforms

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Why to use SmartInstall?


Easy Deployment

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

SmartInstall What is it?


Centralized management for image and config
Client Server model
Plug and Play of new switches
Auto-Detect of new switches
Zero-touch deployment and switch replacement
Post upgrade
Scheduled config and image upgrade in future
Config backup
Based on the existing Auto-Install feature

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Smart Install In the Network


Director - Configures client providing switch plug and play
Client - Gets the image and config from the Director
Groups - Classification of client switches based on switch model
and other parameters for better management.
Client Switches discovered via CDP & LLDP

Central TFTP, DHCP Server

Director Switch

Client Switches
3750X

Clients Group 2
2960

Clients Group 1
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

SmartInstall Groups
Does the
client match
any custom
group?

Client can belong to either Custom,


Built-in or Default groups. The logic
for this selection is:
1st the Director tries to find a customgroup match for the client switch

No
Does the
client
match
any
built-in
group?

If match found, client switch gets


corresponding image and config
If not, then the Director tries to find a
built-in group match
If no built-in group match found,
default image and config file is provided
to the client
Best Practice Use default setting
when network has only 1 switch model
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

No

Yes

Client gets the


image and
config for that
custom group

Yes

Client gets the


image and
config for that
Built-in group

Client gets the


image and
config files
from the
default settings
7

Supported Hardware Platforms


Director Switches:
3750, 3750v2, 3750E, 3560, 3560v2, 3560E - Software version : 12.2.(53)SE
& above
3750X, 3560X - Software version : 12.2.(53)SE & above
Recommended version for switches : 12.2.(55) because of enhancements

Director Routers:
G1: 1841, 2801, 2811, 2821, 2851, 3825, 3845
G2: 1921, 1941, 2901, 2911, 2921, 2951, 3925, 3945, 3925E, 3945E
Minimum Software version : 15.1.(3)T

Client Switches
3k 3750, 3750E, 3750X, 3560, 3560E, 3560X
2k 2960, 2960S, 2975, 2960G.
Special Cases: 3560v2, 3750v2, Industrial Ethernet series switches (custom
groups)
Client Switches must support archive download-sw command
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Agenda
Chapter 1 : SmartInstall Introduction

Chapter 2: SmartInstall Very Simple Deployment


Chapter 3: SmartInstall - Medium Complexity
Chapter 4: SmartInstall - Fully Loaded
Chapter 5: SmartInstall Best Practices

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Chapter 2: Smart Install Very Simple Deployment


In this chapter, you will learn to:
Enable SmartInstall on the Director
Setup DHCP for client switches
Setup default config and image for clients
Configure Hostname-prefix

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

10

Deployment Highlights and Topology

Director acts as the TFTP and DHCP


server

Catalyst 3750E

All client switches belong to one


model (WS-C2960-48TT-S)
Using vlan 1 as the management vlan
Catalyst 2960
Chapter 1 : Smart Install Topology

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

11

Default Settings for Client Image and Config


Recommended when network has same model switches
Requires minimum number of configuration steps
Simple to deploy and manage

Before You Start


Ensure that the Director Switch is running either IP base/IP
services/Universal IOS images
Copy the tar image file for 2960 lanbase client switch and its config file to
Director flash

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

12

Configuration Steps
1) Enable SmartInstall on the Director
Director#configureterminal
Director(config)#vstackdirector10.0.0.33
Director(config)#vstackbasic

2) Configure the DHCP scope for SmartInstall Client switches:


Director(config)#vstackdhcplocalserverpool1
Director(configvstackdhcp)#addresspool10.0.1.0255.255.0.0
Director(configvstackdhcp)#defaultrouter10.0.0.33
Director(configvstackdhcp)#fileserver10.0.0.33
Director(configvstackdhcp)#exit
Director(config)#ipdhcpremember
Director(config)#end

3) Configure the default image and config :


Director#configureterminal
Director(config)#vstackimageflash:c2960lanbasetar.12253SE.tar
Director(config)#vstackconfigflash:2960lanbase_config.txt
Director(config)#end

4)

Hostname prefix: Helps assign a common hostname + last 3 bytes of

MAC
Director(config)#vstackhostnameprefixClient_Switch
Director(config)#exit
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

13

What happens in the background ?


1. Director creates client_cfg.txt and stores it on the flash
2. Director configures itself to be the TFTP server
3. Director discovers clients through CDP
4. Clients get IP on vlan 1 from the DHCP pool on the Director
5.

Clients download starts ( takes 5 8 minutes)


1.
2.
3.
4.

Client downloads client_cfg.txt


Client downloads image file
Client reboots with new image
Client downloads config file

P.S : When the client switch is downloading the image and config file, you may
not see any console messages. DO NOT press any key at this time as this
will terminate the SmartInstall operation

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

14

Use cases for this Scenario

All clients are same model, use same software version, feature sets, configs

Director with layer 3 capability

Value Addition
Simple configuration Quick and Easy setup
Round the clock automatic image and config provisioning for new client
switches

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

15

Chapter 3: SmartInstall Using Built-in Groups


In this chapter, you will learn to:
Configure built-in groups
Configure external TFTP server
How to make ether channels work on
clients
Move the management vlan away from
vlan 1

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

16

Highlights and Topology for this Chapter


TFTP
server

In this chapter:

Director

Client switches belong to multiple


models
TFTP Server is external to the Director

Ether
channel
link

Config files will change the client


switches management VLAN
Etherchannels used as links to the
Director

Built-in Switch Group


1 (3560e series)

Built-in Switch Group


2 ( 3750e series)

Before you begin:


Copy image tar files for all client swicth
platforms to the TFTP Server

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Built-in Switch Group


3 ( 2960)

Cisco Confidential

17

Built-in Groups
Switches belonging to the same model = 1 Built-in group
3750E 48 port and 3750E 48-poe are 2 groups
Image and config settings are specific to a group

Etherchannels
Increased bandwidth between Director and client switches
Etherchannel mode Desirable on Director
Etherchannel mode Desirable, Auto or Onon the client
Requires vlan 1 to be native on Director
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

18

Configuration Steps
1) Repeat steps 1 and 2 from Chapter-2 to enable SmartInstall
2) Create another DHCP pool for vlan 10 ( for device management on client)
3)

Configure Ether channel on ports connected to clients switches

Director#configureterminal
Director(config)#interfacePortchannel1
Director(configif)#switchporttrunkencapsulationdot1q
Director(configif)#switchportmodetrunk

Director(config)#interfacerangeGigabitEthernet1/0/34
Director(configifrange)#switchporttrunkencapsulationdot1q
Director(configifrange)#switchportmodetrunk
Director(configifrange)#channelgroup1modedesirable

4)

Configure Built-in groups for client switches

Director(config)#vstackgroupbuiltin3560e24
Director(configvstackgroup)#imagetftp://10.0.0.10/c3560euniversaltar.12252.SE.tar
Director(configvstackgroup)#configtftp://10.0.0.10/3560e24builtinconfig.txt
Director(config)#exit
Director(config)#vstackgroupbuiltin296024
Director(configvstackgroup)#imagetftp://10.0.0.10/c2960lanlitetar.12252.SE.tar
Director(configvstackgroup)#configtftp://10.0.0.10/296024builtinconfig.txt
Director(config)#end

Note that the image and config files are on an external TFTP server
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

19

Recommended Configuration Settings for Client


Switch config.text (Snippet)
Notice the ether channel config and new management VLAN. VLAN1 is still native.
interface Port-channel1
switchport mode trunk
!
interface FastEthernet0/1
switchport mode trunk
channel-group 1 mode desirable
!
interface FastEthernet0/2
switchport mode trunk
channel-group 1 mode desirable
!
interface FastEthernet0/3
switchport mode access
switchport access vlan 10
interface Vlan10
ip address dhcp
ip helper-address 10.30.0.3

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Uplinks to the Director,


on an ether-channel
link

New Management
Vlan 10
DHCP from Director

Cisco Confidential

20

What happens in the background?

1)

Director creates Imagelists.txt for each built-in group, places them in TFTP server

2)

Clients get IP on vlan 1 using DHCP pool from the Director

3)

Client download starts: ( 5 8 minutes)


1) Client first downloads the client_cfg.txt file
2) Client downloads the image file chosen by the Director after built-in group
match
3) Clients download the config files

4) Clients reboot with new image and config and get IP from vlan 10 ( new management
vlan)

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

21

Use cases for this scenario


Enterprises Campus/Branch with mixed switch model deployment :

Different platform switches

Multiple links between switches - redundancy

Centralized Management for image and config files

Dedicated external server for software image and config file storage

Best Practices

Migrate to new management vlan on client switches

Image tar file only

TFTP server create subdirectory with full read-write access ( Refer Chpt 4)

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

22

Chapter 4: SmartInstall Fully Loaded


In this chapter, you will learn how to:

Configure custom client groups

Schedule an upgrade Join Window

External
TFTP server
for clientswitch
images and
config

Director Switch
(3750E)

Client Switches

Configuration backup

Zero Touch Switch Replacement

Built-in Switch
Group 1 (3560
series)

On-demand upgrades

Custom Switch
Group 1 ( PID
based)

Custom Switch
Group 2
(connectivity
based)

Before you Begin


Copy client switch images in tar format to
the TFTP server
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

23

Custom Groups

Identify client switches that need different images and configs from the built-in
group
Enhances deployment flexibility

Group Types :
PID based
Connectivity based
MAC based
Stack based

Two switches of the same model custom and built-in possible

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

24

PID Based Custom Groups

Director
Switch

Identifies clients based on their PID (model)


Example of a PID: WS-C3560E-48TD-S

Client 1:
PID: WS-C3560E48PD-E

When to use this type?

Future proofing, models that dont have built-in groups

Different images for different PIDs of same switch

Config :

Client 3:
PID: WSC3560E-12D-E

Client 2:
PID: WSC3560E-48PD-S

Director(config)#vstackgroupcustomcust2productid

Director(configvstackgroup)#image
tftp://10.0.0.10/Imagelists/c3560euniversaltar.12253.SE.tar

Director(configvstackgroup)#config
tftp://10.0.0.10/Imagelists/3560econfig.txt
Director(configvstackgroup)#matchWSC3560E48TDS

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

25

Connectivity Based Custom Groups


Director Switch
IP: 10.30.0.3

Based on uplink host IP and physical interface

Gig 1/0/10

When to use this type of custom group?

Only location of the Client switch is known


Multi-hop networks
Different software versions on switches of the same
family

Switch:
IP 10.30.10.51

Gig 1/0/5 Client 2

Uplink
Connectivity

Client 1

Config:

Director(config)#vstackgroupcustom2960customconnectivity
Director(configvstackgroup)#imagetftp://10.0.0.10/Imagelists/c2960
lanlitetar.12252.SE.tar
Director(configvstackgroup)#configtftp://10.0.0.10/Imagelists/2960
configSI.txt
Director(configvstackgroup)#matchhost10.30.10.51interface
GigabitEthernet1/0/5
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

26

MAC Address Based Custom Group


Director matches for client switch MAC address

Director Switch
IP: 10.30.0.3

Takes the highest priority in the client group matching algorithm


MAC address can be obtained as follows:
sh vstack status on the Director Switch
sh ver on the client switch Base Ethernet MAC address
Label on/back of the switch
Link
Redundancy

When to use this type of connectivity?


Dynamic client-director connectivity
Switch family and software version diversity in the network

Client 1

MAC Address
based group

Configuration
Director#configureterminal
Director(config)#vstackdirector10.30.0.3
Director(config)#vstackbasic
Director(config)#vstackgroupcustomtextgroup3mac
Director(configvstackgroup)#matchmac0023.34ca.c180
Director(configvstackgroup)#matchmac001a.a1b4.ee00
Director(configvstackgroup)#imagetftp://101.122.33.10/c3750ipbasetar.122
52.SE.tar
Director(configvstackgroup)#configtftp://101.122.33.10/375024ipbase_config.txt
Director(configvstackgroup)#exit
Presentation_ID
2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential

27

Stack Based Custom Groups

Director Switch
IP: 10.30.0.3

Designed for clients in Stackwise/Stackwise+/Flexstack


deployment
Match criteria Member number, switch model, port/poe
for each switch member
Supports stack members of the same series only
Ex: Stack of 3750 switches or 3750e series or 3750x series; but
not a combination of 3650, 3750E and 3750X

Stack of 4
3750 switches

Configuration:
Director(config)#vstackgroupcustomtestgroupstack
Director(configvstackgroup)#image
tftp://10.0.0.10/c3750ipbasetar.12252.SE.tar
Director(configvstackgroup)#config
tftp://10.0.0.10/3750stack_config.txt
Director(configvstackgroup)#match1375048poe
Director(configvstackgroup)#match2375024
Director(configvstackgroup)#match3375024
Director(configvstackgroup)#exit
Director(config)#end
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

member
number in
the stack

28

All Groups Working Together


External
TFTP server
for clientswitch
images and
config

Director Switch

Infrastructure Switches

Datacenter Switches

Built-in Switch
Group (3750X
series)

Custom Switch Group


( MAC address based
based)

Switch connected
to IP phones

2008 Cisco Systems, Inc. All rights reserved.

Stack based custom


group

Switch connected to
APs and IP Cameras

Custom Group
(connectivity based)

Presentation_ID

Wiring Closet

Custom Switch
Group ( PID based )

Cisco Confidential

29

Join Window
Join Window
Schedule a time-window for zerotouch image and config upgrades
Clients cannot download
image/config outside the window
Security prevents unexpected
switches from getting image and
config files

Config
Director(config)#vstackjoinwindowstart[date]hh:mm[interval]
[enddate][recurring]}

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

30

Configuration Back-up
Saves client switchs config on Director/TFTP Server
Centralized repository of most current client switch configs
Enabled by default when SmartInstall is enabled
When/How is config backup useful?
Helps maintain config files for all client switches and track config changes
Makes switch replacement quick and easy
Automated round the clock network config management
Configuration
Director(config)#vstackbackupfileservertftp://10.0.0.10/Imagelists/configsIN
thiscase,configfileisstoredonTFTPserver,overridesflash:vstack

Every time a client does wr a copy gets created on the backup server for the switch client_ID
By default, config files are stored on the Director at flash:vstack unless configured otherwise

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

31

Zero Touch Switch Replacement


Config Backup is configured
Client Switch goes bad
Catalyst 3750E

Director gets an update that client switch has


changed to inactive state.
Network personnel replaces the bad switch
with a new switch of the exact same model
and on the same switch port
New client switch downloads image and
most recent config

Catalyst 2960

Switch failure

Client switch reboots and is ready for use

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

32

On-Demand Upgrades
Admin can upgrade client switch images and configs whenever
needed
Could be selective upgrade or for the whole network
Single Switch Upgrade
Director#vstackdownloadimagetftp://10.0.0.10/c2960lanlite
tar.12252.SE.tar1.1.1.30mypasswordreloadin06:30
Director#vstackdownloadconfig
tftp://101.122.33.20/2960LANlite_config.txt1.1.1.30mypassword
reloadin06:30

Built-in Group Upgrade


Director#vstackdownloadimagebuiltin3560e24mypassword
overridereloadin6:30
Director#vstackdownloadconfigbuiltin3560e24mypassword
reloadin06:30

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

33

Complete Management Solution


Config Protection - Constant client switch config backup

Customization Custom Groups


Easy Switch Identification Hostname Prefix
Secured Upgrade Window Join Window
On Demand Upgrade
Use Case Campus topology with different switch models,
same model different software images, different configs, auto
config back up

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

34

Agenda
Chapter 1 : SmartInstall Introduction

Chapter 2: SmartInstall Very Simple Deployment


Chapter 3: SmartInstall - Medium Complexity
Chapter 4: SmartInstall - Fully Loaded
Chapter 5: SmartInstall Best Practices &
Troubleshooting

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

35

Chapter 5: SmartInstall Best Practices &


Troubleshooting
Importance of Vlan 1
SmartInstall operates on vlan 1
It is the default native vlan - helps etherchannel
Enabled by default on client switches with zero config
Clients devices send DHCP request on vlan 1 by default

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

36

Files Created during SmartInstall Operation


Client_cfg.txt

Enabling Smart Install creates a client_cfg.txt file.

Stored in the Director Switch flash

Client Switch downloads this file & establishes Client-Director link.

DO NOT delete this file from the Director flash

client_cfg.txt contains:
!
version12.2
!
enablepasswordcisco
!
usernamecisco
!
dotelnet10.0.0.3318843
!
end
!
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

37

Files created during SmartInstall Operation


Continued..
Imagelists
Imagelist is created by the Director switch for every defined group
It contains the name of the tar image file for that client group
Built-in group names as created by the Director:
2960-48-lanlite-imagelist.txt
Built-in group for C2960 with
48 ports, running lanlite image
2960-custom-imagelist.txt
Imagelist name for custom
group named 2960-custom
Contents of an Imagelist:
Imagelists/c3750e-universal-tar.122-53.SE.tar
The image tar file is placed inside a subfolder in the TFTP Server

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

38

TFTP Server Settings


Director Switch Flash Based TFTP Server:
Pros

Cons

Client image file, config file


and back-up config versions
on the Director flash

Limited storage space due


to flash size restriction

Avoids the use of external


TFTP server

Uses extra system


resources when client
switches read the flash for
image/config

Recommended when: All client switches are of the same


model

External TFTP Server:

Pros

Cons

Lots of storage space for


images, config and backup
config files for multiple client
switch groups

Requires an external TFTP


device extra infrastructure

Saves space on the director


flash

Extra config for file permissions


in case of a Linux TFTP Server

Recommended when:
1) Many client groups are defined
2) Multiple Directors are configured
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

39

Troubleshooting SmartInstall
When Imagelist transfer to TFTP fails, check for:
Write permission on external TFTP server
Available space on TFTP server
Switch TFTP server connectivity
Pre-existing imagelist with the same name
image upgrade scenario

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

40

Troubleshooting SmartInstall contd..


When SmartInstall image and config upgrade
fails, check the Client Switch for:
Insufficient flash size on client
Small flash with multiple images, config, crashinfo
files
No space available for new image download
Solution Admin has to manually delete
unnecessary files
Client switch console is someone actively working
on the client switch CLI?
Connectivity does client switch have IP address on
vlan 1?
Correct built-in group choice
Custom group match criteria
Correct image, config file
Supported hardware when using built-in group
Presentation_ID
2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential

41

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

42

TFTP Server settings on Linux ( backup slide )


Create TFTP subfolder
$ sudo mkdir /tftpboot/Imagelists
$ sudo chmod -R 777 /tftpboot/Imagelists/
$ sudo chown -R nobody /tftpboot/Imagelists/
Create /etc/xinetd.d/tftp and add this entry

-service tftp
{
protocol
= udp
socket_type = dgram
wait
= yes
user
= root
server
= /usr/sbin/in.tftpd
server_args = -s -c /tftpboot <<<<<<<< should have a -c
disable
= no
}
- Restart the server using - restart xinetd
Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

43

Q&A

Presentation_ID

2008 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

44