Cisco WS-C2960X-24TS-LL User Manual
Cisco Smart Install Configuration Guide
December 10, 2014
Cisco Systems, Inc.
www.cisco.com
Cisco has more than 200 offices worldwide.
Addresses, phone numbers, and fax numbers
are listed on the Cisco website at
www.cisco.com/go/offices.
Text Part Number: OL-28027-01
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this
URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display
output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in
illustrative content is unintentional and coincidental.
Cisco Smart Install Configuration Guide
© 2009-2014 Cisco Systems, Inc. All rights reserved.
CONTENTS
Introduction 1-1
Smart Install Director 1-3
Image List File 1-5
Configuration Files 1-6
Smart Install Clients 1-6
Smart Install Groups 1-9
DHCP and Smart Install 1-10
Adding a Client Switch to the Network 1-11
Backing Up the Client Configuration 1-12
Replacing a Client Switch 1-12
Using a Join Window 1-13
Configuring Join Window Mode 1-14
Updating Client Switches 1-15
Zero-Touch Installation 1-15
Contents
Connecting to a Client Switch 1-16
Configuration Guidelines and Recommendations 2-1
DHCP Configuration Guidelines 2-4
Configuring the DHCP Server 2-4
Configuring the Director as the DHCP Server 2-5
Configuring Another Device as DHCP Server 2-6
Configuring the TFTP Server 2-8
Establishing a Remote Client Session 2-8
Configuring a Network with Single or Mixed Switch Types 2-9
Configuring a Network That Includes a Single Switch Type 2-9
Using Built-In Groups to Configure a Mixed Network with Two Switch Types 2-12
Updating On-Demand to a New Image or Configuration 2-16
Configuring Custom Group Based on Connectivity 2-19
Configuring a Custom Group Based on MAC Address 2-21
Configuring a Custom Group Based on a Stack Number 2-23
Custom Group Based on Product ID 2-26
Managing Client Configuration Files 2-28
Backing Up Files after Loss of Connection 2-28
Extracting and Displaying Tar Files 2-28
OL-28027-01
Other Configuration Options 2-29
Disabling Smart Install on a Device 2-29
Managing File Downloads on Clients 2-29
Download Management for Non-Smart Install Clients 2-29
Cisco Smart Install Configuration Guide
iii
Contents
Download Management for Smart Install Clients 2-29
Configuring a Client Hostname Prefix 2-30
Configuring Additional Smart Install Management VLANs 2-30
Configuring a Group for Standalone Catalyst 4500 Series Switch 2-31
Restrictions and Guidelines 2-32
The Procedure 2-32
On-Demand Upgrade for Catalyst 4500 Series Switch IBC 2-36
Support for Post-install Operations 2-37
Configure a Script for Default Mode 2-38
Configure a Script for the Built-in Group Mode 2-39
Configure a Script for Custom Group Mode 2-40
Smart Install Configuration Examples 2-41
Director as the TFTP Server 2-41
Before Configuring the Director 2-41
Configure a Director 2-42
Third-Party, Non-Cisco IOS Device as the TFTP Server 2-43
Before Configuring the Director 2-43
Configure the Director 2-43
Information about SMI Proxy 4-1
How SMI Proxy Interacts with Smart Install Devices and the PnP Agent 4-2
How SMI Clients and Directors Communicate 4-2
How SMI Proxy and PnP Agent Communicate 4-2
SMI Proxy and Tailored Configuration Files 4-3
SMI Proxy Database 4-3
Enabling Proxy on the Device 4-4
Unsupported Services 4-5
Guidelines and Restrictions 4-6
SMI Proxy CLI Commands 4-7
4-19
SNMP MIBs 5-1
Cisco Smart Install MIB 5-1
Downloading and Working with MIBs 5-2
Guidelines for Working with MIBs 5-2
Downloading MIBs 5-3
System Messages 5-3
How to Read System Messages 5-3
Error Message Traceback Reports 5-4
Output Interpreter 5-4
Bug Toolkit 5-5
iv
Cisco Smart Install Configuration Guide
OL-28027-01
Smart Install System Messages 5-5
Minimum Cisco IOS Release for Major Features C-1
Contents
OL-28027-01
Cisco Smart Install Configuration Guide
v
Contents
vi
Cisco Smart Install Configuration Guide
OL-28027-01
Preface
This guide provides procedures for installing and using Smart Install and using the related commands.
For information about other standard Cisco IOS Release 12.2 commands or Cisco IOS Release 15.0, see
the Cisco IOS documentation set available from the Cisco.com home page at Products & Services >
Cisco IOS and NX OS Software> Cisco IOS.
This guide does not describe system messages you might encounter or how to install your device. For
more information, see the system message guide and the hardware installation guide for the device.
For documentation updates, and other late information, see the release notes for the specific device for
this release.
Conventions
This publication uses these conventions to convey instructions and information:
Command descriptions use these conventions:
Interactive examples use these conventions:
Notes and cautions use these conventions and symbols:
Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in
this manual.
• Commands and keywords are in boldface text.
• Arguments for which you supply values are in italic.
• Square brackets ([ ]) mean optional elements.
• Braces ({ }) group required choices, and vertical bars ( | ) separate the alternative elements.
• Braces and vertical bars within square brackets ([{ | }]) mean a required choice within an optional
element.
• Terminal sessions and system displays are in screen font.
• Information you enter is in boldface screen font.
• Nonprinting characters, such as passwords or tabs, are in angle brackets (< >).
Cisco Smart Install Configuration Guide
1
Caution Means reader be careful. In this situation, you might do something that could result in equipment
damage or loss of data.
Related Publications
• Catalyst 6500 Supervisor Engine 2T-10GE
http://www.cisco.com/en/US/products/hw/switches/ps708/tsd_products_support_series_home.htm
l
• Catalyst 4500
http://www.cisco.com/en/US/products/hw/switches/ps4324/tsd_products_support_series_home.ht
ml
• Catalyst 3850
http://www.cisco.com/en/US/products/ps12686/tsd_products_support_series_home.html
• Catalyst 3750-X
http://www.cisco.com/en/US/products/ps10745/tsd_products_support_series_home.html
• Catalyst 3750-E
http://www.cisco.com/en/US/products/ps7077/tsd_products_support_series_home.html
• Catalyst 3750
http://www.cisco.com/en/US/products/hw/switches/ps5023/tsd_products_support_series_home.ht
ml
• Catalyst 3650
http://preview.cisco.com/en/US/products/ps13133/products_installation_and_configuration_guides
_list.html
• Catalyst 3560
http://www.cisco.com/en/US/products/hw/switches/ps5528/tsd_products_support_series_home.ht
ml
• Catalyst 3560-E
http://www.cisco.com/en/US/products/ps7078/tsd_products_support_series_home.html
• Catalyst 3560-X
http://www.cisco.com/en/US/products/ps10744/tsd_products_support_series_home.html
• Catalyst 2975
http://www.cisco.com/en/US/products/ps10081/tsd_products_support_series_home.html
• Catalyst 2960, Catalyst 2960-S, and Catalyst 2960-SF
http://www.cisco.com/en/US/products/ps6406/tsd_products_support_series_home.html
• Catalyst 2960-X
http://www.cisco.com/en/US/products/ps12995/tsd_products_support_series_home.html
• Catalyst 2960-XR
http://www.cisco.com/en/US/products/ps13078/tsd_products_support_series_home.html
Cisco Smart Install Configuration Guide
2
• IE 2000
http://www.cisco.com/c/en/us/support/switches/industrial-ethernet-2000-series-switches/tsd-produ
cts-support-series-home.html
• IE3000
http://www.cisco.com/c/en/us/support/switches/industrial-ethernet-3000-series-switches/tsd-produ
cts-support-series-home.html
• IE3010
http://www.cisco.com/c/en/us/support/switches/industrial-ethernet-3010-series-switches/tsd-produ
cts-support-series-home.html
• EtherSwitch Network Modules
https://www.cisco.com/en/US/docs/ios/lanswitch/configuration/guide/lsw_enet_switch_net_extern
al_docbase_0900e4b18090920b_4container_external_docbase_0900e4b18096f791.html
Obtaining Documentation, Obtaining Support, and Security Guidelines
For information on obtaining documentation, submitting a service request, and gathering additional
information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and
revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed
and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free
service and Cisco currently supports RSS version 2.0.
Cisco Smart Install Configuration Guide
3
Cisco Smart Install Configuration Guide
4
Introduction
CHA PTER
1
Smart Install Overview
• Introduction, page 1-1
• DHCP and Smart Install, page 1-10
• Adding a Client Switch to the Network, page 1-11
• Backing Up the Client Configuration, page 1-12
• Updating Client Switches, page 1-15
• Connecting to a Client Switch, page 1-16
Smart Install is a plug-and-play configuration and image-management feature that provides zero-touch
deployment for new switches. You can ship a switch to a location, place it in the network and power it
on with no configuration required on the device.
A network using Smart Install includes a group of networking devices, known as clients, that are served
by a common Layer 3 switch or router that acts as a director. In a Smart Install network, you can use the
Zero-Touch Installation process to install new access layer switches into the network without any
assistance from the network administrator. The director provides a single management point for images
and configuration of client switches. When a client switch is first installed into the network, the director
automatically detects the new switch, and identifies the correct Cisco IOS image and the configuration
file for downloading. It can allocate an IP address and host name to a client. If a standalone switch in the
network is replaced by another switch of the same SKU (a switch with the same product ID), it
automatically gets the same configuration and image as the previous one. The director can also perform
on-demand configuration and software image updates of a switch or a group of switches in the network.
Zero-touch updates also take place on preconfigured switches after you have entered the write erase and
reload privileged EXEC commands to clear the configuration.
Caution If you touch the console keyboard during a zero-touch update and attempt to enter a command or a return
on the switch, the auto install and Smart Install processes stop. To recover and restart the process, at the
system prompt, enter the write erase and reload commands on the client and restart the process.
The director can act as a DHCP and TFTP server and can store the configuration and image files. These
files can also be stored on a third-party TFTP server for the director to use. The client can download the
image and configuration files from the director TFTP server or from a remote server.
Cisco Smart Install Configuration Guide
1-1
Introduction
TFTP
server
Aggregation layer
Access layer
Intermediate
switch
206531
DHCP
server
Director
Chapter 1 Smart Install Overview
Note Switches running releases earlier than 12.2(52)SE are not Smart Install capable, but they can be Smart
Install clients if they support the archive download-sw privileged EXEC command. Smart Install clients
can be Layer 2 or Layer 3 switches. Switches running Cisco IOS Releases 3.2(0)SE and later, and 15.0
(2)SE and later, 3.6.(0)E, and 15.2.(2)E support Smart Install.
See Appendix A, “Supported Devices for Smart Install” for a list of supported routers and switches, the
roles they can play (client or director), and the required software releases.
In a typical Smart Install network, a client switch uses DHCP to get an IP address and the director snoops
DHCP messages. For a client to participate in Smart Install zero-touch update, it must use DHCP, and
all DHCP communication must pass through the director so that it can snoop all DHCP packets from
clients. The most automatic operation is when all switches in the Smart Install network use DHCP and
are Smart Install capable. However, any client switch that supports the archive download-sw privileged
EXEC command to download a software image can be used in a zero-touch Smart Install network. Cisco
IOS Release 3.2(0)SE and later, support software install.
Note A Smart Install network can have only one director.
A client switch can participate in Smart Install even if it is not directly connected to the director. The
Smart Install network supports up to seven hops. Intermediate switches or clients connected to the
director through an intermediate switch in a multihop environment can be,
but are not necessarily
Smart Install capable, provided the management VLAN is set to default VLAN 1.
If you use a VLAN other than vlan 1 for management, then the intermediate switch must be Smart Install
capable switch.
Figure 1-1 shows a Smart Install network with external DHCP and TFTP servers. There can be only one
director amongst TFTP servers in any Smart Install network. The director can also serve as the DHCP
and TFTP server.
Figure 1-1 Typical Smart Install Network Diagram
Cisco Smart Install Configuration Guide
1-2
Chapter 1 Smart Install Overview
A Smart Install network can be:
• A network where all client switches are of the same product ID (PID), for example,
WS-2960S-48FPS-L. In this case, you can identify a default image and a seed or basic configuration
to use on all client switches.
• A network that includes switches with different PIDs. In these networks, you can configure switch
groups and specify that the same images and seed configuration files are applied to all switches in
the group. A group can be based on a predefined PID, or you can create groups based on product ID,
MAC address, switch stack number, MAC address, or client switch connectivity to a specific
upstream neighbor. When switches in a group are replaced by another switch with the same product
ID, the replacement switch receives the same configuration and image.
After a switch has an image and basic configuration, you can configure specific features on individual
switches and save the configuration to the startup configuration file.
Switches participating in Smart Install zero-touch updates must use DHCP to obtain their IP addresses.
DHCP options are used to send:
• Image filename and location
• TFTP server IP address
• Hostname
Introduction
• Configuration filename
• Director IP address to the other switches
When a director is configured and a client joins the Smart Install network, Smart Install is automatically
enabled on these devices. Beginning with Cisco IOS Release 12.2(58)SE, XE 3.4SG, 15.1(2)SG,
15.1(1)SY, 15.0(2)SE, 3.2(0)SE and later, 3.6.(0)E, or 15.2.(2)E, you can disable Smart Install on a
device and also shut down its Smart Install TCP ports by entering the no vstack global configuration
command on the client or director. When Smart Install is disabled on a device, any Smart Install
configuration on it remains in the running configuration but does not take effect while Smart Install is
disabled. To reenable Smart Install on the device, enter the vstack global configuration command.
These sections include more detailed information on Smart Install components:
• Smart Install Director, page 1-3
• Smart Install Clients, page 1-6
• Smart Install Groups, page 1-9
Smart Install Director
The director in a Smart Install network must be a Layer 3 switch running Cisco IOS Release 12.2(52)SE
or later, XE 3.4SG, 15.1(2)SG, 15.0(2)SE or later, 15.1(1)SY or later, 3.2(0)SE or later, or a router
running Cisco IOS Release 15.1(3)T or later. See Appendix A, “Supported Devices for Smart Install”
for a list of routers and switches that can perform the role of Smart Install director.
Note IE2000 IE3000, and IE3010 support Director with Cisco IOS Release 15.2(2)E.
To configure a device as director, enter the IP address of one of its Layer 3 interfaces in the vstack
director ip_ address global configuration command and enable it as director by entering the vstack
basic command.
Cisco Smart Install Configuration Guide
1-3
Introduction
Chapter 1 Smart Install Overview
Note If you have entered the no vstack global configuration command to disable Smart Install on a device,
the vstack director ip_ address and vstack basic global configuration commands are not allowed on the
device. To reenable Smart Install on a device, enter the vstack global configuration command.
When a device is configured as director, The VLAN on which the DHCP snooping is automatically
enabled becomes VLAN 1 by default. The director begins building the director database in VLAN 1. To
specify another VLAN for Smart Install management, you can use the vstack startup-vlan global
configuration command. Depending on the VLAN that is specified in the command, DHCP snooping is
enabled on that VLAN so that the director can identify new switches that are connected to the network,
known as non-VLAN 1 switches.
The database lists the client devices in the Smart Install network and includes this information:
• Type of switch (PID) for all switches, including switches in a stack
• MAC addresses for all switches, including switches in a stack
• IP address of the switch or stack
• Hostname
• Network topology including neighbors interfacing with the switch
• Serial number (only Smart Install capable switches)
Note When the director is a switch, DHCP snooping is enabled on VLAN 1 by default. It is also enabled on
other Smart Install management VLANs that are configured by entering the vstack vlan vlan-range
global configuration command. You can use the vstack startup-vlan global configuration command to
specify another VLAN that should be used for Smart Install management. Cisco IOS Releases
15.1(1)SY, 15.0(2)SE or later, 15.1(2)SG, 3.6.(0)E, 15.2.(2)E, and Cisco IOS XE 3.4SG support
non-VLAN1 management and provide the ability to discover the client switches available on
non-VLAN1.
In a Smart Install network that uses DHCP to assign IP addresses, you only need to configure the
director. Client switches do not require any configuration. Although you can enter command-line
interface commands on clients, configuration commands do not take effect unless the switch assumes the
role of director.
Note You can configure the vstack commands in client mode. but this is effective only when the switch is
converted to a director.
There can be only one director for a set of clients and you cannot configure a backup director. If the
director fails:
• Director database must be rebuilt.
• Any update being performed for a non-Smart Install-capable switch might fail.
• The accumulated download status is lost.
• A configuration backup might not occur before the director restarts.
1-4
The director can change status and become a client switch if:
• The director interface that has the director IP address shuts down.
• The director interface that has the director IP address is deleted.
Cisco Smart Install Configuration Guide
Chapter 1 Smart Install Overview
• The director IP address is changed.
If the director becomes a client, DHCP snooping is disabled, and the director database is no longer used.
If the director IP address is provided by DHCP and you configure a different director IP address on a
client switch, the client is longer part of the director’s Smart Install network.
Smart Install relies on a TFTP server to store image and configuration files. The TFTP server can be an
external device, or the director can act as a TFTP server. If the director is the TFTP server, the available
flash file space on the director must be adequate to accommodate the client Cisco IOS image and
configuration files. See the “Configuring the TFTP Server” section on page 2-8.
In a Smart Install network using DHCP, the DHCP server can be an external device or the director can
act as the DHCP server. See the “Configuring the DHCP Server” section on page 2-4. The director
snoops all DHCP packets that pass through it on VLANs that are configured as Smart Install
management VLANs. All network DHCP packets from intermediate or client switches or from an
external DHCP server must pass through the director. The director must be able to snoop all DHCP
packets from clients.
Note Smart Install options in the DCHP offer are option 125, suboption 5 (the image list file), option 125
sub-option 16 (the director IP address), and option 67 (the configuration file).
Introduction
Image List File
Note In Catalyst Switches 3850 and 3650, the image is a bundled with .bin extension.
The director builds a topology director database for the network by collecting information from the
network Smart Install switches. The director uses the database:
• To assign a configuration file and image to a client.
• As a reference to obtain the PID, the image name, and the configuration file for an on-demand
update of network switches.
The director periodically updates the director database based on CDP updates that it receives from
neighbor switches and from Smart Install messages sent to the director by Smart Install capable clients.
The updates contain information about the client neighbors.
An image list identifies the images to be loaded on the client. The image list file is the file that contains
the correct image name for the client. When the director is the TFTP server, this file is stored in flash
memory. Otherwise, it is stored in a remote, third-party TFTP server.
• When the file is stored in the director, the prefix for the image list is flash://, usbflash0://,
bootflash://, bootdisk://, or disk0:// based on the appropriate file systems available on the switch.
• When the file is stored in a remote TFTP server, the prefix is tftp://ip_address/image.tar.
Images must be stored either on the director or on the third-party TFTP server.
For a standalone switch, the image list file contains a single image. For a stack, the image list contains
images for all members of the stack, which could be the same image or different images. For a switch
stack, the director creates the image list file after the user specifies the tar file for each switch in the
stack.
Starting with Cisco IOS Release 12.2(55)SE or later,15.1(1)SY, 15.0(2)SE and later, 3.2(0)SE and later,
XE 3.4SG, 15.1(2)SG, 3.6.(0)E, and 15.2.(2)E, when the user specifies the tar file for each switch, the
director automatically creates the imagelist file.
Cisco Smart Install Configuration Guide
1-5
Introduction
Note The upgrade process is initialized even when the imagelist file is copied manually, but the director tries
Configuration Files
Chapter 1 Smart Install Overview
When an external TFTP server is used, the director writes the image list file to the TFTP server. It is
recommended that the TFTP server permit the director to write the image list files to the TFTP Server.
If the director does not have permission to write to the file system of the TFTP server, the director logs
the failure in the system log. You can create the image list files and put them on the TFTP server
manually if the director fails to do so automatically; you cannot fix the issue that prevents the director
from writing to the TFTP server.
to copy the image list file to the TFTP server and the failure system log is displayed periodically.
The director manages these configuration files:
• Startup configuration—The configuration that a client uses when it boots.
• Seed configuration—A configuration on the director that is the basis for the client startup
configuration.
• Backup configuration—An exact copy of a client startup configuration stored in the director.
Smart Install Clients
Client switches have a direct or indirect connection to the director so that they can receive image and
configuration downloads from it. A switch becomes a Smart Install client when either director or when
the director IP address is configured on the switch manually. Client switches use the director database
for image and configuration downloads and receive the image and configuration files from the Smart
Install TFTP server.
A client switch can be an intermediate switch connected to another client switch. A client can be a
standalone switch or a switch stack.
• Director can download images and configuration of clients that are not Smart Install. However, such
clients are entered into the director database only if they are connected to a Smart Install capable
switch. The director can telnet to the client switch and use the archive download-sw privileged
EXEC command to download software to the switch. The director must know the client switch
password to perform the download.
• Smart Install capable switches can communicate directly with the director to update switch
information, can have images and configuration downloaded, and can be managed by the director.
A Smart Install capable client with the director IP address and connectivity to the director sends
switch and neighbor information to the director by using the Smart Install protocol.
Note Switches running Cisco IOS XE Releases 3.2(0)SE and later, 3.6.(0)E, and 15.2.(2)E support software
install.
1-6
All switches in the network with “network” connectivity to the director can be clients, whether or not
they are Smart Install capable. A client switch needs an IP address for management communication and
the director must be able to communicate with that IP address. Client switch IP addresses are assigned
by DHCP or statically configured.
Cisco Smart Install Configuration Guide
Chapter 1 Smart Install Overview
Smart Install capable clients send switch and neighbor information to the connected director for the
director database. Client switches that are not Smart Install capable or that are not connected to a Smart
Install capable switch are not entered into the director database. In a multihop topology, for the director
to get the complete topology overview, any client switch upstream of a group of clients must be Smart
Install capable. Clients not in the director database can get an on-demand update, but they cannot get a
zero-touch or group update.
Figure 1-2 shows some possible ways that clients can be interconnected in a network. Tabl e 1-1 and
Table 1 -2 shows the director database knowledge of each client and the type of update that is supported.
Note The topology shown in Figure 1-2 does not represent a typical Smart Install topology but is used to
demonstrate possible types of client interconnections.
Figure 1-2 Possible Interconnections of Smart Install Clients
Introduction
Director
Client 1
Client 2
Smart Install capable switch
Switch running an image earlier than Cisco IOS Release 12.2(52)SE
Smart Install capable switch supporting non-VLAN management
Note The Cisco IOS releases12.2(52)SE or later, XE 3.4SG, 15.1(2)SG, 15.1(1)SY and later, 15.0(2)SE and
Client 3
Client 4
Client 5
Client 6
Client 7
Client 8
276559
later, and 3.2(0)SE and later, support the director role. The Cisco IOS releases 15.0(2)SE, 15.1(1)SY,
15.1(2)SG, XE 3.4SG, 15.0(2)EX, 15.0(2)EX1, 3.6.(0)E, and 15.2.(2)E are Smart Install capable
switches, supporting non-VLAN 1 management and providing the ability to discover the client switches
available on non-VLAN 1.
Table 1 -1 shows the switches that are in the director database and how the director obtained the
information. When a client is a single hop from the director, the client uses CDP to send the director
information about itself. When a client is a Smart Install capable switch, it sends information to the
director about itself and its neighbors.
Cisco Smart Install Configuration Guide
1-7
Introduction
Chapter 1 Smart Install Overview
Table 1-1 Director Database Contents of Client Switches
In Director
Client Switch
Client 1 Yes Learned from CDP and from Smart Install. The client also sends
Client 2 Yes Information received from Client 1.
Client 3 Yes Learned from CDP.
Client 4 No No information available. The client is not an immediate neighbor
Client 5 Yes Learned from CDP.
Client 6 No No information available. The client is not an immediate neighbor
Client 7 Yes Learned from CDP and from Smart Install. The client also sends
Client 8 Yes The information to Client 8 will be sent by Client 7 via
Database? Source of Database Information
information about its neighbor (Client 2).
of the director or another Smart Install switch.
of the director or another Smart Install switch.
information about its neighbor Client 8. Client 7 is a non-VLAN 1
switch.
non-VLAN1. Client 8 is a non-VLAN 1 switch.
Table 1 -2 shows the director database knowledge of each client and the type of update that is supported
in various software versions. For information about Smart Install supported switches, routers, and
minimum software releases for directors and clients, see Supported Devices for Smart Install.
Table 1-2 Types of Updates Supported by Each Client
Device Software Version
Zero-Touch
Update
On-Demand
Update of Client
On-Demand Update of
Group
Client 1 12.2(52)SE or later Yes Yes Yes
Client 2 Earlier than 12.2(52)SE Yes Yes Yes
Client 3 Earlier than 12.2(52)SE Yes Yes Yes
Client 4 12.2(52)SE or later Yes Yes Yes
Client 5 Earlier than 12.2(52)SE Yes Yes Yes
Client 6 Earlier than 12.2(52)SE Yes Yes No. Switch not in
director database.
Client 7 15.0(2)SE, 15.1(1)SY,
Ye s Ye s Ye s
15.1(2)SG, XE 3.4SG,
15.0(2)EX, 15.0(2)EX1,
3.6.(0)E, and 15.2.(2)E
Client 8 15.0(2)SE,15.1(1)SY,
Ye s Ye s Ye s
15.1(2)SG, XE 3.4SG,
15.0(2)EX, 15.0(2)EX1,
3.6.(0)E, and 15.2.(2)E
1-8
To see the types of Smart Install clients in a network, enter the show vstack status privileged EXEC
command.
Cisco Smart Install Configuration Guide
Chapter 1 Smart Install Overview
Director# show vstack status
SmartInstall: ENABLED
Status: Device_type Health_status Join-window_status Upgrade_status
Device_type: S - Smart install N - Non smart install P - Pending
Health_status: A - Active I - Inactive
Join-window_Status: a - Allowed h - On-hold d - Denied
Image Upgrade: i - in progress I - done X - failed
Config Upgrade: c - in progress C - done x - failed
Director Database:
DevNo MAC Address Product-ID IP_addr Hostname Status
===== ============== ================= =============== ========== =========
0 0018.7363.4200 WS-C3750-24TS 172.20.249.54 IBD-MXD-ST Director
1 0016.4779.b780 WS-C3750G-24TS 172.20.249.54 IBD-MXD-ST Director
2 d0d0.fd37.5a80 WS-C3750X-48P 172.20.249.54 IBD-MXD-ST Director
3 0026.5285.7380 WS-C3750E-24TD 172.20.249.54 IBD-MXD-ST Director
4 0024.13c6.b580 WS-C3750E-24TD 172.20.249.115 DEV-c6.b5c S A a
5 0021.a1ab.9b80 WS-C2960-48TC-S 172.20.249.249 DEV-ab.9bc S A a I C
6 0024.5111.0900 WS-C3750E-24TD 172.20.249.222 DEV-11.094 S A a I C
7 001d.45f3.f600 WS-C3750G-24TS 172.20.249.87 DEV-90.f64 S A a
8 0016.c890.f600 WS-C3750G-24TS 172.20.249.87 DEV-90.f64 S A a
9 001f.2604.8980 WS-C2960-48TC-S 172.20.249.89 DEV-04.89c S A a I C
10 001b.d576.2500 WS-C3750E-24PD 172.20.249.91 DEV-a6.1cc S A a I C
These fields were added in Cisco IOS Release 12.2(58)SE or 15.1(1)SY to provide more information
about each client:
Introduction
• Device type: S (Smart Install capable, running Cisco IOS Release 12.2(52)SE or later, 15.1(1)SY,
15.0(2)SE and later, 3.2(0)SE and later), 3.6.(0)E, or 15.2.(2)E, N (not a Smart Install device), or P
(pending, unable to determine).
• Device health status: Active (the director is receiving periodic updates from the device) or Inactive
(the device is disconnected or has not provided updates for three consecutive keepalive periods)
• Join window status: a (allowed), h (on hold), or d (denied). See the “Using a Join Window” section
on page 1-13.
• Upgrade status: An image update is i (in progress), I (complete), or X (failed). A configuration
upgrade is c (in progress), C (complete), or x (failed).
Smart Install Groups
When all switches in a Smart Install network have the same PID, they can run the same image and the
same seed (basic) configuration file. In this case, you can assign a default image and configuration file
for all clients. However, if there is more than one PID in the network or if you want a different
configuration file to run on some switches, depending on their function in the network, you should
configure Smart Install groups and assign an image and configuration file for each group.
• Custom groups take precedence over built-in groups and are based on:
–
–
Stack group—For switches in a stack, you can configure groups based on their number in the
stack. Stack groups are used only for switch stack upgrades, and clients do not need to be in the
director database. Starting with Cisco IOS Release 12.2(58)SE, 15.1(1)SY, 15.0(2)SE and later,
3.2(0)SE and later, 3.6.(0)E, and 15.2.(2)E if a stack is homogeneous (all one switch type), you
do not need to identify each switch type.
MAC address—You can create a custom group of specific switches by using the MAC addresses
of the switches to configure the group. You can include switches with the same or different
product IDs, as long as they use the same image and configuration file. Enter the show vstack
neighbors all privileged EXEC command to see the MAC addresses of switches in the Smart
Install network.
Cisco Smart Install Configuration Guide
1-9
DHCP and Smart Install
Chapter 1 Smart Install Overview
–
Connectivity—You can configure a custom group based on network topology; that is, all
switches that have the same upstream neighbor. Connectivity groups take precedence over
groups with matching product IDs or stack numbers. Connectivity groups include only
standalone switches (not switch stacks), and clients must be in the director database.
–
Product IDs (PIDs)—These product IDs are all supported models, including newer PIDs that
were not shipping when the software was released and therefore are not in the CLI. PID groups
include only standalone switches (not switch stacks), and clients do not need to be in the
director database.
The priority of custom groups from high to low is stack group, MAC address, connectivity, and
product ID.
• Built-in groups are based on PIDs that you can select from the CLI. These represent the fixed
Ethernet switching products that were shipping when the software was released, for example, 3750,
3560, 2975, 2960, 3850, and 3650.
Switches that belong to a group use the image and configuration file assigned to that group. If a client
switch does not belong to a group in the director database, it is assigned the default image and
configuration file.
Note If there is more than one switch PID in the network, we recommend configuring built-in or custom
groups. The default image and configuration is used in networks with only one product ID.
An example of the use of custom groups is a network where all client switches are the same PID, but one
requires a different configuration. For example, a retail store might have checkout counters and a
pharmacy, and the pharmacy switch requires a different configuration. The checkout counters would use
the default configuration, but you would create a custom group for the pharmacy.
DHCP and Smart Install
DHCP is recommended in Smart Install networks and is required for zero-touch updates. On-demand
updates do not require DHCP. In a DHCP network, DHCP snooping is automatically enabled on the
director. The director snoops DHCP offers and requests to and from the client switches and uses DHCP
snooping to insert the DHCP options used in the Smart Install operation.
However, because DHCP snooping is not supported on routed ports, you should not connect routed ports
directly to the client or the director.
A DHCP server in a Smart Install network can be positioned in one of these ways:
• The Smart Install director can act as the DHCP server in the network. When the DHCP offer goes
to the client switches, the director allocates the IP addresses and assigns configurations and images
and the hostname as DHCP options in the DHCP offer and DHCP acknowledgment. DHCP snooping
is automatically turned on for the director.
• The DHCP server can be another device (third-party server) in the Smart Install network. In this
case, DHCP packets between the clients and DHCP server must pass through the director.
1-10
Note You can configure a join-window time period so that the director can only modify the DHCP
offer and send the image and configuration files to the client during the configured window. The
join window restricts Smart Install for a specified period of time and acts as a security precaution
to control when a client can receive these files. See the “Using a Join Window” section on
page 1-13.
Cisco Smart Install Configuration Guide
Chapter 1 Smart Install Overview
• A third-party server and the director DHCP server can coexist in a network. In this case, the director
is responsible only for the DHCP requests of the switches in the Smart Install network. The director
maintains the Smart Install database and pool; other DHCP database functions are maintained by the
third-party server.
See the “Configuring the DHCP Server” section on page 2-4 for configuration instructions.
If the Smart Install DHCP server is the director or another device running Cisco IOS and the network
reloads, the server might assign new IP addresses to participating switches. If a switch IP address
changes, it might no longer be reachable. If the director IP address changes, it is no longer the Smart
Install director, which could break the director and client switch relationships. This is an unlikely but
possible corner-case occurrence. To prevent this occurrence, you should enable DHCP remembering by
entering the ip dhcp remember global configuration command or the remember DHCP-pool
configuration command on the DHCP server,
Non-Cisco IOS third-party DHCP servers require an IP-address-to-MAC-address binding to ensure that
the same IP address is given to a switch on a reload.
Note In Smart Install networks that do not use DHCP, you must manually configure the director IP address on
each client switch by entering the vstack director ip-address global configuration command. Client
switches require only the director IP address. Smart Install networks that do not use DHCP cannot
support zero-touch updates but can support on-demand update.
Adding a Client Switch to the Network
Adding a Client Switch to the Network
When a switch arrives from the factory, it contains the factory default image. When it is plugged in and
connected to the network and boots up, it tries to get its IP address from DHCP. When a device is added
to the network, a notification is sent to the director that a new client has joined. If the switch is connected
(directly or indirectly) to the Smart Install director, the director recognizes the new switch through
DHCP offers and acknowledgments. The director searches its database to determine if the switch
belongs to a configured group. If not, the director determines if the switch matches the Smart Install
network default PID. If the director has a configuration for the type of client that was added and if the
join window is open, the new client receives the image and configuration files.
Note When clients in a Smart Install network consist of more than one PID, you should configure built-in
groups or custom groups based on MAC address, connectivity, stack group, or product-ID, and define
the image and configuration files for each group.
If the DHCP Server is external or internal (running on the director), the director inserts options into the
DHCP response, informing the client where to download its IOS image and configuration file provided
the join window is open.
Note If a join window has been configured, the Smart Install configuration and image files are sent to the client
only during the configured time period. A client switch sends an error message if it cannot download an
image or configuration file due to misconfiguration, if the image or configuration file is not available, or
if a join window is configured and the DHCP acknowledgments occurs beyond the configured time
frame. See the “Using a Join Window” section on page 1-13 for more information.
Cisco Smart Install Configuration Guide
1-11
Backing Up the Client Configuration
After a switch has been added to the Smart Install network, you can do an on-demand download of an
image or configuration file to the client at any time if the switch meets these criteria:
• A switch that is not Smart Install capable must have an enable mode password and a valid IP
interface.
• A switch running the Smart Install image must have a valid IP interface.
If a client switch in the Smart-Install network is running Cisco IOS Release 12.2(55)SE or later, or
3.2(0)SE and later, 15.0(2)EX, 15.0(2)EX1, 3.6.(0)E, and 15.2.(2)E is replaced with a switch with the
same product ID, the new client receives the same image and configuration as the replaced client. Se the
“Replacing a Client Switch” section on page 1-12.
See Chapter 2, “Configuring Cisco Smart Install Devices” for typical configurations.
Backing Up the Client Configuration
After a client boots up, it sends a copy of its startup configuration to the director. This file is the backup
configuration for that client. Any time the user, directly or through the director, saves a client
configuration, a backup configuration is created. The configuration is stored on the local repository on
the director or on a remote repository on a server. The backup file is used to reconfigure a client during
a zero-touch replacement.
Chapter 1 Smart Install Overview
Note Client backup is supported only when the director and client are running Cisco IOS Release 12.2(55)SE
or later.
Client configuration backup is enabled by default. You can disable it by entering the no vstack backup
global configuration command. You enable the file backup feature on the director by entering the vstack
backup and you can configure a repository for the backup files. If you do not specify a repository, the
files are stored in the director flash:/vstack directory.
A client configuration backup is triggered:
• When the write memory privileged EXEC command is entered on the client.
• When the director boots up, it requests configuration information from clients and backs up these
configurations.
Replacing a Client Switch
You can use zero-touch replacement to exchange and install a like-type client in the Smart Install
network. When a new switch is added to the network, a CDP database update is sent to the director,
which determines if this is a new MAC address and therefore a new client. When a client needs to be
replaced and is removed from the network, the CDP database lists the removed client as inactive. If
another client MAC address with the same product-ID is detected on the same port, this client is
considered a replacement client. The director gives it the same image and configuration that the previous
client had.
The director removes the entry for the replaced client from the director database. If the replaced client
is put elsewhere in the network, the director creates a new entry for it that includes the client’s new
information.
1-12
Cisco Smart Install Configuration Guide
Chapter 1 Smart Install Overview
During a zero-touch replacement, the replacement client receives the last backed-up configuration file,
which is stored in the director or a remote repository. Client configuration files are backed up by default,
unless you disable this functionality on the director.
Only one Smart Install client can be replaced at a time on the same branch and only if there is one path
to the director.
Note Zero-touch replacement is supported only when the director and the replaced client are running Cisco
IOS Release 12.2(55)SE or later, 15.1(1)SY, 15.0(2)SE and later, 3.2(0)SE and later, 15.0(2)EX,
15.0(2)EX1, 3.6.(0)E, or 15.2.(2)E. When a client switch running an earlier release is replaced, the new
switch receives a seed replacement.
When the replacement client and existing client do not have the same product ID, port connections, or
interfaces, the replacement client is considered new to the Smart Install network. For example, a
replacement client must be connected to the same ports on the director and on other client switches as
was the original client. When a new device is added to the network, a notification is sent to the director
that a new client has joined. If the director has a configuration for the type of client that was added and
if the join window is open, the new client receives the image and configuration files.
Replacing a Client Switch
Using a Join Window
A join window is a time window during which the client can update image or configuration files. The
director can provide information about the image and configuration to the client only during this
window. A client attempting to join the Smart Install network outside the join window is not allowed to
do so and cannot update the image and configuration files.
Use the vstack join-window mode auto global configuration command to automatically update clients
with the latest image and configuration files when they are added during a join window. Use the no
vstack join-window mode global configuration command to put the client in a hold state.
Use the following commands to open or close a join window:
• Enter the vstack join-window start [date] hh:mm [interval] [end date] [recurring] global
configuration command to configure a time window to control downloads of configuration and
image files to client switches.
• Enter the vstack join-window close global configuration command to manually close a join
window, enter the no vstack join-window close global configuration command to manually open a
join window.
Note You cannot combine the vstack join-window start and [no] vstack join-window commands to close
and open the join window.
If a join window is configured, a zero touch update is possible only during the configured window. If a
switch connects to the director at any time other than during the join window, the Smart Install
configuration and image files are not automatically downloaded. Instead, the new switch receives the
default files from the DHCP server. This feature provides control of the files and prevents unauthorized
switches from receiving the Smart Install configuration.
If a join window is not configured, a zero touch update can happen at any time because that is the default
state.
When a join window is configured, and the DHCP acknowledgement occurs outside of the configured
window, a client switch sends an error message that it cannot download an image or configuration file.
Cisco Smart Install Configuration Guide
1-13
Replacing a Client Switch
Configuring Join Window Mode
The join window mode includes a hold state that adds an extra level of security for the client. The hold
state lets you control whether or not the client can receive a software upgrade, and how the upgrade is
performed. The hold-state is either on or off when the join window is active.
You configure automatic join window mode with the vstack join-window mode auto global
configuration command. In this mode, when a client joins the network, the director automatically
upgrades it when the join window is open.
When you set the mode to manual by entering the no vstack join-window mode global configuration
command, when a client joins the network during an open join window, the client is put on the hold list.
You can review clients on the hold list by entering the show vstack status user EXEC command. You
can remove a client from the hold list by entering the vstack on-hold-clients remove global
configuration command.
Note When a client has been removed from the hold state to allow that client to join the network, you must
restart the client to again put it in the hold state (if the mode is manual) or to automatically upgrade if
the mode is auto and the join window is open.
Chapter 1 Smart Install Overview
When a new client joins the network and the mode is set to auto, the join window state is active, whether
or not the join window is open or closed. When the mode is set to manual and the join window is open,
the client is put on the hold list. If the join window is closed, the client cannot join the network (denied).
Table 1 -3 lists the join window states and the actions that are allowed or not allowed for each state.
Table 1-3 Join Window States and Functionality
Join Window State Zero-Touch Updates On-Demand Updates Configuration Backup
Active Allowed Allowed Allowed
Deny Not allowed Allowed Allowed
Hold Allowed with user
Allowed Not allowed
intervention
Starting with Cisco IOS Release 12.2(58)SE,15.1(1)SY, 15.0(2)SE and later, 3.2(0)SE and later,
3.6.(0)E, and 15.2.(2)E, you can manually change the join window state for a client or multiple clients
from the denied state to the active or held state by using the vstack join-window-status index client-id
{allowed | held} privileged EXEC command.
1-14
Cisco Smart Install Configuration Guide
Chapter 1 Smart Install Overview
Updating Client Switches
Supported types of image and configuration updates:
• Zero-touch update—For a client with no configuration. This could be for the initial installation of
an image and configuration on a new client, for image and configuration installation on a client after
a write erase and reload, or, in case of a replacement switch, if vstack backup is enabled. The
Smart Install network must run DHCP to perform zero-touch updates.
On all clients, prior to Cisco IOS Release XE 3.5.0E and Cisco IOS 15.2(1)SG, only image+config
zero-touch upgrades were supported. With Cisco IOS Release XE 3.6.0E and Cisco IOS Release
15.2(1)SG, image+config zero-touch upgrade are no longer mandatory; zero-touch config alone and
zero-touch image alone upgrades are now supported on all clients.
• On-demand update—For clients that are already in the network and connected to the director.
On-demand updates can be performed on single client or on all clients that belong to a built-in group.
DHCP is not required for on-demand updates. The director needs the IP address of a client for a
single-client update if the client is not in a built-in group. For an on-demand update of a client
running an image earlier than 12.2(52)SE, the client must have an enable password and an IP
interface configured.
You can do zero-touch or on-demand updates to any Smart Install client switches. You can also use the
vstack download-image and vstack download-config privileged EXEC commands from the director to
update the image or configuration of any switch as long as the director has a connection (directly or
through another switch) to the switch. You can also telnet to a client switch and use the archive
download-sw privileged EXEC command to update switch software. When you telnet to a client switch,
you must know the switch enable passwords to do any configuration.
Beginning with Cisco IOS Release 12.2(58)SE, 15.1(1)SY, 15.0(2)SE, 3.2(0)SE and later, 3.6.(0)E, you
can perform a simultaneous update of multiple clients that have the same product ID and password by
entering the index numbers from the director database in the vstack download-image privileged EXEC
command.
Updating Client Switches
Zero-Touch Installation
A zero-touch installation is an update initiated by the director on a client switch that has no
configuration. You can perform a zero-touch installation on Smart Install capable switches and
non-Smart Install switches. The zero-touch installation occurs automatically with little or no
intervention. A switch with no configuration can be a new, out-of-box switch or one on which you have
entered the write erase and reload privileged EXEC commands.
During a zero-touch installation, do not touch the console keyboard or attempt to enter a command or
auto return on the switch. Else, the auto install and Smart Install processes stop. To recover and restart
the process, you need to return to the system prompt, enter write erase and reload commands, and
restart the process.
If the TFTP server is the director, the file is saved in the director root directory. If the server is another
device, it is saved in the tftproot directory. This is the default directory in the TFTP server where the files
to be sent using TFTP are stored. The imageclist file, the new configuration file, and the image are also
stored in this directory.
See the “Configuring the TFTP Server” section on page 2-8.
Cisco Smart Install Configuration Guide
1-15
Connecting to a Client Switch
Connecting to a Client Switch
To connect to the client switch command-line interface, enter the vstack attach {client-index |
client_ip_address} privileged EXEC command. The client-index number represents active clients in the
Smart Install network, displayed in the command-line help by entering a question mark (?) after the
vstack attach command. The same client number is valid until the client reboots.
Director# vstack attach ?
1 c3750-2042 @ IP 10.0.0.1 : MAC 0000.0040.4080
2 c3750-2045 @ IP 10.0.0.2 : MAC 0000.000c.0d80
A.B.C.D IP address of remote node to attempt attaching to
To attach to a client, the client switch must be configured for telnet service and have a configured enable
password.
Chapter 1 Smart Install Overview
1-16
Cisco Smart Install Configuration Guide
CHA PTER
2
Configuring Cisco Smart Install Devices
This section includes some basic scenarios and tasks that you might configure in a Smart Install network.
• Configuration Guidelines and Recommendations, page 2-1
• Configuring the DHCP Server, page 2-4
• Configuring the TFTP Server, page 2-8
• Establishing a Remote Client Session, page 2-8
• Configuring a Network with Single or Mixed Switch Types, page 2-9
• Updating On-Demand to a New Image or Configuration, page 2-16
• Using Custom Groups to Configure Groups Based on Connectivity, MAC Address, Stack Number,
or Product ID, page 2-18
• Managing Client Configuration Files, page 2-28
• Other Configuration Options, page 2-29
• Smart Install Configuration Examples, page 2-42
Configuration Guidelines and Recommendations
• If the startup configuration fails to download, the client can go into an infinite loop because there is
no startup configuration to update. The only way to recover from the loop is to press Enter when
the client is coming up after a reload so that the update process stops.
• When performing a zero-touch update, you should always update both the image and the startup
configuration files. To update only the image or only the configuration file, use the vstack
download-image or vstack download-config privileged EXEC commands for an on-demand
download instead.
• To update only the image or only the configuration file, use the vstack download-image or vstack
download-config privileged EXEC commands for an on-demand download instead.
• On the Catalyst 3750 and Catalyst 4500 series switches, beginning with Cisco Release IOS XE
3.6.(0)E, and Cisco Release IOS 15.2(1)SG,15. 0(2)SE, and 15.2.(2)E, the following combinations
of zero-touch upgrade are supported
–
Image and configuration zero-touch upgrade—User specifies both image and configuration on
the director.
–
Configuration-only zero-touch upgrade—User specifies configuration alone on the director.
–
Image-only zero-touch upgrade—User specifies image alone on the director.
Cisco Smart Install Configuration Guide
OL-28027-01
2-1
Configuration Guidelines and Recommendations
• On the Catalyst 4500 series switch director and client functionality is supported; beginning with
Cisco IOS Release IOS XE 3.6.(0)E the above mentioned combinations of zero-touch upgrade can
be configured on the director or client.
• For the above features to work on the client side, the clients must be running the image with Cisco
Release IOS 15.2(1)SG or higher.
Note For an on-demand download, update the image and configuration on the client with the vstack
download-image or vstack download-config commands.
If you trigger a zero-touch upgrade with backup enabled and Rev2 (such as, backed-up
configuration) accessible on the SMI director, the Rev2 is sent for an upgrade. If you accidentally
delete the Rev2 file, the zero-touch upgrade fails because the backup configuration is missing.
However, the client attempts another reload and boots with the seed (default) configuration, ensuring
a smoothly functioning zero-touch upgrade irrespective of the missing backup configuration.
If backup is enabled and an image-only upgrade is specified on the director, the client boots up with
the backed-up configuration and the image specified when the upgrade launches on the client.
However, if backup is disabled, the client boots with the image [alone] specified on the director for
that client.
Chapter 2 Configuring Cisco Smart Install Devices
• Switches are updated one hop at a time. The director cannot update switches in hop 2 while it is
upgrading switches in hop 1.
• Because DHCP snooping is not supported on routed ports, you should not connect routed ports
directly to the client or the director. Without DHCP snooping, the director will not detect a DHCP
request from the client, which prevents Smart Install from working on that client. Routed ports
cannot participate in Smart Install.
• For client switches with only 16 Mb of flash memory, before upgrading the Cisco IOS image, ensure
that there is enough free flash space available to download a new image and delete unnecessary files.
The configuration file might not be necessary because Smart Install can provide the configuration
file when the client boots up.
• In Catalyst 6500 Supervisor Engine 2T switches, flash size supports onboard and external disks to
download the image and the configuration file.
• The director can act as the TFTP server, eliminating the need for an external TFTP serving device.
Follow these guidelines when configuring the director as TFTP server:
–
The total flash space (used and free) on the director must be large enough to contain the director
image and configuration file and the image and configuration files required for client switches.
–
There must be enough available flash on the director to hold the client Cisco IOS images and
configuration files. The Cisco IOS image files vary in size, depending on the client switch
product IDs and whether or not crypto images are being installed.
–
When the director is the TFTP server, a copy of the configuration file for each client switch is
stored in the root directory of the flash file system on the director. There must be enough space
for each planned client group.
2-2
–
Most director switches have enough flash memory to hold one client Cisco IOS image and a
small number of client configuration files. For example, the Catalyst 3750 switch can have a
maximum flash size of 64 MB, which accommodates only 4 or 5 images, based on the image
size.
–
If the Smart Install network includes client switches with more than one product ID, you should
use an external TFTP server.
Cisco Smart Install Configuration Guide
OL-28027-01
Chapter 2 Configuring Cisco Smart Install Devices
–
When the director is the TFTP server, downloading a TFTP file will be slower than the external
TFTP server. If downloading the TFTP file is a priority, use an external TFTP server, especially
if there are multiple clients performing TFTP downloads simultaneously.
• If the TFTP server is a third-party (non-Cisco) device, you should disable the server option to
change the name of a file if another file is created with the same name. Otherwise, duplicate
imagelist files might be created.
• Client switches can be on any VLANs other than the default if the director is configured to snoop
on that VLAN (enter the vstack vlan vlan-id global configuration command) and if traffic from the
VLAN flows through the director.
–
The director can snoop on multiple VLANs extending to clients on different Layer 2 subnets.
–
Client switches can be on different routed subnets as long as there are routes between the
director and the subnet. In these cases, a relay agent between a client and director is required
for Smart Install downloads.
–
Smart Install does not function if the client is connected directly to a routed port on the director.
• Stacking considerations:
–
If the director is in a switch stack and a master switchover occurs when a non-Smart Install
client switch is being updated, the client switch update is not completed.
Configuration Guidelines and Recommendations
–
If the client switch is a stack and not all members are up and operational, downloading of new
images to the stack members fails.
–
Upgrading a stack requires configuring a custom group matching the stack group.
–
When a stack is upgraded, you should restart all stack members at the same time.
–
When a stack is deliberately partitioned, the new stacks should have the required configuration
for upgrades, that is, the stack group members must be configured correctly.
• For Catalyst 3750-X, 3750-E, 3650-X, and 3650-E client switches, install the appropriate license
files before updating the image. Smart Install does not apply to image licensing.
• To disable Smart Install on a director or client, enter the no vstack global configuration command
on the device. Enter the show vstack status privileged EXEC command to see if Smart Install is
enabled or disabled on a device.
• Client switches with static IP addresses cannot get zero-touch downloads but can receive on-demand
downloads.
• If the director temporarily loses communication with the client switches, there is no impact to the
Smart Install feature unless the client is in the middle of installing Cisco IOS images or downloading
the configuration. If this happens, manual intervention might be required to restart the process.
• We recommend that configuration files do not include boot host dhcp. If a configuration file does
include this configuration, do not apply the configuration file to switches with interfaces that do not
have a configured IP address.
• When a director is configured and a client joins the Smart Install network, Smart Install is
automatically enabled on these devices. Beginning with Cisco IOS Release 12.2(58)SE, 15.1(1)SY,
15.0(2)SE and later, and 3.2(0)SE and later, you can disable Smart Install on a device and also shut
down its Smart Install TCP ports by entering the no vstack global configuration command on the
client or director.
–
When Smart Install is disabled on a device, any Smart Install configuration on the device
remains in the running configuration but does not take effect while Smart Install is disabled.
OL-28027-01
–
When Smart Install is disabled on a device, the vstack director ip_ address and vstack basic
global configuration commands are not allowed.
Cisco Smart Install Configuration Guide
2-3
Configuring the DHCP Server
• Image-only or configuration-only upgrades cannot be performed on IBCs running an image prior to
Most configuration commands are visible and can be entered on the director or on a client, but only the
ones configured on the director take effect. If you enter commands on a client switch, they do not take
effect now, but if the client later becomes the director, the commands are then valid.
Chapter 2 Configuring Cisco Smart Install Devices
–
If you disable Smart Install on the director and there were Smart Install DHCP IP addresses
configured, you need to manually unconfigure them.
–
To re-enable Smart Install on the device, enter the vstack global configuration command.
Cisco IOS Release XE 3.6.0E. If an IBD is configured for an image-only or configuration-only
upgrade but the IBC does not support an upgrade, the following cases apply:
–
The Director is configured to perform an image-only upgrade for the client.
Prior to Cisco IOS Release XE 3.6.0E, IBC did not receive the configuration path and the
configuration-only upgrade failed, but the image upgrade proceeded and IBC reloaded.
Although the image upgrades, Cisco does not claim this process to be “Image-only” because
IBC tries to download the configuration file and fails, displaying error messages.
–
The Director is configured to perform a configuration-only upgrade for the client.
Prior to Cisco IOS Release XE 3.6.0E, the configuration upgrade proceeded but IBC did not
receive the image path, hence the image upgrade failed, and IBC did not reload.
DHCP Configuration Guidelines
• Although we recommend that the director be configured to act as DHCP server for the clients, Smart
Install can also use an external DHCP server. If you use an external device as DHCP server, you
could configure the DHCP server to send option 125/sub-option 16 for the director IP address to
avoid the possibility of fake DHCP servers.
• We recommend configuring a Cisco IOS DHCP server to remember IP bindings to ensure that
devices in the Smart Install network retain the same IP address in the event of a network or device
reload.
• In networks that do not use DHCP to assign IP addresses to the clients, you must configure the IP
address of the director on each client switch.
• In a Smart Install network, we recommend not to configure DHCP snooping and DHCP relay on the
same interface of the switch.
Configuring the DHCP Server
To perform zero-touch updates, the Smart Install network must be running DHCP. The DHCP server
might be the director, another Cisco device running Cisco IOS, or a non-Cisco third-party server. You
can also have the director act as the Smart Install DHCP server and have another device perform all other
DHCP server functions.
Use one of the following procedures to set up a Cisco device as DHCP server, or if you choose to
configure a non-Cisco third-party device as DHCP server, follow the instructions in the product
documentation for configuring a network address and a TFTP server.
2-4
Note You should not configure any client switches participating in Smart Install as the DHCP server.
Cisco Smart Install Configuration Guide
OL-28027-01
Loading...