< Home

Configuring Switches to Communicate with iMaster NCE-Campus

Prerequisites

There is a reachable route between each switch and iMaster NCE-Campus.

Context

In NETCONF over SSH Callhome mode, switches proactively set up NETCONF sessions with iMaster NCE-Campus. In the Huawei CloudCampus Solution, there are three phases from switch deployment to unified device management on iMaster NCE-Campus.

Procedure

  1. Switches enable NETCONF and obtain the URL/IP address and port number of iMaster NCE-Campus. This phase can be implemented through DHCP, a registration query center, or manual configuration (using commands or web system).

    Table 1 Methods to enable NETCONF and obtain iMaster NCE-Campus's address information

    Method

    Procedure

    Through a DHCP server

    1. Configure option 148 ascii agilemode=agile-cloud;agilemanage-mode=ip;agilemanage-domain=ip-address;agilemanage-port=port-number on the DHCP server.

      • agilemode enables NETCONF.
      • agilemanage-mode indicates whether a switch obtains the URL or IP address of iMaster NCE-Campus.
      • agilemanage-domain specifies the URL or IP address of iMaster NCE-Campus.
      • agilemanage-port specifies the port number of iMaster NCE-Campus.
    2. Perform configurations based on the VLAN for the IP address pool of the DHCP server.

      When the VLAN for the IP address pool of the DHCP server is not VLAN 1, perform the following operations:

      1. Run system-view

        The system view is displayed.

      2. Run pnp startup-vlan vlan-id

        A PnP VLAN ID is configured.

        By default, no PnP VLAN ID is configured on a switch.

      3. Run pnp startup-vlan send enable

        The switch is enabled to transmit the PnP VLAN ID to its downstream devices.

        By default, the switch does not transmit the PnP VLAN ID to its downstream device.

      4. Run interface interface-type interface-number

        The Ethernet interface view is displayed.

      5. Run lldp tlv-enable legacy-tlv pnp startup-vlan

        The switch is enabled to send LLDP packets containing PnP VLAN information to its downstream devices.

        By default, the switch sends LLDP packets containing PnP VLAN information to downstream devices.

      6. Run quit

        Exit the Ethernet interface view.

      7. (Optional) If switches are connected through an Eth-Trunk, perform the following operations:

        Run interface eth-trunk trunk-id

        The Eth-Trunk interface view is displayed.

        Run pnp startup-link-aggregation enable

        The switch is enabled to transmit the flag indicating whether to establish an Eth-Trunk to downstream devices.

        By default, a switch does not inform its downstream device of the need to establish an Eth-Trunk.

      When the VLAN for the IP address pool of the DHCP server is VLAN 1, perform the following operations:

      Ensure that switches are unconfigured and have no input on the console port. After these switches are connected to the network, they automatically enable NETCONF and obtain the iMaster NCE-Campus's address information using DHCP.

    Through a registration query center

    1. Import information about each switch, including the ESN and device type, into iMaster NCE-Campus. After the information is imported, iMaster NCE-Campus uploads the device ESNs and corresponding iMaster NCE-Campus's address information to the registration query center.

    2. Ensure that switches are unconfigured and have no input on the console port. Switches are preconfigured with the registration query center's URL (register.naas.huawei.com) and port number (10020). After switches are connected to the network, they send requests to the registration query center to automatically enable NETCONF and obtain the iMaster NCE-Campus's address information.

      If NETCONF has been enabled on a switch but the switch cannot obtain the iMaster NCE-Campus's address information through DHCP or manual configuration, the switch also sends a request to the registration query center to obtain the iMaster NCE-Campus's address information. In this situation, the switch does not need to be unconfigured and can have input on the console port.

    Using commands

    Method 1:

    1. Run system-view

      The system view is displayed.

    2. Run netconf

      The NETCONF function is enabled and the NETCONF view is displayed.

    3. Run source ip ip-address [ port port-number ]

      The IPv4 address and port number used by the switch to communicate with iMaster NCE-Campus using NETCONF are configured.

    4. Run callhome callhome-name

      A callhome template is created and the callhome template view is displayed.

    5. Run ip address ip-address port port-number

      The IPv4 address and port number used by iMaster NCE-Campus to communicate with the switch using NETCONF are configured.

    Method 2:

    1. Run system-view

      The system view is displayed.

    2. Run netconf

      The NETCONF function is enabled and the NETCONF view is displayed.

    3. Run management-vlan (NETCONF view)

      The VLAN used by the switch to communicate with the DHCP server is configured.

    4. Run controller ip-address ip-address port port-number

      The iMaster NCE-Campus's IP address is configured.

      Or run controller url url-string port port-number

      The iMaster NCE-Campus's URL is configured.

      Either the URL or IP address of iMaster NCE-Campus can be configured.

    Through the web system

    1. For details about how to enable NETCONF on the web system, see Device Working Mode in the S2720, S5700, and S6700 V200R019C10 Web System Guide.

    2. For details about how to obtain the iMaster NCE-Campus's address information, see Controller Mgmt (NETCONF Mode) in the S2720, S5700, and S6700 V200R019C10 Web System Guide.

    After an unconfigured switch obtains the NETCONF enabling configuration and iMaster NCE-Campus's URL/IP address and port number through a DHCP server or registration query center, the management interface of the switch automatically generates the IP address 192.168.1.253/24. You can use this IP address to log in to the switch through the web system, Telnet, or FTP. To log in to a switch through the web system, hold down the MODE button for at least 6 seconds. For details, see First Login to a Switch in the S2720, S5700, and S6700 V200R019C10 Configuration Guide - Basic Configuration.

  2. Switches register with iMaster NCE-Campus for authentication and establish NETCONF transmission channels over SSH, ensuring data transmission security.

    Before the authentication, iMaster NCE-Campus needs to import the ESN, device type, and CA certificate of each switch. Each switch has a local certificate and CA certificate configured before delivery.

    To perform operations on the local certificate of a switch, for example, updating the local certificate, you need to run commands or log in to the web system. For details about command settings, see PKI Configuration in the S2720, S5700, and S6700 V200R019C10 Configuration Guide - Security. For details about web settings, see Certificate Mgmt (NETCONF Mode) in the S2720, S5700, and S6700 V200R019C10 Web System Guide.

  3. iMaster NCE-Campus manages switches.

    For details about how iMaster NCE-Campus manages switches, see the Huawei CloudCampus Solution.

Verifying the Configuration

Run the display netconf connect-status command in any view to check the NETCONF configuration on the switch.

Run the display netconf configuration command in any view to check the device configuration.

Parent Topic: NETCONF Configuration
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >