In my last blog I wrote about building ZTP configurations for SONiC switches using the data in NetBox. This post will explain how those configurations are served to these devices without the need for any human intervention.
The key elements are:
- DHCP Server (to receive requests from new devices and point to software/config locations)
- KEA class definitions (unique for each vendor and platform)
- HTTP Server (send firmware)
- GIT Server (send configuration files)
- ztp.json file that defines the final steps needed to fully configure a SONiC switch
The ZTP process is as follows:
- New switch is plugged into the network and DHCP request is sent requesting software (ONIE)
- DHCP server determines hardware vendor/type and sends the correct software to switch
- Switch loaded with new software, reboots & requests configuration file from DHCP server
- DHCP server responds with the correct configuration file (based on serial number)
- Switch applies the configuration file and reboots before completing ZTP
- Switch looks at ZTP configuration file for further configuration instructions and or QA
KEA example of the various classes that define the different vendors and platforms. This is just a list of all the classes currently defined in KEA.

Drilling down into the class for Edgecore we can see the location of the software file and also the vendor and platform ID which determines the actual hardware type.

Class definition for Wistron. The unique HEX value is how the DHCP server can identify the correct hardware.

Once the switch has the correct software applied and has rebooted, then the ZTP process can begin. All switches default to the name “sonic” after having the software upgraded so this is the key piece of info the DHCP server is looking for in this step of the process.

This is the ztp.json file that contains the instructions to configure the switch. The configs are stored on git and the serial number is the unique identifier to ensure the correct config ends up on the proper device. In addition to the main configuration file, there is also the routing portion of the config (FRR). Finally there is a basic connectivity check via ping.

You can add any instructions you might need for your infra. The first step in the ZTP process was a password change and setting a sleep timer.

That’s all there is to Zero Touch Provisioning a SONiC switch using KEA DHCP server. I will write another blog post on KEA in the near future since it’s very helpful when managing infrastructure.