Switch Discovery Process
ExtremeCloud Appliance provides support for Management and Statistical services for ExtremeXOS and 200 Series switches.
These switches are provisioned with built-in Zero Touch Provisioning (ZTP). ZTP provisioned switches can discover and connect to any of the following Extreme Networks Management Appliances:
Note: Only one appliance at a time can be configured as the Management Appliance, you should either use ExtremeManagement or the ExtremeCloud appliance in the same domain, never both.
- On-premises ExtremeCloud Appliance
- On-premises Extreme Management Center
When the switch is turned on, it automatically starts the Linux process cloud-connector client. The cloud-connector client relies on the Default VLAN 1 enabled DHCP client to discover a DHCP server. The default configuration for these switches includes all data ports configured with VLAN 1. Any pre-configured data port can be used to connect to a DHCP Server. Simply provide an IP address and the Domain Name. After the switch receives an IP address and a Domain Name, it begins the DNS query to find the built-in Extreme Networks Management Appliance Fully-Qualified Domain Name (FQDN):
- extremecontrol@<domainname> for on-premises appliances (ExtremeCloud Appliance or Extreme Management Center).
- devices.extremenetworks.com resolved by the Internet Domain Name Servers to the ExtremeCloud IP address.
The cloud-connector tries to resolve these names in an endless round-robin loop. When any of the names are resolved to an IP address, the switch attempts connection to that IP address.The Configuration: Note: Before connecting a switch to an on-premises Management Appliance:
- Within ExtremeCloud Appliance, configure each physical port to enable device registration:
1 Go to Admin > System.
2 Under Interfaces click Add.
3 On the Create New Interface dialog, check Enable Device Registration
Note: Switches that are connected to the internet and can reach the Internet Domain Name servers will attempt to connect to ExtremeCloud.
- Configure a local DNS server that resolves extremecontrol@<domainname> to the IP address of an ExtremeCloud Appliance physical port that is configured with the Enable Device Registration enabled
A switch discovers ExtremeCloud Appliance by resolving the built-in Fully-Qualified Domain Name (FQDN) extremecontrol@<domain Name> to an IP address.<domain Name> is the domain assigned to the switch by the DHCP server.
To configure switch discovery, add a single “A” record for extremecontrol@<domain name> to the local DNS server. If using a public DNS service, add the record to the DNS service.
When using the public option, the DNS servers used by the switch must be integrated with the public service. When the switch discovers ExtremeCloud Appliance, the device status is initially In-Service-Trouble. This corresponds to the cloud-connector machine state Connecting and is represented in ExtremeCloud Appliance as a yellow triangle. Once ExtremeCloud Appliance acknowledges the switch configuration, the switch enters the machine state Running. This state is represented in ExtremeCloud Appliance with a green circle.Switch Discovery in an Availability Pair:
When configuring ExtremeXOS switches in an ExtremeCloud Appliance (ExtremeCloud Appliance) Availability Pair, use an "A" record for extremecontrol@, providing an IP address for the primary ExtremeCloud Appliance and an IP address for the backup ExtremeCloud Appliance. When the first address fails, the switch attempts the second IP address.
- If both IP addresses fail, the switch performs a second DNS request. The switch performs the DNS request before sending an HTTPS message and does not use DNS caching.
- If both the primary and backup ExtremeCloud Appliance are up, all configured switches are adopted on the primary ExtremeCloud Appliance, and the switch sends the HTTPS message to the primary ExtremeCloud Appliance only.
- If the primary ExtremeCloud Appliance is down and the backup ExtremeCloud Appliance is up, the switch fails over to the backup. The switch will timeout on the primary IP address and proceed to the secondary IP address. The switch attempts to send the HTTPS message to the primary ExtremeCloud Appliance first because its IP address is first in the DNS reply. That attempt will timeout and the switch will send the second HTTPS to the secondary IP address. The switch continues to send HTTPS messages to both IP addresses. If the primary ExtremeCloud Appliance comes up, the switch sends the HTTP message to the first IP address and does not attempt the second IP address.
The 200 series switch software does not support multiple IP addresses configured with the DNS entry extremecontrol.<domain name>. As a consequence of this limitation, in an HA deployment, the 200 series switches will stop sending statistics when the primary ECA is down. The 200 Switch operation continues even if the Appliance is down (pass traffic). Cloud Connector tries to registers but will not affect switch operation. When the primary appliance comes back again then the Switch registers to the same Appliance with no interruption in the operation, statistics, and configuration works. This may be addressed in a future release, please continue to consult the release notes for newer code versions.