NETCONF

NETCONF

NETCONF overview

NETCONF is a protocol that provides mechanisms for installing, manipulating, and deleting the configuration of network devices. It uses Extensible Markup Language (XML)-based data encoding for configuration data and protocol messages. The NETCONF operations are realized as remote procedure calls (RPCs).

Refer to RFC 6241, Network Configuration Protocol (NETCONF), at https://tools.ietf.org/html/rfc6241 for more information.

On the DANOS vRouter, NETCONF is used within an SSH session through the SSH connection protocol. This mapping allows NETCONF to be run from a secure shell session by a user or an application. This mapping also makes sure that NETCONF complies with SSH IPv6.

On the DANOS vRouter, NETCONF is intended as a machine interface for management software and not intended as a user interface.

Refer to RFC 6242, Using the NETCONF Protocol over Secure Shell (SSH), at https://tools.ietf.org/html/rfc6242 for more information on using the NETCONF configuration protocol over SSH.

NETCONF capabilities supported on the DANOS vRouter

A NETCONF capability is a set of functions that supplements the base NETCONF specification. The capability is identified by a uniform resource identifier (URI). Capabilities augment the base operations of the device, describing both additional operations and the content that is allowed inside the operations. The client discovers the capabilities of the server and uses any additional operations, parameters, and content that are defined by those capabilities.

Following are the NETCONF capabilities that are supported on the DANOS vRouter:

  • capability:candidate 1.0

  • capability:startup 1.0

  • capability:rollback-on-error 1.0

  • capability:validate 1.1

Refer to RFC 6241, Network Configuration Protocol (NETCONF), at https://tools.ietf.org/html/rfc6241 for more information on these capabilities.

Initiating a NETCONF session

To allow an inbound NETCONF session request from a remote system to be accepted, use the commands that are shown in the following table.

vyatta@R1# set service netconf vyatta@R1# set service ssh port 830 vyatta@R1# commit

YANG model for NETCONF monitoring

The <get‐schema> operation is supported on the DANOS vRouter to query and retrieve schema information and NETCONF state information from a NETCONF server.

Refer to RFC 6022, YANG Module for NETCONF Monitoring, at https://tools.ietf.org/html/rfc6022 for more information on using <get-schema>.

Verifying Connections and Retrieving Operational Data Using NETCONF

ping

The ping command displays whether a destination responded and how long the destination took to receive a reply. If an error occurs in the delivery to the destination, the command displays an error message.

Sample XML request:

<ping xmlns="urn:vyatta.com:mgmt:vyatta‐op"> <host>127.0.0.1</host> <count>5</count> <ttl>3</ttl> </ping>
  • host: IP address you want to ping.

  • count: Number of packets with which you are pinging.

  • ttl: Time to live (ttl) in an IP packet in seconds that tells a network router whether the packet has been in the network too long and should be discarded. By default, the TTL value is 255.

Sample rpc-reply:

<tx-packet-count>5</tx-packet-count> <rx-packet-count>5</rx-packet-count> <min-delay>54</min-delay> <average-delay>62</average-delay> <max-delay>74</max-delay>

interface

The interface command displays information about an interface name. The command output displays all the IP addresses that are associated with the interface, administrator status, operational status, and description of the interface.

Sample XML request:

  • name: Name of interface.

Sample rpc-reply:

route

The route command displays information about the path taken to a particular destination address.

Sample XML request:

  • destination (optional): IP address or IP prefix

  • family: ipv4 (default) or ipv6

NOTE: When the destination is not present, the entire route table for the specified family
is returned as the output.

Sample rpc-reply:

Retrieving statistics using NETCONF

Overview

You can retrieve DANOS vRouter statistics of all types by using NETCONF. Some of the statistics are also available from the CLI. The configuration model is a subtree of the overall YANG tree, which is included in the ISO distribution for the DANOS vRouter.

Use ssh to obtain NETCONF information in XML format from the vRouter as follows.

Configure set service ssh and set service netconf on the DANOS vRouter.

From a remote system, use SSH as follows to access and sign in the DANOS vRouter, when prompted.
ssh vyatta@<ip-address> -s netconf

Send a capabilities list enclosed within a <hello>...<hello/> element.

Respond to the DANOS vRouter hello element with a hello message and capabilities list. End the list with ]]>]]> to inform SSH that the XML element is completed and should be sent.

The following sections provide XML examples for different categories of statistics and other information.

CPU information

The XML examples in this section provide CPU information.

The following example shows an RPC request for CPU information.

The following example shows the RPC reply.

Memory information

The XML examples in this section provide memory information.

The following example shows an RPC request for memory information.

Uptime information

The XML examples in this section provide memory information.

The following example shows an RPC request for uptime information.

Version information

The XML examples in this section provide memory information.

The following example shows an RPC request for version information.