cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
74
Views
3
Helpful
9
Replies
Cisco Employee

Sync Configuration of IOS-XR using Netconf

I am trying to connect a device using Netconf. The device I am using is a XRVR with IOSXR 5.3.2 which supports dozens of YANG modules and NSO is version 3.4. But after a successful sync-from operation, I cannot see the config of the device on NSO. I guess it is because NSO cannot get the YANG model files, thus it cannot parse the config. Not sure if I am right or not. Is there any explanation?

The log is as below.

admin@ncs# show running-config devices device NC532 devices device NC532

address   192.168.250.56

port      830

ssh host-key ssh-rsa

  key-data "AAAAB3NzaC1yc2EAAAADAQABAAAAgQCbYWtL7JGyRMPvn2LyfM9wUZbe7lDqzRSsBuyFmvdY\nL/v9o3rHxVs6qDu+Up01Smaeo5ytlQ6Ud13659M6Q7C9MJlLNgQwot6qa2nQ+TP1LMHb1Z/Y\nVpQP17xzMcjnPNPuJqZL9HNsR8OGGg0A2ZBwEYqZH+9AkVptd3AnZp5Phw=="

!

authgroup cisco

device-type netconf

state admin-state unlocked

source added-by-user admin

source context "cli (discovery package)"

source when   2015-06-04T10:39:43.092+00:00

source from-ip 10.140.1.121

config

  no ios:service pad

  no ios:ip domain-lookup

  no ios:ip http secure-server

  ios:ip source-route

!

!

admin@ncs#

admin@ncs# show devices device NC532 capability capability :candidate:1.0 capability :confirmed-commit:1.1 capability :rollback-on-error:1.0 capability :validate:1.1 capability http://cisco.com/ns/yang/Cisco-IOS-XR-aaa-lib-cfg

revision 2015-01-07

module   Cisco-IOS-XR-aaa-lib-cfg

capability http://cisco.com/ns/yang/Cisco-IOS-XR-aaa-locald-admin-cfg

revision 2015-01-07

module   Cisco-IOS-XR-aaa-locald-admin-cfg

capability http://cisco.com/ns/yang/Cisco-IOS-XR-aaa-locald-cfg

revision 2015-01-07

module   Cisco-IOS-XR-aaa-locald-cfg

module   Cisco-IOS-XR-aaa-locald-cfg

capability http://cisco.com/ns/yang/Cisco-IOS-XR-aaa-locald-oper

revision 2015-01-07

module   Cisco-IOS-XR-aaa-locald-oper

capability http://cisco.com/ns/yang/Cisco-IOS-XR-bundlemgr-cfg

revision 2015-01-07

module   Cisco-IOS-XR-bundlemgr-cfg

capability http://cisco.com/ns/yang/Cisco-IOS-XR-bundlemgr-oper

revision 2015-01-07

module   Cisco-IOS-XR-bundlemgr-oper

capability http://cisco.com/ns/yang/Cisco-IOS-XR-cdp-cfg

revision 2015-01-07

module   Cisco-IOS-XR-cdp-cfg

capability http://cisco.com/ns/yang/Cisco-IOS-XR-cdp-oper

revision 2015-01-07

module   Cisco-IOS-XR-cdp-oper

capability http://cisco.com/ns/yang/Cisco-IOS-XR-clns-isis-cfg

revision 2015-01-07

module   Cisco-IOS-XR-clns-isis-cfg

capability http://cisco.com/ns/yang/Cisco-IOS-XR-clns-isis-datatypes

revision 2015-01-07

module   Cisco-IOS-XR-clns-isis-datatypes

capability http://cisco.com/ns/yang/Cisco-IOS-XR-clns-isis-oper

revision 2015-01-07

module   Cisco-IOS-XR-clns-isis-oper

capability http://cisco.com/ns/yang/Cisco-IOS-XR-common-acl-datatypes

revision 2015-01-07

module   Cisco-IOS-XR-common-acl-datatypes

capability http://cisco.com/ns/yang/Cisco-IOS-XR-config-mda-cfg

revision 2015-01-07

module   Cisco-IOS-XR-config-mda-cfg

capability http://cisco.com/ns/yang/Cisco-IOS-XR-config-mibs-cfg

revision 2015-01-07

module   Cisco-IOS-XR-config-mibs-cfg

capability http://cisco.com/ns/yang/Cisco-IOS-XR-crypto-sam-cfg

revision 2015-01-07

module   Cisco-IOS-XR-crypto-sam-cfg

capability http://cisco.com/ns/yang/Cisco-IOS-XR-crypto-sam-oper

revision 2015-01-07

module   Cisco-IOS-XR-crypto-sam-oper

capability http://cisco.com/ns/yang/Cisco-IOS-XR-crypto-ssh-cfg

revision 2015-01-07

module   Cisco-IOS-XR-crypto-ssh-cfg

capability http://cisco.com/ns/yang/Cisco-IOS-XR-crypto-ssh-oper

revision 2015-01-07

module   Cisco-IOS-XR-crypto-ssh-oper

capability http://cisco.com/ns/yang/Cisco-IOS-XR-drivers-media-eth-cfg

revision 2015-01-07

module   Cisco-IOS-XR-drivers-media-eth-cfg

….

(cut down the rest of output)

admin@ncs# devices device NC532 sync-from result true admin@ncs# show running-config devices device NC532 devices device NC532

address   192.168.250.56

port      830

ssh host-key ssh-rsa

  key-data "AAAAB3NzaC1yc2EAAAADAQABAAAAgQCbYWtL7JGyRMPvn2LyfM9wUZbe7lDqzRSsBuyFmvdY\nL/v9o3rHxVs6qDu+Up01Smaeo5ytlQ6Ud13659M6Q7C9MJlLNgQwot6qa2nQ+TP1LMHb1Z/Y\nVpQP17xzMcjnPNPuJqZL9HNsR8OGGg0A2ZBwEYqZH+9AkVptd3AnZp5Phw=="

!

authgroup cisco

device-type netconf

state admin-state unlocked

source added-by-user admin

source context "cli (discovery package)"

source when   2015-06-04T10:39:43.092+00:00

source from-ip 10.140.1.121

config

  no ios:service pad

  no ios:ip domain-lookup

  no ios:ip http secure-server

  ios:ip source-route

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Re: Sync Configuration of IOS-XR using Netconf

Are you trying to connect to the device without a NED?

Even against NETCONF devices, you need to create a NED. It takes 2 minutes but it is needed.

9 REPLIES 9
Highlighted
Cisco Employee

Re: Sync Configuration of IOS-XR using Netconf

Are you trying to connect to the device without a NED?

Even against NETCONF devices, you need to create a NED. It takes 2 minutes but it is needed.

Cisco Employee

Re: Sync Configuration of IOS-XR using Netconf

Good point. Is NED needed for NETCONF devices so as to dictate that the devices are of NETCONF type (and need to use NETCONF transport)?

Cisco Employee

Re: Sync Configuration of IOS-XR using Netconf

I read here once on the mailer, that even for Netconf devices a NED is required.

This would be inline with the existence of a juniper-junos NED, which is holding the junos yang file.

I guess Roque’s comment regarding 2 minutes to create a Netconf NED is about placing the yang files in such NED and compiling them.

Cisco Employee

Re: Sync Configuration of IOS-XR using Netconf

$ ncs-make-package --help

Usage: ncs-make-package [options] package-name

  ncs-make-package --netconf-ned DIR package-name

Where DIR contains the relevant YANG files.

Cisco Employee

Re: Sync Configuration of IOS-XR using Netconf

You are right.

However, If the southbound devices already support YANG models (for the needed featureset) and NCS can discover and load them automatically from the devices during the connection phase, then NEDs become more of a housekeeping (as I mentioned earlier; and/or to help netsim). Perhaps, Roque could clarify this better.

Cisco Employee

Re: Sync Configuration of IOS-XR using Netconf

According to my understanding, by default a Netconf client cannot load the YANG files automatically only if the Netconf server, in other words the device, supports netconf-monitoring RFC 6022 which provides the <get-schema> operation. I am not sure if NCS supports to do this.

Please correct me.

Cisco Employee

Re: Sync Configuration of IOS-XR using Netconf

You are correct, that is a NETCONF capability but not currently supported in NCS. We currently still need a NED.

Jan is a better person to give more details.

Cisco Employee

Re: Sync Configuration of IOS-XR using Netconf

> You are correct, that is a NETCONF capability but not currently

> supported in NCS. We currently still need a NED.

It's only the last year or so that a few devices have emerged that supports all the optional NETCONF and YANG features to allow dynamic listing and download of the YANG models. On the EANTC NETCONF interop testing in February, this allowed me to build a little script that automatically connected to a device, downloaded the YANGs, compiled them into an NCS NETCONF NED, loaded that NED into NCS, added it to the device list and synced-from. Tadaa! It works!

This functionality has not yet made it into NCS as a standard feature, but it wouldn't be that hard to turn this script into an action which could be triggered by an operator. No change to NCS would be required to do this, so if you're interested, we could do this together.

Cisco Employee

Re: Sync Configuration of IOS-XR using Netconf

Jan is correct here - however I haven't yet seen a single NETCONF device where this process worked flawlessly. And mind you these are ConfD based projects.

In general - as a ConfD user - it's a non trivial process to gather the yang models of the project and decide which ones are the ones that we want northbound users to see and which ones are private.

Content for Community-Ad
August's Community Spotlight Awards