03-06-2018 08:15 AM
hi, i follow the step on cisco learning labs Cisco DevNet Learning Labs to active the NETCONF on NX-OS. and its successful.
this is my output of getting list of YANG Files.
root@client:/python# ssh -p 830 admin@10.200.200.19 -s netconf
User Access Verification
Password:
<?xml version="1.0" encoding="UTF-8"?>
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
<capability>urn:ietf:params:netconf:base:1.1</capability>
<capability>urn:ietf:params:netconf:capability:writable-running:1.0</capability>
<capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</capability>
<capability>http://openconfig.net/yang/interfaces?revision=2016-05-26&module=openconfig-interfaces</capability>
<capability>http://openconfig.net/yang/interfaces/ip?revision=2016-05-26&module=openconfig-if-ip</capability>
<capability>http://openconfig.net/yang/local-routing?revision=2016-05-11&module=openconfig-local-routing</capability>
<capability>http://openconfig.net/yang/vlan?revision=2016-05-26&module=openconfig-vlan</capability>
<capability>http://www.cisco.com/yang/nxos-dev/top?revision=2017-02-17&module=top</capability>
</capabilities>
<session-id>227117149</session-id>
</hello>
]]>]]>
and this is my python files to get all the list, its working
from ncclient import manager
def get_capabilities(host, port, user, pwd):
with manager.connect(host=host, port=port, username=user, password=pwd, hostkey_verify=False, device_params={'name': 'nexus'}) as m:
capabilities = m.server_capabilities
return capabilities
def print_capabilities(c):
file = open ("capability-nx-os.txt","w")
for line in c:
file.writelines(line+"\n")
x = get_capabilities ("10.200.200.19","830","admin","Tanjung814")
a = print_capabilities(x)
but when i try to get the YANG Files directly from the NX-OS devices, its cannot. this is my python files.
from ncclient import manager
import xml.etree.ElementTree as ET
m = manager.connect(host='10.200.200.19', port=830, username='admin',
password='Tanjung814', device_params={'name': 'nexus'})
schema = m.get_schema('openconfig-vlan')
xml_et = ET.fromstring(schema.xml)
yang = list(xml_et)[0].text
with open('openconfig-vlan.yang', 'w') as f:
f.write(yang)
when running the files.
root@client:/python/nx-os# python getyang.py
Traceback (most recent call last):
File "getyang.py", line 8, in <module>
schema = m.get_schema('openconfig-vlan')
File "/usr/local/lib/python2.7/dist-packages/ncclient/manager.py", line 162, in wrapper
return self.execute(op_cls, *args, **kwds)
File "/usr/local/lib/python2.7/dist-packages/ncclient/manager.py", line 232, in execute
raise_mode=self._raise_mode).request(*args, **kwds)
File "/usr/local/lib/python2.7/dist-packages/ncclient/operations/retrieve.py", line 129, in request
return self._request(node)
File "/usr/local/lib/python2.7/dist-packages/ncclient/operations/rpc.py", line 337, in _request
raise self._reply.error
ncclient.operations.rpc.RPCError: Invalid or unsupported operation tag
root@client:/python/nx-os#
this error happen to when i try to connect NX-OS directly to OpenDayLight. the ODL cant download the YANG Files store in the NX-OS to the OpenDayLight cache/scheme folder. i try on SR1000V this script working. i dont know why this error on NX-OS. thanks
Solved! Go to Solution.
03-08-2018 03:42 AM
Hi Zufar, No problem. Is not recommend using the OC models as there are lots of deviations. An upcoming release will see the implementation of over 20 OC models (i do not have specific details on this release atm).
stuart
03-07-2018 04:20 AM
Hello Zufar, i am getting the same error with your script. Let me look into this for you.
stuart
03-07-2018 07:52 AM
Hi Stuart, its my script error, or you doing same thing with your script?
i try to manual download the YANG Files to opendaylight and try to reconnect the NX-OS to opendaylight. but its not working.
i try to debug the opendaylight, and this error is happen.
opendaylight-user@root>log:display
2018-03-07 10:37:54,981 | INFO | entLoopGroup-4-2 | NetconfConnectorModule | 214 - org.opendaylight.netconf.sal-netconf-connector - 1.4.2.Boron-SR2 | Concurrent rpc limit is smaller than 1, no limit will be enforced for device RemoteDevice{NX-OS-100}
2018-03-07 10:37:55,026 | INFO | 2]-nio2-thread-1 | ClientSessionImpl | 30 - org.apache.sshd.core - 0.14.0 | Client session created
2018-03-07 10:37:55,031 | INFO | 2]-nio2-thread-1 | ClientSessionImpl | 30 - org.apache.sshd.core - 0.14.0 | Start flagging packets as pending until key exchange is done
2018-03-07 10:37:55,269 | INFO | 2]-nio2-thread-4 | ClientSessionImpl | 30 - org.apache.sshd.core - 0.14.0 | Server version string: SSH-2.0-OpenSSH_6.2 PKIX FIPS
2018-03-07 10:37:56,003 | WARN | 2]-nio2-thread-1 | AcceptAllServerKeyVerifier | 30 - org.apache.sshd.core - 0.14.0 | Server at /10.200.200.19:830 presented unverified RSA key: 77:e7:c4:9c:bd:7d:cd:09:52:94:f7:c5:de:23:7d:8c
2018-03-07 10:37:56,017 | INFO | 2]-nio2-thread-1 | ClientSessionImpl | 30 - org.apache.sshd.core - 0.14.0 | Dequeing pending packets
2018-03-07 10:37:56,164 | INFO | 2]-nio2-thread-4 | ClientUserAuthServiceNew | 30 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_USERAUTH_FAILURE
2018-03-07 10:37:56,184 | INFO | 2]-nio2-thread-2 | UserAuthKeyboardInteractive | 30 - org.apache.sshd.core - 0.14.0 | Received
2018-03-07 10:37:56,277 | INFO | 2]-nio2-thread-6 | UserAuthKeyboardInteractive | 30 - org.apache.sshd.core - 0.14.0 | Received
2018-03-07 10:37:56,293 | INFO | 2]-nio2-thread-5 | ClientUserAuthServiceNew | 30 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_USERAUTH_SUCCESS
2018-03-07 10:37:56,652 | WARN | sing-executor-10 | NetconfDevice | 214 - org.opendaylight.netconf.sal-netconf-connector - 1.4.2.Boron-SR2 | RemoteDevice{NX-OS-100}: Netconf device does not provide all yang models reported in hello message capabilities, required but not provided: [(http://openconfig.net/yang/vlan?revision=2016-05-26)openconfig-vlan, (http://www.cisco.com/yang/nxos-dev/top?revision=2017-02-17)top, (http://openconfig.net/yang/interfaces?revision=2016-05-26)openconfig-interfaces, (http://openconfig.net/yang/interfaces/ip?revision=2016-05-26)openconfig-if-ip, (http://openconfig.net/yang/local-routing?revision=2016-05-11)openconfig-local-routing]
2018-03-07 10:37:56,652 | WARN | sing-executor-10 | NetconfDevice | 214 - org.opendaylight.netconf.sal-netconf-connector - 1.4.2.Boron-SR2 | RemoteDevice{NX-OS-100}: Attempting to build schema context from required sources
2018-03-07 10:37:56,669 | ERROR | sing-executor-10 | NetconfDevice | 214 - org.opendaylight.netconf.sal-netconf-connector - 1.4.2.Boron-SR2 | RemoteDevice{NX-OS-100}: Initialization in sal failed, disconnecting from device
java.lang.IllegalStateException: RemoteDevice{NX-OS-100}: No more sources for schema context
2018-03-07 10:37:56,673 | WARN | sing-executor-10 | NetconfDeviceCommunicator | 214 - org.opendaylight.netconf.sal-netconf-connector - 1.4.2.Boron-SR2 | RemoteDevice{NX-OS-100}: Session terminated Session closed
03-07-2018 12:47 PM
Thanks, Zufar that's really helpful output. I am seeing the same when I debug the Python script.
<rpc-reply xmlns:if="http://www.cisco.com/nxos:1.0:if_manager" xmlns:nfcli="http://www.cisco.com/nxos:1.0:nfcli" xmlns:nxos="http://www.cisco.com/nxos:1.0" xmlns:vlan_mgr_cli="http://www.cisco.com/nxos:1.0:vlan_mgr_cli" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:0f20c7ca-c41c-46dd-959a-d35d16e52183">
<rpc-error>
<error-type>Protocol</error-type>
<error-tag>unknown-element</error-tag>
<error-severity>Error</error-severity>
<error-message xml:lang="en">Invalid or unsupported operation tag</error-message>
</rpc-error>
</rpc-reply>
I am still looking into why this is happening.
03-07-2018 11:44 PM
i think the problem is from the NX-OS Devices.
NX-OS devices reply the Data Model with difference name structure.
i try to compare the NX-OS hello message with CSR1000V hello message.
NX-OS Hello
root@client:/python# cat capability-nx-os.txt
urn:ietf:params:netconf:capability:writable-running:1.0
http://openconfig.net/yang/local-routing?revision=2016-05-11&module=openconfig-local-routing
urn:ietf:params:netconf:capability:rollback-on-error:1.0
http://openconfig.net/yang/vlan?revision=2016-05-26&module=openconfig-vlan
http://openconfig.net/yang/interfaces/ip?revision=2016-05-26&module=openconfig-if-ip
urn:ietf:params:netconf:base:1.0
urn:ietf:params:netconf:base:1.1
http://www.cisco.com/yang/nxos-dev/top?revision=2017-02-17&module=top
http://openconfig.net/yang/interfaces?revision=2016-05-26&module=openconfig-interfaces
CSR1000V Hello
root@client:/python# cat capability.txt
urn:ietf:params:xml:ns:yang:smiv2:CISCO-CBP-TC-MIB?module=CISCO-CBP-TC-MIB&revision=2008-06-24
urn:ietf:params:xml:ns:yang:smiv2:RSVP-MIB?module=RSVP-MIB&revision=1998-08-25
urn:ietf:params:xml:ns:yang:smiv2:ATM-FORUM-TC-MIB?module=ATM-FORUM-TC-MIB
urn:cisco:params:xml:ns:yang:cisco-qos-common?module=cisco-qos-common&revision=2015-05-09
http://tail-f.com/ns/mibs/SNMPv2-MIB/200210160000Z?module=SNMPv2-MIB&revision=2002-10-16
urn:cisco:params:xml:ns:yang:cisco-environment?module=cisco-environment&revision=2015-04-09
urn:ietf:params:xml:ns:yang:smiv2:CISCO-CBP-TARGET-TC-MIB?module=CISCO-CBP-TARGET-TC-MIB&revision=2006-03-24
urn:ietf:params:netconf:capability:notification:1.0
i see the difference format name, in the NX-OS, the format is <url><revision><module>
in the CSR1000V, the format is <url><module><revision>
the difference name make the program cant get the data model, i try in opendaylight and its same problem!
i try to change the capability options in opendaylight. but its not working.
<capability xmlns="urn:opendaylight:params:xml:ns:yang:controller:md:sal:connector:netconf">
http://openconfig.net/yang/local-routing?revision=2016-05-11&module=openconfig-local-routing
</capability>
03-08-2018 03:02 AM
Hi Zufar, sorry for my delay in replying. I spoke with our Nexus team they advise me.
"We don't currently support netconf monitoring which I think is the issue here. https://trac.tools.ietf.org/html/rfc60222 I think is what you are looking for, we are tracking that for an upcoming release"
I appreciate this might not be the answer you were looking for, but this appears to be why the results above are showing this output.
stuart
03-08-2018 03:33 AM
Thanks Stuart, so the conclusion is the NX-OS cant manage by opendaylight, and must be with python script. its right?
03-08-2018 03:42 AM
Hi Zufar, No problem. Is not recommend using the OC models as there are lots of deviations. An upcoming release will see the implementation of over 20 OC models (i do not have specific details on this release atm).
stuart
03-08-2018 04:00 AM
thanks stuart for helping me
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide