cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2798
Views
0
Helpful
3
Replies

IOS-XR NETCONF edit-config question

mmessa
Level 1
Level 1

Thanks in advanced for your help. 

 

I am working with a Cisco ASR9001, software version Cisco IOS XR Software, Version 6.0.2[Default].

 

I've been able to connect via NETCONF over SSH and perform basic NETCONF commands. However, I am running into unexpected results when performing edit-config operations. Specifically, I have a requirement to load a completely new configuration into the ASR9001 regardless of the current configuration. My first thought was to use a copy-config operation to overwrite the entire candidate data store. But that operation does not appear to be supported by the ASR9001. My first attempt was to use an edit-config with the default default-operation (merge). However, this causes all sorts of conflicts depending on what state the ASR9001 is in (which I believe makes sense). My next attempt was to use an edit-config with default-operation set to "none" and to annotate all of the top-level containers (e.g. L2VPN) I was modifying to have an operation="replace". This got much closer but suffered from a problem where some fields (mainly lists, e.g. vlan ranges) were oddly merged if they previously existed instead of replaced. My last attempt was to first perform an edit-config to remove the existing configuration, and then do an edit-config with default-operation=merge to load my configuration. Surprisingly, despite using a get-config to confirm the stale configuration was in fact removed, when I perform the second edit-config several fields reappear as merged into the resulting configuration. 

 

My question is fundamental. What is the proper command to send to the ASR9001 via NETCONF to completely overwrite the existing configuration? No merge. Just take this new configuration. 

 

Thanks again,

 

-mike

3 Replies 3

mmessa
Level 1
Level 1

I reached out to Cisco Customer Support and their first response indicated that the NETCONF "copy-config" RPC is what I need to use to achieve the desired result. However, when I send any "copy-config" RPC to the ASR 9000 it is rejected in the following fashion:

 

<?xml version="1.0" encoding="UTF-8"?>

<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">

  <copy-config>

    <target>

      <startup/>

    </target>

    <source>

      <running/>

    </source>

  </copy-config>

</rpc>

 

<?xml version="1.0"?>

<rpc-reply message-id="1" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">

<rpc-error>

  <error-type>protocol</error-type>

  <error-tag>unknown-element</error-tag>

  <error-severity>error</error-severity>

  <error-info>

   <bad-element>copy-config</bad-element>

  </error-info>

</rpc-error>

</rpc-reply>

 

I mentioned this to Cisco Support and their response wa rather cryptic:

 

"Customer is using netconf 1.0 format and is a yang request, which is not supported. Yang team can confirm this."

 

I tried to get them to explain what this means, but so far I have received no response. 

 

Has anyone been able to perform a NETCONF "copy-config" operation with an ASR9000? Or anything else running IOS for that matter?

I reached out again to Cisco Support and this time they said that "copy-config" is only supported on this switch with firmware version 6.1 and later (I had 6.0.?). I upgraded the firmware of the switch and now copy-config operations are accepted and processed by the switch. 

 

However, it appears that "copy-config" is not loading the specified configuration verbatim. Rather, if I attempt to remove (say an interface-configuration) by omitting it from the desired configuration, it persists in the resulting configuration. 

 

So after all of this I am still unable to load a new configuration from scratch without the result being dependent on the initial state of the switch. 

Pablo O
Level 1
Level 1

unsure if this thread is still active/alive, but for this question.

I found using an ASR9901, IOS-XR 7.5.2, you'd need to use edit_config w/ "replace" at the top operation. 
Something like the below when using ncclient lib:
```
default_operation
="replace"

```
I think w/ your case with "none" at the top w/ "replace" below in the top nodes, you might've edited one container but left another dependent on alone? e.g. <interfaces> and <interface-configurations> ? 
 
Note: I found issues w/ this as some containers were completely missing upon a restore, specifically <aaa> had some config for radius missing for some reason.  
i.e. if radius was there before, and my new config still has the same settings, it wouldn't persist properly and have missing children nodes

Review Cisco Networking for a $25 gift card