Every once in a while I get a craving to install and run some NSO examples just to keep my basic knowledge at a bare minimum. This time I responded to an ask to test out our updated NSO getting started guide. Downloading and installing is seldom an issue and now it was smooth as it’s is free for evaluation and the link is provided on DevNet. You can even Google it if you can’t find it! Following the step-by-step guide is really fun and you almost feel like a developer, which I was 20 years ago. This time though my problems started already when running the first examples with Netsims. First, I could not ssh into the CLI, but who cares when there are other ways in (ncs_cli -u admin), but when I couldn’t connect to the devices or do sync from I was stuck. I realized that it had to do with SSH in one way or another. I am not an expert in this area and suddenly recalled why I left engineering. Stubborn as I am, I tried too many times and after repeated failures I got angry. When my colleague asked me how the review process was going I had to admit my defeat and finally asked for help. Luckily, we have an internal channel and when I broadcasted by SSH shortcomings, I had an answer to my problems within 60 seconds! This fast response was due to several people contributing to the solution before me and I just got their conclusions in a nice summary. After a bit of fiddling with new key generation I was back on track! It turned out to be a shortcoming of the NSO installation program that failed to recognize the new key format in OpenSSH version that comes with Mojave!
Think about how much time and effort you can save by using collective intelligence in a community, but don’t forget that your contribution matters! Writing this blog post is my contribution!
The example I was running: /examples.ncs/getting-started/using-ncs/1-simulated-ciso-ios
The error message:Unable to negotiate with 127.0.0.1 port 2024: no matching host key type found. Their offer:
* ssh-keygen(1): write OpenSSH format private keys by default instead of using OpenSSL's PEM format. The OpenSSH format, supported in OpenSSH releases since 2014 and described in the PROTOCOL.key file in the source distribution, offers substantially better protection against offline password guessing and supports key comments in private keys. If necessary, it is possible to write old PEM-style keys by adding "-m PEM" to ssh-keygen's arguments when generating or updating a key.
So, generate new keys in your install directory (in both NSO and Netsim directories) with -m pem and you will be back to normal.
When querying via RESTCONF to NSO for an empty list, NSO returns with 204 NoContent. I was not able to find this behavior in the RFC8040 and I am getting challenged on why not to send 200OK and an empty JSON/XML.
Do we have any clear reference for ...
I want to create a NSO service that uses grouping from 3rd party YANG model. However, this model uses a lot of absolute leafref path references that need to be changed. Although it could be done manually with substantial effort, I would like to...
Does anybody know what might cause ncs_cli to exit executing commend with: "*** CLOSE TIMEOUT ***" error message.
This might happen executing pretty much any long running command, i.e.:
echo "devices sync-from" | ncs_cli -C --user admin --stop-on-e...
Is there any pre-cooked way to get the size of a list via RESTCONF? For example, I need to get the number of devices in NSO.
I am now using the query API. but I wonder if we could use xpath in any clever way.
curl -X ...