Solved: Multiversion LSA issues adding network device to 4.7.11 RFN failing

u.avsec · ‎06-22-2022

Hi.

We have a 5.8.1 CFN configured with two RFNs, one with 5.8.1 and the other with 4.7.11 (this one will have to stay on this version for a while because of... reasons). CFN has cisco-nso-nc-4.7 and cisco-nso-nc-5.8 packages added and reloaded, RFNs are configured and are pushing custom made services as part of LSA.

Here comes the interesting part. I would like to add network devices to RFNs while sitting in CFN CLI. Works for 5.8.1 RFN just fine. 4.7.11 RFN however is coughing:

prompt(config)# load merge terminal 
Loading.
devices device rfs-4.7.11
 config
  devices device test
   address   127.0.0.1
   authgroup default
   device-type cli ned-id cisco-ios
   device-type cli protocol ssh
  !
 !
!

0 bytes parsed in 3.69 sec (0 bytes/sec)
prompr(config)# commit dry-run 
Aborted: RPC error towards rfs-4.7.11: data_missing: for /ncs:devices/ncs:device[ncs:name='test']/ncs:device-type/ncs:cli/ncs:ned-id: /devices/device[name='test']/device-type/cli/ned-id is not configured

I traced netconf and indeed I see the message going out to the RFN wanting to config the 'test' device and RFN responding with ned-id as not being there.

>>>>out 22-Jun-2022::16:18:43.421 user: uavsec thandle 13785 hostname cfs-nso device rfs-4.7.11 session-id=151167
<?xml version="1.0" encoding="UTF-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="2">
<edit-config xmlns:nc='urn:ietf:params:xml:ns:netconf:base:1.0'><target><running/></target><test-option>set</test-option><error-option>rollback-on-error</error-option><with-inactive xmlns="http://tail-f.com/ns/netconf/inactive/1.0"/><config>
<devices xmlns="http://tail-f.com/ns/ncs"><device><name>test</name><authgroup>default</authgroup><address>127.0.0.1</address><device-type><cli><protocol>ssh</protocol><ned-id>cisco-ios</ned-id></cli></device-type></device></devices></config></edit-config>
</rpc>

>>>>out 22-Jun-2022::16:18:43.421 user: uavsec thandle 13785 hostname cfs-nso device rfs-4.7.11 session-id=151167
EOM

>>>>out 22-Jun-2022::16:18:43.421 user: uavsec thandle 13785 hostname cfs-nso device rfs-4.7.11 session-id=151167
<?xml version="1.0" encoding="UTF-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="3">
<prepare-transaction xmlns="http://tail-f.com/ns/netconf/transactions/1.0"><dry-run xmlns="http://tail-f.com/ns/netconf/ncs"><outformat>cli</outformat>
</dry-run>
</prepare-transaction>
</rpc>

>>>>out 22-Jun-2022::16:18:43.422 user: uavsec thandle 13785 hostname cfs-nso device rfs-4.7.11 session-id=151167
EOM

<<<<in 22-Jun-2022::16:18:43.427 user: uavsec thandle 13785 hostname cfs-nso device rfs-4.7.11 session-id=151167

#629
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="2"><rpc-error>
<error-type>application</error-type>
<error-tag>invalid-value</error-tag>
<error-severity>error</error-severity>
<error-path xmlns:ncs="http://tail-f.com/ns/ncs" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">
    /nc:rpc/nc:edit-config/nc:config/ncs:devices/ncs:device[ncs:name='test']/ncs:device-type/ncs:cli/ncs:ned-id
  </error-path><error-message xml:lang="en">"cisco-ios" is not a valid value.</error-message><error-info><bad-element>ned-id</bad-element>
</error-info>
</rpc-error>
</rpc-reply>
##


<<<<in 22-Jun-2022::16:18:43.429 user: uavsec thandle 13785 hostname cfs-nso device rfs-4.7.11 session-id=151167

#581
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="3"><rpc-error>
<error-type>application</error-type>
<error-tag>data-missing</error-tag>
<error-severity>error</error-severity>
<error-path xmlns:ncs="http://tail-f.com/ns/ncs">
    /ncs:devices/ncs:device[ncs:name='test']/ncs:device-type/ncs:cli/ncs:ned-id
  </error-path><error-message xml:lang="en">/devices/device[name='test']/device-type/cli/ned-id is not configured</error-message><error-info><bad-element>ned-id</bad-element>
</error-info>
</rpc-error>
</rpc-reply>
##

On the RFN I can see the cisco-ios NED

prompt(config)# devices device test address 127.0.0.1 device-type cli ned-id cisco-
Possible completions:
  cisco-asa  cisco-ios  cisco-ios-xr

Any similar experiences?

Nabsch · ‎06-22-2022

Hello,

I manage to fix your issue by changing the payload

devices device rfs-4.7.11
 config
  devices device test
   address   127.0.0.1
   authgroup default
   device-type cli ned-id ios-id:cisco-ios
   device-type cli protocol ssh
  !
 !
!

Here a way to find such LSA payload. You can add the device directly in the RFS then perform a sync-from in the CFS and do a show command in order to get the payload.

In order to find the payload, i added a device directly on the RFS then i performed a sync-from then a show on this device from CFS

On the RFS

admin@ncs-rfs# show ncs-state ver
ncs-state version 4.7.11
admin@ncs-rfs# show running-config devices device TOTO | de-select config
devices device TOTO
 address   localhost
 authgroup default
 device-type cli ned-id cisco-ios
 state admin-state unlocked
!

On the CFS

admin@ncs-cfs# show ncs-state ver
ncs-state version 5.8.1
admin@ncs-cfs# show running-config devices device rfs-4.7.11 config devices device TOTO
devices device rfs-4.7.11
 config
  devices device TOTO
   address   localhost
   authgroup default
   device-type cli ned-id ios-id:cisco-ios
   state admin-state unlocked
  !
 !
!

admin@ncs-cfs(config)# load merge terminal
Loading.

devices device rfs-4.7.11
 config
  devices device test
   address   127.0.0.1
   authgroup default
   device-type cli ned-id cisco-ios
   device-type cli protocol ssh
  !
 !
!
0 bytes parsed in 7.38 sec (0 bytes/sec)

admin@ncs-cfs(config)# commit dry-run
Aborted: RPC error towards rfs-4.7.11: data_missing: for /ncs:devices/ncs:device[ncs:name='test']/ncs:device-type/ncs:cli/ncs:ned-id: /devices/device[name='test']/device-type/cli/ned-id is not configured
admin@ncs-cfs(config)# show configuration
devices device rfs-4.7.11
 config
  devices device test
   address   127.0.0.1
   authgroup default
   device-type cli ned-id cisco-ios
   device-type cli protocol ssh
  !
 !
!
admin@ncs-cfs(config)# devices device rfs-4.7.11
admin@ncs-cfs(config-device-rfs-4.7.11)# config
admin@ncs-cfs(config-config)# devices device test
admin@ncs-cfs(config-device-test)# device-type cli ned-id ios-id:cisco-ios
admin@ncs-cfs(config-device-test)# top
admin@ncs-cfs(config)# show configuration
devices device rfs-4.7.11
 config
  devices device test
   address   127.0.0.1
   authgroup default
   device-type cli ned-id ios-id:cisco-ios
   device-type cli protocol ssh
  !
 !
!
admin@ncs-cfs(config)# commit dry-run
cli {
    local-node {
        data  devices {
                  device rfs-4.7.11 {
                      config {
                          devices {
             +                device test {
             +                    address 127.0.0.1;
             +                    authgroup default;
             +                    device-type {
             +                        cli {
             +                            ned-id ios-id:cisco-ios;
             +                            protocol ssh;
             +                        }
             +                    }
             +                }
                          }
                      }
                  }
              }
    }
    lsa-node {
        name rfs-4.7.11
        data  devices {
             +    device test {
             +        address 127.0.0.1;
             +        authgroup default;
             +        device-type {
             +            cli {
             +                ned-id cisco-ios;
             +                protocol ssh;
             +            }
             +        }
             +    }
              }
    }
}

admin@ncs-cfs(config)# commit
Commit complete.

View solution in original post

Nabsch · ‎06-22-2022