cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4849
Views
5
Helpful
22
Replies

Delete an ACL entry with ydk

thanhuwng
Level 1
Level 1

Hi all, does anyone have a working ydk python script to remove an ACL entry in an existing ACL on IOS-XR 6.1.3? I've tried using CRUD DELETE and ydk.types DELETE, both to no avail. I'm using Cisco-IOS-XR-ipv4-acl-cfg.yang model. Appreciate your help.

thanks

Hung

22 Replies 22

Thanks Einar and Santiago for looking into this.

The issue is on an IOS-XRv version 6.3.1.12I in my lab. I've tried pulling running-config from an IOS-XRv 9000 version 6.1.2 and I don't see the issue. Below is the output of the authentication config from IOS-XRv 9000 in my lab.

<aaa xmlns="http://tail-f.com/ns/aaa/1.1">

   <authentication>

    <users>

     <user>

      <name>hung</name>

      <uid>9000</uid>

      <gid>100</gid>

      <password>$1$b1NO$7sg6B6P7ygIaXuEohrPnv0</password>

      <ssh_keydir>/var/confd/homes/hung/.ssh</ssh_keydir>

      <homedir>/var/confd/homes/hung</homedir>

     </user>

Hope it helps Cisco XR team further to localise the issue.

thanks

Hung

That is very helpful, thanks!

Hung,

Spoken to the AAA team, and they inform me that there may have already been a fix for this issue that went into 6.3.1.22I. Can you upgrade your image and see if the issue has been addressed?

Cheers,

Einar

Hi Einar,

I don't have access to 6.3.1.22I. I use EVE-NG and it happens to have xrv-xtc image which is 6.3.1.12I so I can't try 6.3.1.22I. However, I just realise that 6.3.1 is a development image - I intend to use a stable image rather than a development one. I've tried loading IOX XRv 6.1.2 and there is no XML encoding issue. I'll use XRv 6.1.2 from now.

Thanks for your help.

regards

Hung

Ok, thanks for letting me know.

I think I've seen that error when retrieving operational data, but not configuration.  It'd be great i you can reproduce and point to the piece of data causing the issue.  It could be a defect on IOS XR side.

    from ydk.services import CRUDService

    from ydk.providers import NetconfServiceProvider

    from ydk.models.cisco_ios_xr import Cisco_IOS_XR_ifmgr_cfg \

    as xr_ifmgr_cfg

    provider = NetconfServiceProvider(address=device.hostname,

                                      port=device.port,

                                      username=device.username,

                                      password=device.password,

                                      protocol=device.scheme)

    # create CRUD service

    crud = CRUDService()

    interface_configurations = xr_ifmgr_cfg.InterfaceConfigurations()  # create object

    interface_foo = xr_ifmgr_cfg.InterfaceConfigurations.InterfaceConfiguration()

    interface_foo.ipv4_packet_filter.inbound.acl_name_array.append('FOO')

    interface_configurations.interface.append(interface_foo)

    # read data from NETCONF device

    interface_configurations = crud.read(provider, interface_configurations)

Something like the above is the equivalent YDK python script for a CRUD read of the data.

Hi Hung,

You can perform a CRUD read to read specific data from the targeted device. See this example: ydk-py-samples/nc-read-xr-ipv4-acl-cfg-10-ydk.py at master · CiscoDevNet/ydk-py-samples · GitHub

Note that in the above sample, you need to uncomment the line 78 and add your code to process the read data on line 42.