12-09-2015 03:34 AM
Hi All,
I am trying to connect to the CISCO IOS-XR (ASR 9000 series) device using netconf over ssh but it's not successful.
I am able to see the hello message from device when I pass the hello message with capabilities it's closing the connection. Please see the details below.
ssh cisco@192.xx.xx.xx -s netconf
cisco@192.xx.xx.xx's password:
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.1</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring</capability>
<capability>urn:ietf:params:netconf:capability:candidate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.1</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-cdp-cfg?module=Cisco-IOS-XR-cdp-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-cdp-oper?module=Cisco-IOS-XR-cdp-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-crypto-sam-cfg?module=Cisco-IOS-XR-crypto-sam-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-crypto-sam-oper?module=Cisco-IOS-XR-crypto-sam-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ha-eem-cfg?module=Cisco-IOS-XR-ha-eem-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ha-eem-oper?module=Cisco-IOS-XR-ha-eem-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ifmgr-cfg?module=Cisco-IOS-XR-ifmgr-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ifmgr-oper?module=Cisco-IOS-XR-ifmgr-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-infra-infra-cfg?module=Cisco-IOS-XR-infra-infra-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ip-domain-cfg?module=Cisco-IOS-XR-ip-domain-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ip-domain-oper?module=Cisco-IOS-XR-ip-domain-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ip-iarm-datatypes?module=Cisco-IOS-XR-ip-iarm-datatypes&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv4-io-cfg?module=Cisco-IOS-XR-ipv4-io-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv4-io-oper?module=Cisco-IOS-XR-ipv4-io-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv4-ma-cfg?module=Cisco-IOS-XR-ipv4-ma-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv4-ma-oper?module=Cisco-IOS-XR-ipv4-ma-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv4-ma-subscriber-cfg?module=Cisco-IOS-XR-ipv4-ma-subscriber-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv6-ma-cfg?module=Cisco-IOS-XR-ipv6-ma-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv6-ma-oper?module=Cisco-IOS-XR-ipv6-ma-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv6-ma-subscriber-cfg?module=Cisco-IOS-XR-ipv6-ma-subscriber-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-lib-keychain-cfg?module=Cisco-IOS-XR-lib-keychain-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-lib-keychain-oper?module=Cisco-IOS-XR-lib-keychain-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-man-netconf-cfg?module=Cisco-IOS-XR-man-netconf-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-man-xml-ttyagent-cfg?module=Cisco-IOS-XR-man-xml-ttyagent-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-man-xml-ttyagent-oper?module=Cisco-IOS-XR-man-xml-ttyagent-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-parser-cfg?module=Cisco-IOS-XR-parser-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-qos-ma-cfg?module=Cisco-IOS-XR-qos-ma-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-qos-ma-oper?module=Cisco-IOS-XR-qos-ma-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-rgmgr-cfg?module=Cisco-IOS-XR-rgmgr-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-rgmgr-oper?module=Cisco-IOS-XR-rgmgr-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-shellutil-cfg?module=Cisco-IOS-XR-shellutil-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-shellutil-oper?module=Cisco-IOS-XR-shellutil-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-subscriber-infra-tmplmgr-cfg?module=Cisco-IOS-XR-subscriber-infra-tmplmgr-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-management-cfg?module=Cisco-IOS-XR-tty-management-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-management-datatypes?module=Cisco-IOS-XR-tty-management-datatypes&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-management-oper?module=Cisco-IOS-XR-tty-management-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-server-cfg?module=Cisco-IOS-XR-tty-server-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-server-oper?module=Cisco-IOS-XR-tty-server-oper&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-vty-cfg?module=Cisco-IOS-XR-tty-vty-cfg&revision=2013-07-22</capability>
<capability>http://cisco.com/ns/yang/cisco-xr-types?module=Cisco-IOS-XR-types&revision=2013-07-22</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-inet-types?module=ietf-inet-types&revision=2013-07-15</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-yang-types?module=ietf-yang-types&revision=2013-07-15</capability>
</capabilities>
<session-id>21147</session-id>
</hello>
]]>]]><hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.1</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring</capability>
<capability>urn:ietf:params:netconf:capability:candidate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.1</capability></capabilities></hello>
]]>]]>
<rpc message-id="1" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><get><filter><AdminOperational><Platform/></AdminOperational></filter></get></rpc>
Connection to 192.xxx.xx.xx closed by remote host.
I tried checking the logs to debug the issue but I am not able to understand much out of that.
Here is the snippet of logs from the netconf-yang trace logs: From the logs I am able to make out that it's validing the hello message sent to device and it's showing as success (Hello message validation success)
[12/08/15 13:13:15.624 EST c85 12931429] nc_sm_rcv_eom:4089 EOM received, data (len:468): '<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.1</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring</capability>
<capability>urn:ietf:params:netconf:capability:candidate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.1</capability></capabilities></hello>'
[12/08/15 13:13:15.624 EST c86 12931429] nc_sm_hello_validate:2887 found capability: urn:ietf:params:netconf:base:1.1
[12/08/15 13:13:15.624 EST c87 12931429] nc_sm_hello_validate:2892 Found matching NC 1.1 capability
[12/08/15 13:13:15.624 EST c88 12931429] nc_sm_hello_validate:2887 found capability: urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring
[12/08/15 13:13:15.624 EST c89 12931429] nc_sm_hello_validate:2887 found capability: urn:ietf:params:netconf:capability:candidate:1.0
[12/08/15 13:13:15.624 EST c8a 12931429] nc_sm_hello_validate:2887 found capability: urn:ietf:params:netconf:capability:rollback-on-error:1.0
[12/08/15 13:13:15.624 EST c8b 12931429] nc_sm_hello_validate:2887 found capability: urn:ietf:params:netconf:capability:validate:1.1
[12/08/15 13:13:15.624 EST c8c 12931429] nc_sm_rcv_eom:4099 Hello message validation success
[12/08/15 13:13:25.712 EST 31c 12931429] TRC: yfw_req_proc.c:305:yfw_req_session_stop ctx=1000a91c,ses=100df0d8,op=12,session stop success, removed session-id=21147
[12/08/15 13:13:25.712 EST 31d 12931429] DBG: me.c:12083:me_session_destroy ctx=1000b9b8,session destroy sctx=100da4b4
[12/08/15 13:13:25.712 EST c8d 13259116] nc_px_fdin_handler:1243 SSH PIPE INPUT cond: 0x1, fd 40, ctx 42075c0
[12/08/15 13:13:25.712 EST c8e 13259116] nc_px_fdin_handler:1278 CLIENT read: 151
[12/08/15 13:13:25.712 EST c8f 13259116] nc_px_netconf_data_flush:698 CLIENT->SERVER 151
[12/08/15 13:13:25.712 EST c90 12931429] nc_ssh_frame_decode_chunked:135 Expected byte 35, received 60
[12/08/15 13:13:25.712 EST c91 12931429] nc_ssh_decode_cb:563 Failed to extract frame from input buffer
[12/08/15 13:13:25.712 EST c92 12931429] nc_sm_pxs_readable_msg_handle:5518 Decoding of incoming NETCONF data failed: 'Netconf server' detected the 'warning' condition 'Invalid argument'
[12/08/15 13:13:25.712 EST c93 12931429] nc_sm_pxs_readable_handle:5575 Failed to handle SSH IPC message: 'Netconf server' detected the 'warning' condition 'Invalid argument', msg:101aca98, session:1025ed60
[12/08/15 13:13:25.712 EST c94 12931429] nc_sm_session_find_session_id:1349 Found session 21147 1025ed60
[12/08/15 13:13:25.717 EST 31e 12931429] TRC: me_bk_sysdb_bag_decoder.c:3386:me_bk_sysdb_bag_cache_flush ctx=1000bf20,Flushing bag cache.
[12/08/15 13:13:25.717 EST 31f 12931429] TRC: me_bk_sysdb_packed_decoder.c:1119:me_bk_sysdb_pack_cache_flush ctx=1000bf20,Flushing pack cache.
[12/08/15 13:13:25.717 EST 320 12931429] DBG: me_backend_sysdb.c:1287:sysdb_backend_session_drop ctx=1000bf20,SysDB backend session dropped (100afa50).
[12/08/15 13:13:25.717 EST c95 12931429] nc_sm_session_close:6008 Closing IPC hndl: 101b53bc
[12/08/15 13:13:25.717 EST c96 13259116] nc_px_ipc_notify_callback_fn_v2:1023 IPC connection with NETCONF daemon has closed
Any pointers to debug the issue will be useful.
Thanks,
Pradeep
04-11-2017 03:20 AM
Hi,
I have the same problem. Did you solve it?
Best Regards,
Kamil
05-22-2017 03:24 AM
Kamil,
Sorry for the late reply.
Yes, its solved for me.
Basically we need to communicate with the device using netconf1.1 protocol (https://tools.ietf.org/html/rfc6242) for more details.
-Pradeep
06-11-2019 05:22 PM
05-15-2024 02:35 AM
Hi @luis.garcia ,
Were you able to solve the issue. If so, can you kindly share the solution.
09-04-2023 09:44 AM
Hi @smartpradeep235 did you get solution for this ? once netconf session is established with server and capabilities exchanged , netconf server(router) not responding to any query sent from client.
Regards
Prathi
05-15-2024 02:23 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide