OcNOS®

Open Compute
Network Operating System
for Service Providers
Version 4.0

NetConf User Guide

January 2021

IP Infusion Inc. Proprietary

© 2021 IP Infusion Inc. All Rights Reserved.

This documentation is subject to change without notice. The software described in this document and this documentation
are furnished under a license agreement or nondisclosure agreement. The software and documentation may be used or
copied only in accordance with the terms of the applicable agreement. No part of this publication may be reproduced, stored
in a retrieval system, or transmitted in any form or any means electronic or mechanical, including photocopying and
recording for any purpose other than the purchaser's internal use without the written permission of IP Infusion Inc.

IP Infusion Inc.
3965 Freedom Circle, Suite 200
Santa Clara, CA 95054
+1 408-400-1900
http://www.ipinfusion.com/

For support, questions, or comments via E-mail, contact:

[email protected]

Trademarks:
IP Infusion, OcNOS, VirNOS, ZebM, ZebOS, and ZebOS-XP are trademarks or registered trademarks of IP Infusion. All
other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective
owners.

Use of certain software included in this equipment is subject to the IP Infusion, Inc. End User License Agreement at http://
www.ipinfusion.com/license. By using the equipment, you accept the terms of the End User License Agreement.

ii IP Infusion Inc. Proprietary

Contents

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v
Related Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v
Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v
Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v
CHAPTER 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
CHAPTER 2 NetConf Quick Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
NetConf Clients. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Install Yangcli . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Download Yang files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10

CHAPTER 3 Yangcli Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Establish Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Configure the Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Limitations to Default-operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Retrieve Candidate Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Commit Candidate Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
Retrieve Running Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
Retrieve Running Configuration and State Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
Copy Running Configuration to Startup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
Error Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
Warning Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Candidate Configuration store lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Startup configuration store lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18
Running configuration store lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18
Force unlock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18
Sys-reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Sys-shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19

CHAPTER 4 Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Discard Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Commit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Transaction Limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
CHAPTER 5 NetConf Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Retrieve YANG Schema . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Error Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Retrieving Schema List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26

CHAPTER 6 URL Capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Limitations:. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27
<copy-config> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

© 2021 IP Infusion Inc. Proprietary iii

Contents

Local file to Candidate configuration store . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Copy-config Error Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
<edit-config>. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
<delete-config>. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Delete-config Error Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

CHAPTER 7 Event Notification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Client Notification Subscription . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
netconf-config-change . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
netconf-capability-change . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
netconf-session-start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
netconf-session-end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

CHAPTER 8 Validate Capability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

CHAPTER 9 Supported Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
CHAPTER 10 SSH Client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Establish a Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Send Client Help Message to NetConf Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Appendix A Yang Patch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

iv © 2021 IP Infusion Inc. Proprietary

Preface

This guide describes how to configure NetConf in OcNOS.

Audience
This guide is intended for network administrators and other engineering professionals who configure NetConf.

Conventions
Table P-1 shows the conventions used in this guide.

Table P-1: Conventions

Convention Description

Italics Emphasized terms; titles of books

Note: Special instructions, suggestions, or warnings

monospaced type Code elements such as commands, functions, parameters, files, and directories

Related Documents
The following guides are related to this document:
• NetConf Command Reference

Support
For support-related questions, contact [email protected].

Comments
If you have comments, or need to report a problem with the content, contact [email protected].

© 2021 IP Infusion Inc. Proprietary v

Preface

vi © 2021 IP Infusion Inc. Proprietary

CHAPTER 1 Introduction

This document describes managing OcNOS devices using NetConf.

This document is intended for network administrators and other engineering professionals who configure and manage
devices running OcNOS.
There are three different northbound applications (CLI, NetConf, and SNMP) in OcNOS. All the northbound
applications are text-based, with each command usually associated to a specific task.
OcNOS NetConf supports transactions as described in Chapter 4, Transactions.

© 2021 IP Infusion Inc. Proprietary 7

Introduction

8 © 2021 IP Infusion Inc. Proprietary

CHAPTER 2 NetConf Quick Start

The NetConf protocol defines a simple mechanism through which a network device can be managed, configuration
data information can be retrieved, and new configuration data can be uploaded.
NetConf uses a simple RPC-based mechanism to communicate between a client and a server. The client can be a
script or application typically running as part of a network manager. The server is usually a network device.
A NetConf session is the logical connection between a network administrator or network configuration application and
a network device. A device must support at least one NetConf session and can support multiple sessions. Global
configuration attributes can be changed during any session and the effects are visible in all sessions. The candidate
and running and startup configuration are shared across all the sessions.
Note: A detailed list of protocol modules supported through NetConf is in the NetConf command reference.

NetConf Clients
The OcNOS NetConf solution is tested using the OpenYuma Yangcli and netopeer CLI applications. In this document,
the OpenYuma Yangcli application is used to demonstrate NetConf operations.
Refer to the standard Yangcli operations at:
https://github.com/OpenClovis/OpenYuma/blob/master/netconf/doc/yuma_docs/openyuma-yangcli- manual.odt
Yang modules for NetConf clients can be downloaded from:
https://github.com/IPInfusion/OcNOS/tree/OcNOS-SP-3.0/yang-files/qumran
Note: The following points are to be considered while using NetConf get-config and get operations.
• To improve the readability of the output, the subtree filter based sget-config and sget operations are used
in this document
• Yangcli's get and get-config operation time out while retrieving large amount of data, To handle this, either
increase the timeout option of Yangcli, or use subtree filters used to limit the data.
• A Yangcli operation can end abruptly while fetching large amount of data. This is purely Yangcli's own
system resource limitation check. To overcome this, use subtree filters or the simple SSH client.
• Yangcli is not parsing float value correctly when the value range is in between 0 to -1.
SSH client usage is explained in Chapter 10, SSH Client.

Install Yangcli
1. Check out the git repository, using the commit e8a7bf3f2b09946880ce014fd756bcd945b0c713.

2. Apply the patch in Appendix A, Yang Patch.

3. Compile and install Open Yuma components. Refer to the README for more details.

© 2021 IP Infusion Inc. Proprietary 9

NetConf Quick Start

Download Yang files

Download the Yang files from the website:
https://github.com/IPInfusion/OcNOS/tree/OcNOS-SP-3.0/yang-files/qumran
Copy the files to /usr/share/yuma/modules/netconfcentral on the host machine where the client application runs. This
system path only works with OpenYuma's Yangcli client application. If you are running a different client application,
follow the respective reference document to copy the Yang files to the appropriate location.

10 © 2021 IP Infusion Inc. Proprietary

CHAPTER 3 Yangcli Operations

Establish Connection
These are the steps to establish a connection between the NetConf client and the server that is running on the device.
# yangcli server=<ip_address> user=<user_name> password=<password>
ip_address: Address of the device to be managed
user_name & password: User account detail for authentication
The interactive version of this command is shown below:
# yangcli yangcli> connect

Enter string value for leaf <user>

yangcli:connect> <user_name>

Enter string value for leaf <server>

yangcli:connect> <ip_address>

Enter string value for leaf <password>

yangcli:connect> <password>

Configure the Device

Configuration details are placed in an XML file and sent to the netconfd server. You must refer to the OcNOS
NetConf Config Guide to prepare the XML based configuration file with the correct hierarchy. If the hierarchy
is not correct, yangcli throws an error.
One portion of the BGP protocol module Yang model is presented below. This module is a submodule for the parent
ZebOS yang module.
submodule bgp {belongs-to zebos { prefix zebos; }
include interface;
include vrf;
import cml_data_types {
prefix cml_data_types;
}
revision "2015-04-25" {
description "Revised on 2015-04-25.";}

grouping bgp-grouping {
list bgp {
description "bgp";
config true; key "bgpAs"; leaf vrId {
mandatory false;
type leafref {
path "/vr/vrId";
}

© 2021 IP Infusion Inc. Proprietary 11

Yangcli Operations

}
}// END of vrId definition.
…
leaf keepAlive{
mandatory false;
type cml_data_types:CML_UINT16_T {
range "0..65535";
}
default "30";
config true;
} // END of keepAlive definition.

leaf holdTime{
mandatory false;
type cml_data_types:CML_UINT16_T {
range "0..65535";
...
}
default "90";
config true;
} // END of holdTime definition.

} // END of bgpDebug-grouping definition

Based on the hierarchy in the Yang module, the following XML file named bgp.xml is created with the configuration
data. The bgp.xml file is referenced in the edit-config operation specified below.
<vr xmlns="http://www.ipinfusion.com/CMLSchema/zebos">
<vrId>0</vrId>
<bgp>
<bgpAs>100</bgpAs>
<keepAlive>60</keepAlive>
<holdTime>180</holdTime>
</bgp>
</vr>
Use this command to globally set or reset the keepalive and holdtime values for all the neighbors.
yangcli [email protected]> edit-config config=@/root/bgp.xml

Filling container /edit-config/input/target:\

RPC OK Reply 15 for session 1:

OcNOS supports hitless NETCONF merge operation. The hitless feature blocks southbound calls to configure the
provisioned configuration if it was already configured. Because of this feature, errors like “QOS already enabled” are
not reported when you try to enable QoS again/repeatedly. Also, southbound calls are blocked when you try to delete/
unset a non-existing configuration.
Configuration objects are merged while provisioning configuration incrementally (different/same attributes) for the
same object. However this cannot be done for attributes or objects having RANGE (such as VLAN range) and
MULTIPLE values (such as OSPF passive interface address) type attributes, therefore they are treated as different
objects and southbound calls are allowed for every individual object. As per hitless functionality, all these objects are
supposed to be merged, and a single object is expected to be sent southbound to do the configuration/un-
configuration. But there will be duplicate calls southbound as was present in earlier releases. This limitation is planned
to be addressed in upcoming releases.

12 © 2021 IP Infusion Inc. Proprietary

 Yangcli Operations

Note: List of payloads required to configure the switch is documented in NetConf Command Reference guide.
To disable QoS, use edit-config's MERGE operation (default-operation=merge) with the below payload:
<qos>
<qosGlobal>
<state>disable</state>
</qos>
</qosGlobal>

Limitations to Default-operations
1. Only “merge” is supported as default-operation (<default-operation>merge</default-operation).

2. Only “delete” is supported as default-operation at node and attribute-level (operation=”delete”).

Figure 3-1: Edit-config operations

Retrieve Candidate Configuration

Candidate configuration datastore is used to hold configuration data that can be manipulated without impacting the
device's current configuration. The candidate configuration is a full configuration data set that serves as a work place
for creating and manipulating configuration data. Additions, deletions, and changes can be made to this data to
construct the desired configuration data.
Note: All NETCONF clients share the single candidate configuration store.
>sget-config /vr/bgp source=candidate
Filling list /vr/bgp:
RPC Data Reply 1 for session 2:

rpc-reply {

© 2021 IP Infusion Inc. Proprietary 13

Yangcli Operations

data {
vr {
bgp 100 {
bgpAs 100
holdTime 180
keepAlive 60
}
}
}
}

Commit Candidate Configuration

A <commit> operation can be performed at any time that causes the device's running configuration to be set to the
value of the candidate configuration.
yangcli [email protected]> commit

RPC OK Reply 16 for session 1

Retrieve Running Configuration

Configuration data is the set of writable data that is required to transform a system from its initial default state into its
current state. You can use the get-config operation to fetch the running configuration data.
>sget-config /vr/bgp source=running
Filling list /vr/bgp:
RPC Data Reply 1 for session 2:

rpc-reply {
data {
vr {
bgp 100 {
bgpAs 100
holdTime 180
keepAlive 60
}
}
}
}

Retrieve Running Configuration and State Data

State data is the additional data on a system that is not configuration data such as read-only status information and
collected statistics. You can use the get operation to fetch a protocol module's running configuration and state data.
>sget /vr/bgp rpc-reply {
data {
vr {

14 © 2021 IP Infusion Inc. Proprietary

 Yangcli Operations

bgp 100 {
bgpAs 100
holdTime 180
keepAlive 60
routerRunIpAddr 10.12.7.141
ntwkPrefixCount 0
bgpTableVersion 1
}
}
}
}

Copy Running Configuration to Startup

> copy-config source=running target=startup
The equivalent OcNOS command is
# write

Error Messages
NetConf operations return protocol, management layer, and protocol module errors. The example below depicts an
error returned by a protocol module.
Copy the content below into bgp_err.xml.
<vr xmlns="http://www.ipinfusion.com/CMLSchema/zebos">
<vrId>0</vrId>
<bgp>
<bgpAs>1</bgpAs>
<keepAlive>300</keepAlive>
<holdTime>200</holdTime>
</bgp>
</vr>
Execute the following command and commit the changes:
yangcli [email protected]> edit-config config=@/root/bgp_err.xml

Filling container /edit-config/input/target: RPC OK Reply 12 for session 1:

yangcli [email protected]> commit

mgr_rpc: got invalid reply on session 1 (invalid XPath expression syntax) RPC
Error
Reply 13 for session 1:

rpc-reply {
rpc-error {
error-type application
error-tag operation-failed
error-severity error
error-app-tag general-error
error-message '%% BGP is already running, AS is 100'

© 2021 IP Infusion Inc. Proprietary 15

Yangcli Operations

error-info {
error-number 4294930313
}
}

Warning Messages
NetConf operations return protocol module warnings. The example below depicts a warning returned by a protocol
module.
Copy the content below into bgp_warn.xml
<vr xmlns="http://www.ipinfusion.com/CMLSchema/zebos">
<vrId>0</vrId>
<bgp>
<bgpAs>100</bgpAs>
<bgpPeer>
<peerAddr>5.5.5.5</peerAddr>
<peerKeepAlive>4</peerKeepAlive>
<peerHoldTime>5</peerHoldTime>
<peerAs>300</peerAs>
</bgpPeer>
</bgp>
</vr>
To receive warnings, NetConf client must subscribe to receive notifications.
yangcli [email protected]> create-subscription

RPC OK Reply 3 for session 1:

Execute the following command and commit the changes:

yangcli [email protected]> edit-config config=@/home/ocnos/bgp_warn.xml

Filling container /edit-config/input/target:

RPC OK Reply 4 for session 1:
yangcli [email protected]> commit

RPC OK Reply 6 for session 1:

Incoming notification:
notification {
eventTime 2017-09-20T14:06:13Z
warning-notification {
warningMsg '% The configured holdtime should be at least 3 times the
keepalive time'
}
}

Note: RFC 6241 is not detail enough on how a NETCONF server can report warnings. Hence ZebM is following this
warning reporting method.

16 © 2021 IP Infusion Inc. Proprietary

 Yangcli Operations

Candidate Configuration store lock

Candidate configuration store is shared across all the NetConf clients. Client application must acquire lock if they want
to provision the device without other client's hindrance
NetConf Client 1: locks candidate configuration store.
yangcli [email protected]> lock target=candidate
RPC OK Reply 1 for session 4:
NetConf Client 2: attempts to acquire the lock now, which leads to an access-denied error.
yangcli [email protected]> lock target=candidate
RPC Error Reply 1 for session 5:
rpc-reply {
rpc-error {
error-type protocol
error-tag lock-denied
error-severity error
error-app-tag no-access
error-message 'lock denied'
error-info {
session-id 0
error-number 268
}
}
}
Now error “access-denied” is received by NetConf client 2 when it attempts to provision the device.
yangcli [email protected]> edit-config config=@/home/ospf_payload.xml

Filling list /vr/ospf:

RPC Error Reply 3 for session 4:

rpc-reply {
rpc-error {
error-type application
error-tag in-use
error-severity error
error-app-tag no-access
error-path /nc:rpc/nc:edit-config/nc:config
error-message 'config locked'
error-info {
error-number 301
}
}
}
NetConf client 1 releases the lock
yangcli [email protected]> unlock target=candidate
RPC OK Reply 2 for session 4:
NetConf client 2 can acquire the lock now, since no other client is holding the lock.
yangcli [email protected]> lock target=candidate
RPC OK Reply 2 for session 5:

© 2021 IP Infusion Inc. Proprietary 17

Yangcli Operations

Startup configuration store lock

NetConf client 1 locks startup configuration store
yangcli [email protected]> lock target=startup
RPC OK Reply 14 for session 4:
NetConf client 2 trying to modify the configuration store leads to error.
yangcli [email protected]> copy-config source=running target=startup
RPC Error Reply 10 for session 5:

rpc-reply {
rpc-error {
error-type protocol
error-tag in-use
error-severity error
error-app-tag no-access
error-message 'config locked'
error-info {
error-number 301
}
}
}

Running configuration store lock

Running configuration lock handling across multiple NetConf clients is not supported. But across command line
interface and NetConf clients is supported. Hence this section documentation is skipped for now.

Force unlock
Admin user has provision to forcibly release the lock held by other users on running configuration store. This command
is not supported for candidate and startup configuration stores.
NetConf client 1 locks the running configuration store
yangcli [email protected]> lock target=running
RPC OK Reply 6 for session 6:
Netconf client 2 tries to acquire running configuration store leads to an error.
yangcli [email protected]> lock target=running
RPC Error Reply 21 for session 4:

rpc-reply {
rpc-error {
error-type protocol
error-tag lock-denied
error-severity error
error-app-tag no-access
error-message 'lock denied'
error-info {
session-id 6
error-number 268

18 © 2021 IP Infusion Inc. Proprietary

 Yangcli Operations

}
}
}
NetConf client 2 (network-admin) decides to acquire the lock forcibly.
yangcli [email protected]> force-unlock target=running

RPC OK Reply 22 for session 4:

yangcli [email protected]> lock target=running

RPC OK Reply 23 for session 4:

Force unlock shall be issued with a timer value “after=<0-600> seconds” this command would inform existing lock
holder about his lock expiry timeline.
Neconf client 2 (only network-admin) issues force-unlock command with a timer value of 60 seconds. Now after 60
seconds any other user is allowed to lock the running configuration store.
yangcli [email protected]> force-unlock target=running after=60
RPC OK Reply 10 for session 6:
After 60 or more seconds, client shall issue lock command.
yangcli [email protected]> lock target=running

RPC OK Reply 12 for session 6:

NetConf client 1 receives below notification about his lock expiry. To receive yangcli [email protected]>
Incoming notification:
notification {
eventTime 2017-09-20T19:51:09Z
force_unlock {
message '% Session running config store lock will be released in 60
seconds'
}
}

Sys-reload
Use this RPC to cold restart the device.
Example:
yangcli [email protected]> sys-reload
Enter boolean value for leaf <save-config>
yangcli [email protected]:sys-reload>
false true
yangcli [email protected]:sys-reload> true
RPC OK Reply 1 for session 4:

Sys-shutdown
Use this RPC to shut down the device.
Example:

© 2021 IP Infusion Inc. Proprietary 19

Yangcli Operations

yangcli [email protected]> sys-shutdown

Enter boolean value for leaf <save-config>
yangcli [email protected]:sys-shutdown>
false true
yangcli [email protected]:sys-shutdown>true

20 © 2021 IP Infusion Inc. Proprietary

CHAPTER 4 Transactions

OcNOS supports transaction-oriented configuration management. Transactions are created implicitly by edit-
config operations; commit and discard-changes operations close or terminate the transactions. Successive
edit-config operations are placed in the same transaction.

Discard Changes
Discard the transaction or candidate configuration changes.
yangcli [email protected]> sget-config /vr/ospf source=candidate

Filling list /vr/ospf:

RPC Data Reply 63 for session 2:

rpc-reply {
data {
vr 0 {
vrId 0
ospf 20 {
ospfProcessId 20
}
}
}
}

yangcli [email protected]>

yangcli [email protected]>

edit-config config=@/home/ospf_payload.xml

RPC OK Reply 64 for session 2:

yangcli [email protected]>

yangcli [email protected]> sget-config /vr/ospf source=candidate

Filling list /vr/ospf:

RPC Data Reply 65 for session 2:

rpc-reply {
data {
vr 0 {
vrId 0
ospf 20 {
ospfProcessId 20
}
ospf 25 {
ospfProcessId 25
}

© 2021 IP Infusion Inc. Proprietary 21

Transactions

}
}
}

yangcli [email protected]>

yangcli [email protected]> discard-changes

RPC OK Reply 66 for session 2:

yangcli [email protected]>

yangcli [email protected]> sget-config /vr/ospf source=candidate

Filling list /vr/ospf:

RPC Data Reply 67 for session 2:

rpc-reply {
data {
vr 0 {
vrId 0
ospf 20 {
ospfProcessId 20
}
}
}
}

yangcli [email protected]>

Commit
Commit the transaction or candidate configuration changes.
edit-config config=@/home/ospf_payload.xml

RPC OK Reply 17 for session 2: yangcli [email protected]> commit RPC OK Reply

18 for session 2:
yangcli [email protected]> sget-config /vr/ospf source=running

Filling list /vr/ospf:

RPC Data Reply 19 for session 2:

rpc-reply {
data {
vr {
ospf 0 {
ospfProcessId 0
ospfShutDown true
}
ospf 500 {
ospfProcessId 500
}
}
}

22 © 2021 IP Infusion Inc. Proprietary

 Transactions

Transaction Limit
There is a default transaction limit 5000; however user can increase this value.

Set transaction limit

<set-transaction-limit xmlns="http://ipinfusion.com/ns/zebmcli">
<transaction-limit>6500</transaction-limit>
</set-transaction-limit>
yangcli ocnos@0> set-transaction-limit 6500

RPC OK Reply 1 for session 3:

View transaction limit

yangcli ocnos@0> show-transaction-limit

RPC Data Reply 2 for session 3:

rpc-reply {
transaction-limit 'Max-Transaction Limit is 6500'
}

© 2021 IP Infusion Inc. Proprietary 23

Transactions

24 © 2021 IP Infusion Inc. Proprietary

CHAPTER 5 NetConf Monitoring

OcNOS supports NetConf monitoring to retrieve a schema, which includes module/sub-module and it returns the
requested schema. This can be achieved by <get-schema> operation.

Retrieve YANG Schema

To retrieve a YANG module/sub-module.
Yangcli yangcli [email protected]> get-schema identifier=ipi-zebos

RPC Data Reply 4 for session 1:

rpc-reply {
data '/*
….
<displays module schema here in this field>
…. '
}

Yangcli yangcli [email protected]> get-schema identifier= ipi-zebos-vrf

RPC Data Reply 4 for session 1:

rpc-reply {
data '/*
….
<displays sub-module schema here in this field>
…. '
}

Error Messages
Error is reported, when the requested schema does not exists.
<yangcli [email protected]> get-schema identifier=zeb

RPC Error Reply 1 for session 5:

rpc-reply {
rpc-error {
error-type protocol
error-tag operation-failed
error-severity error
error-app-tag no-matches
error-path /nc:rpc/ncm:get-schema/ncm:identifier
error-message 'no matches found'
error-info {
error-number 365
}

© 2021 IP Infusion Inc. Proprietary 25

NetConf Monitoring

}
}

Retrieving Schema List

OcNOS supports to retrieve schema list from /netconf-state/schemas using the sget command.
yangcli [email protected]> sget /netconf-state/schemas

Filling container /netconf-state/schemas:

RPC Data Reply 4 for session 1:

rpc-reply {
data {
netconf-state {
schemas {
schema cml_data_types 2017-10-03 ncm:yang {
identifier cml_data_types
version 2017-10-03
format ncm:yang
namespace http://www.ipinfusion.com/CMLSchema/cml_data_types
location NETCONF
}
schema feature_list 2015-10-15 ncm:yang {
identifier feature_list
version 2015-10-15
format ncm:yang
namespace http://ipinfusion.com/ns/feature_list
location NETCONF
}
...
...

<Lists all schemas here in this space>

...
...
}
}
}
}

26 © 2021 IP Infusion Inc. Proprietary

CHAPTER 6 URL Capabilities

OcNOS supports: url capability. The URL capability is identified by the following capability string:
"urn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file"
OcNOS supports HTTP, FTP and file schemes under this capability, accordingly following operations are enhanced.
• copy-config
• edit-config
• delete-config

Limitations:
• Copy-config operation with source as URL and target as startup is not supported.
• Operation copy-config with source and target with different URL is not supported.
• Operation copy-config with source as URL and target as running is not supported.
• Operation copy-config with source and target with same URL is not a valid operation.

<copy-config>
Create or replace an entire configuration datastore with the contents of another complete configuration datastore. The
:url capability modifies the <copy-config> operation to accept the <url> element as the value of the <source>
and the <target> parameters. The file that the URL refers to contains the complete datastore, encoded in XML under
the element <config> in the namespace below:
"urn:ietf:params:xml:ns:netconf:base:1.0"

Copy URL configuration to candidate configuration store

As mentioned above, HTTP, FTP and file schemes are supported in URL capability.
Note: Yangcli supports URL option only in interactive mode.

HTTP to Candidate configuration store

Download configuration from HTTP server and copy it to candidate configuration store.
yangcli [email protected]> copy-config target=candidate

Filling container /copy-config/input/source:

Enter the number of the selected case statement:
1: case candidate:
leaf candidate
2: case running:
leaf running
3: case startup:
leaf startup
4: case url:
leaf url
5: case config:
container config

© 2021 IP Infusion Inc. Proprietary 27

URL Capabilities

Enter choice number [1 - 5]:

yangcli [email protected]:copy-config> 4
Enter string value for leaf <url>
yangcli [email protected]:copy-config> http://10.12.12.91:10080/dashboard/
docs/copy_config_test/zebConf.xml
RPC OK Reply 10 for session 1:
Here is the example URL with basic authentication:
http://username:[email protected]:10080/dashboard/docs/copy_config_test/
zebConf.xml

FTP to Candidate configuration store

Download configuration from FTP server and copy it to candidate configuration store.
yangcli [email protected]> copy-config target=candidate
Filling container /copy-config/input/source:
Enter the number of the selected case statement:
1: case candidate:
leaf candidate
2: case running:
leaf running
3: case startup:
leaf startup
4: case url:
leaf url
5: case config:
container config
Enter choice number [1 - 5]:
yangcli [email protected]:copy-config> 4
Enter string value for leaf <url>
yangcli [email protected]:copy-config> ftp://10.12.12.91/config_file/
zebConf.xml
RPC OK Reply 24 for session 1:
Here is the example URL with basic authentication:
ftp://username:[email protected]/config_file/zebConf.xml

Local file to Candidate configuration store

Using file scheme support, user shall copy the configuration from stored local file to candidate configuration store. Here
is the example to copy local file configuration into a candidate configuration store.
Note: Local files should be stored under /root/.yuma/ directory of the device.
yangcli [email protected]> copy-config target=candidate
Filling container /copy-config/input/source:
Enter the number of the selected case statement:
1: case candidate:
leaf candidate
2: case running:
leaf running
3: case startup:
leaf startup
4: case url:
leaf url
5: case config:
container config
Enter choice number [1 - 5]:

28 © 2021 IP Infusion Inc. Proprietary

 URL Capabilities

yangcli [email protected]:copy-config> 4
Enter string value for leaf <url>
yangcli [email protected]:copy-config> file://zebConf.xml
RPC OK Reply 9 for session 1:

Copy candidate configuration store to URL

Herein, Candidate configuration store is chosen to show the procedural steps.
Note: Source configuration store can also be chosen either Running or Startup.

Candidate configuration store to HTTP

Upload configuration to HTTP server from candidate configuration store.
yangcli [email protected]> copy-config source=candidate
Filling container /copy-config/input/target:
Enter the number of the selected case statement:
1: case candidate:
leaf candidate
2: case startup:
leaf startup
3: case url:
leaf url
Enter choice number [1 - 3]:
yangcli [email protected]:copy-config> 3
Enter string value for leaf <url>
yangcli [email protected]:copy-config> http://10.12.12.91:10080/dashboard/docs/
copy_config_test/zebConf.xml
RPC OK Reply 10 for session 1:
Here is the example URL with basic authentication.
http://username:[email protected]:10080/dashboard/docs/copy_config_test/
zebConf.xml

Candidate configuration store to FTP

Upload configuration to FTP server from candidate configuration store.
yangcli [email protected]> copy-config source=candidate
Filling container /copy-config/input/target:
Enter the number of the selected case statement:
1: case candidate:
leaf candidate
2: case startup:
leaf startup
3: case url:
leaf url
Enter choice number [1 - 3]:
yangcli [email protected]:copy-config> 3
Enter string value for leaf <url>
yangcli [email protected]:copy-config> ftp://10.12.12.91/config_file/zebConf.xml

RPC OK Reply 39 for session 1:

Here is the example URL with basic authentication.
ftp://username:[email protected]/config_file/zebConf.xml

© 2021 IP Infusion Inc. Proprietary 29

URL Capabilities

Candidate configuration store to local file

Using file scheme support, user shall create a snapshot of configuration store. Here is the example to copy URL
configuration store into a local file.
Note: Local files are created under /root/.yuma/ directory of the device; support to store files inside a directory is
not supported.
yangcli [email protected]> copy-config source=candidate

Filling container /copy-config/input/target:

Enter the number of the selected case statement:

1: case candidate:
leaf candidate
2: case startup:
leaf startup
3: case url:
leaf url

Enter choice number [1 - 3]:

yangcli [email protected]:copy-config> 3

Enter string value for leaf <url>

yangcli [email protected]:copy-config> file://zebConf.xml

RPC OK Reply 10 for session 1:

Copy-config Error Messages

Following are the error messages belong to URL capability copy-config operation. Invalid authentication, path, IP
address, port number (in case required) and XML file. Here is the example of invalid FTP authentication:
yangcli [email protected]> copy-config target=candidate

Filling container /copy-config/input/source:

Enter the number of the selected case statement:

1: case candidate:
leaf candidate
2: case running:
leaf running
3: case startup:
leaf startup
4: case url:
leaf url
5: case config:
container config

Enter choice number [1 - 5]:

yangcli [email protected]:copy-config> 4

Enter string value for leaf <url>

yangcli [email protected]:copy-config> ftp://:[email protected]/config_file/
zebConf.xml

RPC Error Reply 32 for session 1:

30 © 2021 IP Infusion Inc. Proprietary

 URL Capabilities

rpc-reply {
rpc-error {
error-type rpc
error-tag operation-failed
error-severity error
error-app-tag libxml2-error
error-path /copy-config
error-message 'xml reader start failed'
error-info {
error-number 212
}
}
}

<edit-config>
The <url> element can appear instead of the <config> parameter, The file that the URL refers to contains the
configuration data hierarchy to be modified, encoded in XML under the element <config> in the namespace below:
"urn:ietf:params:xml:ns:netconf:base:1.0"

Edit-config using HTTP

Provision device configuration from HTTP server using edit-config operation.
yangcli [email protected]> edit-config url=http://10.12.12.91:10080/dashboard/docs/
copy_config_test/zebConf.xml

Filling container /edit-config/input/target:

RPC OK Reply 40 for session 1:

yangcli [email protected]> sget-config source=candidate /vr/ospf

Filling list /vr/ospf:

RPC Data Reply 41 for session 1:

rpc-reply {
data {
vr 0 {
vrId 0
ospf 60 {
ospfProcessId 60
}
}
}
}
Here is the example URL with basic authentication.

Edit-config using FTP

Provision device configuration from FTP server using edit-config operation.
yangcli [email protected]> edit-config url=ftp://10.12.12.91/config_file/zebConf.xml

Filling container /edit-config/input/target:

RPC OK Reply 21 for session 1:

© 2021 IP Infusion Inc. Proprietary 31

URL Capabilities

yangcli [email protected]> sget-config source=candidate /vr/ospf

Filling list /vr/ospf:

RPC Data Reply 22 for session 1:

rpc-reply {
data {
vr 0 {
vrId 0
ospf 60 {
ospfProcessId 60
}
}
}
}
Here is the example URL with basic authentication.
ftp://username:[email protected]/config_file/zebConf.xml

Edit-config using local file

Load configuration from the local storage and perform with edit-config operation.Load configuration from the local
storage and perform with edit-config operation.
Note: Local files should be stored under /root/.yuma/ directory of the device.
yangcli [email protected]> edit-config url=file://zebConf.xml

Filling container /edit-config/input/target:

RPC OK Reply 2 for session 1:

yangcli [email protected]> sget-config source=candidate /vr/ospf

Filling list /vr/ospf:

RPC Data Reply 3 for session 1:

rpc-reply {
data {
vr 0 {
vrId 0
ospf 60 {
ospfProcessId 60
}
}
}
}

Edit-config Error Messages

OcNOS throws error messages for invalid authentication, invalid path, invalid IP address, and invalid port number (in
case required) and invalid XML file. Here is the example for invalid FTP authentication.
yangcli [email protected]> edit-config url=ftp://admin:@10.12.12.91/config_file/
zebConf.xml

Filling container /edit-config/input/target:

RPC Error Reply 36 for session 1:

32 © 2021 IP Infusion Inc. Proprietary

 URL Capabilities

rpc-reply {
rpc-error {
error-type rpc
error-tag operation-failed
error-severity error
error-app-tag libxml2-error
error-path /edit-config
error-message 'xml reader start failed'
error-info {
error-number 212
}
}
}

<delete-config>
Delete a configuration store. The <url> element can appear as the <target> parameter.

Delete configuration present in HTTP server

Delete the configuration xml file in HTTP server from the given URL.
yangcli [email protected]> delete-config

Filling container /delete-config/input/target:

Enter the number of the selected case statement:

1: case startup:
leaf startup
2: case url:
leaf url

Enter choice number [1 - 2]:

yangcli [email protected]:delete-config> 2

Enter string value for leaf <url>

yangcli [email protected]:delete-config> http://10.12.12.91:10080/dashboard/
docs/copy_config_test/zebConf.xml

RPC OK Reply 4 for session 3:

Here is the example URL with basic authentication.
http://username:[email protected]:10080/dashboard/docs/copy_config_test/
zebConf.xml

Delete configuration from FTP

Delete the configuration file present in FTP.
yangcli [email protected]> delete-config

Filling container /delete-config/input/target:

Enter the number of the selected case statement:

1: case startup:
leaf startup
2: case url:
leaf url

© 2021 IP Infusion Inc. Proprietary 33

URL Capabilities

Enter choice number [1 - 2]:

yangcli [email protected]:delete-config> 2

Enter string value for leaf <url>

yangcli [email protected]:delete-config> ftp://10.12.12.91/config_file/
zebConf.xml

RPC OK Reply 1 for session 3:

Here is the example URL with basic authentication.
ftp://username:[email protected]/config_file/zebConf.xml

Delete local file

Delete the configuration XML file in the local storage of the device.
Note: Local files are under /root/.yuma/ directory of the device.
yangcli [email protected]> delete-config

Filling container /delete-config/input/target:

Enter the number of the selected case statement:

1: case startup:
leaf startup
2: case url:
leaf url

Enter choice number [1 - 2]:

yangcli [email protected]:delete-config> 2

Enter string value for leaf <url>

yangcli [email protected]:delete-config> file://zebConf.xml

RPC OK Reply 3 for session 1:

Delete-config Error Messages

Following are the error messages related to URL capability delete-config operation. Invalid authentication, invalid
path, invalid IP address, and invalid port number (in case required) and invalid XML file. Here is the example for invalid
FTP authentication.
yangcli [email protected]> delete-config

Filling container /delete-config/input/target:

Enter the number of the selected case statement:
1: case startup:
leaf startup
2: case url:
leaf url

Enter choice number [1 - 2]:

yangcli [email protected]:delete-config> 2

Enter string value for leaf <url>

34 © 2021 IP Infusion Inc. Proprietary

 URL Capabilities

yangcli [email protected]:delete-config> ftp://admin:@10.12.12.91/config_file/

zebConf.xml

RPC Error Reply 9 for session 1:

rpc-reply {
rpc-error {
error-type protocol
error-tag operation-failed
error-severity error
error-app-tag general-error
error-path /nc:rpc/nc:delete-config/nc:target
error-message 'operation failed'
error-info {
bad-value ftp://admin:@10.12.12.91/config_file/zebConf.xml
error-number 274
}
}
}

© 2021 IP Infusion Inc. Proprietary 35

URL Capabilities

36 © 2021 IP Infusion Inc. Proprietary

CHAPTER 7 Event Notification

NETCONF client registers to receiving event notifications from a NETCONF server by creating a subscription. The
NETCONF server begins notifications as events occur within the system if the subscription is successful. These event
notifications will continue to be sent until either the NETCONF session is terminated or the subscription terminates for
some other reason.
There are four types of events supported in NETCONF:

1. netconf-config-change:

2. netconf-capability-change:

3. netconf-session-start:

4. netconf-session-end:
By default the notification will not be received by the client unless the client is not subscribed.

Client Notification Subscription

To subscribe notification, netconf client should send the create-subscription RPC.
Example:
yangcli [email protected]> create-subscription
RPC OK Reply 1 for session 1:
yangcli [email protected]>

netconf-config-change
This notification is generated when the NETCONF server detects that the <running> or <startup> configuration data
store has been changed by a management session. The notification summarizes the edits performed on the above
mentioned data stores.
Note: Currently this kind of event notification is not supported.

netconf-capability-change
This notification is generated when the NETCONF server detects that the <running> or <startup> configuration data
store has been changed by a management session. The notification summarizes the edits performed on the above
mentioned data stores.
Note: Currently this kind of event notification is not supported.
notification {
eventTime 2017-10-24T12:23:42Z
sysCapabilityChange {
changed-by {
userName root

© 2021 IP Infusion Inc. Proprietary 37

Event Notification

sessionId 1
remoteHost 127.0.0.1
}
added-capability http://netconfcentral.org/ns/
toaster?module=toaster&revision=2009-11-20
}
}

netconf-session-start
This notification is generated when a NETCONF server detects client session start. Information present in this
notification indicates the identity of the user.
notification {
eventTime 2017-10-24T12:21:37Z
sysSessionStart {
userName root
sessionId 2
remoteHost 127.0.0.1
}
}

netconf-session-end
This notification is generated when a NETCONF server detects client session termination. Information present in this
notification indicates the identity of the user that owned the session, and why the session was terminated.
notification {
eventTime 2017-10-24T12:22:01Z
sysSessionEnd {
userName root
sessionId 2
remoteHost 127.0.0.1
terminationReason closed
}
}

notification {
eventTime 2017-10-24T12:22:23Z
sysSessionEnd {
userName root
sessionId 3
remoteHost 127.0.0.1
killedBy 1
terminationReason killed
}
}

38 © 2021 IP Infusion Inc. Proprietary

CHAPTER 8 Validate Capability

Validate operation is supported only on the candidate configuration. You get a “feature not supported” error for other
scenarios.
Here is the example of successful validation.
yangcli [email protected]> edit-config config=@/root/config.xml default-
operation=merge
Filling container /edit-config/input/target:
RPC OK Reply 3 for session 2:
yangcli [email protected]>
yangcli [email protected]> validate source=candidate
RPC OK Reply 4 for session 2:

© 2021 IP Infusion Inc. Proprietary 39

Validate Capability

40 © 2021 IP Infusion Inc. Proprietary

CHAPTER 9 Supported Operations

All NetConf operations are captured based on the capability. Hence, any operation falling in multiple capabilities are
documented separately.
Note: Capability “base:1.0” supports candidate and running configuration store.

Table 9-1: Supported Operations

Supported
Capability Operation User Role (Yes/No) Comments

:base:1.0 <get> User, Operator, Yes

Engineer, Admin

:base:1.0 <get> with subtree filter User, Operator, Yes

Engineer, Admin

:base:1.0 <get-config> User, Operator, Yes

Engineer, Admin

:base:1.0 <get-config> source=<target> User, Operator, Yes

Engineer, Admin

:base:1.0 <get-config> with subtree filter User, Operator, Yes

Engineer, Admin

:base:1.0 <edit-config> <target> as Operator, Yes Running configuration as target is not

parameter Engineer, Admin supported because writable-running
capability is not supported; instead,
candidate configuration store is
supported.

:base:1.0 <edit-config> <config> as Operator, Yes

parameter Engineer, Admin

:base:1.0 <edit-config>: <default- Operator, Yes

operation> as merge Engineer, Admin

:base:1.0 <edit-config>: <delete> Operator, Yes Supports attribute-level 'delete'

Engineer, Admin operation only with 'merge' as default-
operation.

:base:1.0 <edit-config>: <error-option>as Operator, No

stop-on-error Engineer, Admin

:base:1.0 <edit-config>: <error-option>as Operator, No

continue-on-error Engineer, Admin

:base:1.0 <get-schema> Operator, Yes

Engineer, Admin,
User

© 2021 IP Infusion Inc. Proprietary 41

Supported Operations

Table 9-1: Supported Operations (Continued)

Supported
Capability Operation User Role (Yes/No) Comments

rollback-on- <edit-config>: <error-option>as Operator, Partial By default, this is the behavior. So

error:1.0 rollback-on-error Engineer, Admin there is no need to pass this error-
option.

:validate: 1.1 <edit-config>: <test-option> Operator, No By default configuration entries are

Engineer, Admin validated and stored, hence this
operation and its parameters are not
handled. External configuration store
validation is not supported (i.e URL).

:base:1.0 <copy-config>: Engineer, Admin Yes <copy-config> is applicable only from

<target><source> running to candidate and running to
startup.

:base:1.0 <lock>: < target> Operator, Yes

Engineer, Admin

:base:1.0 <unlock>: < target> Operator, Yes

Engineer, Admin

:base:1.0 <close-session> close current User, Operator, Yes

session Engineer,Admin

:base:1.0 <kill-session>: Close other User, Operator, Yes

session Engineer,Admin

:base:1.0 subtree filtering User, Operator, Yes

Engineer, Admin

:Startup:1.0 get-config <source=startup> User, Operator, Yes

Engineer,Admin

:Startup:1.0 copy-config <source=startup> Engineer,Admin No Copy to candidate is not supported,

and copy to running is not applicable
because candidate configuration store
is supported.

:Startup:1.0 copy-config <target=startup> Engineer, Admin Partial Running to startup copy is supported;
copying from candidate to startup is not
supported.

:Startup:1.0 lock <startup> Engineer, Admin Yes

:Startup:1.0 unlock <startup> Engineer, Admin Yes

:Startup:1.0 validate <source=startup> Engineer, Admin No Always configuration entries are

validated and stored, but external
configuration store validation is not
supported.

:Startup:1.0 delete-config Engineer, Admin Yes Running and candidate configuration

store cannot be deleted.

:url:1.0 URL capability User, Operator, Yes URL to startup is not supported.
Engineer, Admin

42 © 2021 IP Infusion Inc. Proprietary

 Supported Operations

© 2021 IP Infusion Inc. Proprietary 43

Supported Operations

44 © 2021 IP Infusion Inc. Proprietary

CHAPTER 10 SSH Client

A simple SSH connection can also be used as a client application to interact with the NetConf server. Here are the
steps to establish a connection and perform a get operation.

Establish a Connection
ssh -s [email protected] -p 830 netconf

Send Client Help Message to NetConf Server

(copy and paste this message in the session):
<?xml version="1.0" encoding="UTF-8"?>
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
</capabilities>
</hello>]]>]]>
Note: Only base 1.0 capability is used here though server supports both base 1.0 and 1.1 capabilities. Because the
later one mandates the XML encoding type "chunked framing" (RFC 6242, section 4.1), which is not user
friendly.
Perform the get operation:
<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="1" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"/>
</rpc>]]>]]>
Perform get-config operation:
<rpc message-id="102"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get-config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<source>
<running/>
</source>
</get-config>
</rpc>]]>]]>
Perform edit-config operation:
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<candidate/>
</target>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<vr xmlns="http://www.ipinfusion.com/CMLSchema/zebos">
<vrId>0</vrId>
<ospf>

© 2021 IP Infusion Inc. Proprietary 45

SSH Client

<ospfProcessId>5</ospfProcessId>
<vrfName>default</vrfName>
</ospf>
</vr>
</config>
</edit-config>
</rpc>]]>]]>

Perform commit operation:

<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<commit/>
</rpc>]]>]]>
Perform get-schema operation:
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get>
<filter type="subtree">
<netconf-state xmlns=
"urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring">
<schemas/>
</netconf-state>
</filter>
</get>
</rpc>]]>]]>
Perform copy-config operation:
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<copy-config>
<target>
<url>file://ZebOS.conf</url>
</target>
<source>
<running/>
</source>
</copy-config>
</rpc>]]>]]>

46 © 2021 IP Infusion Inc. Proprietary

Appendix A Yang Patch

diff --git a/netconf/src/ncx/ncxtypes.h b/netconf/src/ncx/ncxtypes.h

index 0cfc73d..f56cf95 100644
--- a/netconf/src/ncx/ncxtypes.h
+++ b/netconf/src/ncx/ncxtypes.h
@@ -554,6 +554,11 @@ typedef enum ncx_protocol_t_ {
NCX_PROTO_NETCONF11 /* RFC xxxx base:1.1 */
} ncx_protocol_t;

+typedef enum ncx_yang_version_t_ {

+ NCX_YANG_VERSION10,
+ NCX_YANG_VERSION11
+} ncx_yang_version_t;
+

/* YANG feature entry */

typedef struct ncx_feature_t_ {
@@ -640,7 +645,7 @@ typedef struct ncx_module_t_ {
const xmlChar *belongsver; /* back ptr to mod ver */

xmlns_id_t nsid; /* assigned by xmlns */

- uint32 langver;
+ ncx_yang_version_t langver;
boolean ismod; /* module/submodule keyword */
boolean stmtmode; /* T: save yang_stmt_t */
boolean added; /* T: don't free on err */
diff --git a/netconf/src/ncx/yang_obj.c b/netconf/src/ncx/yang_obj.c
index 9426dca..c0ca51b 100644
--- a/netconf/src/ncx/yang_obj.c
+++ b/netconf/src/ncx/yang_obj.c
@@ -7454,7 +7454,7 @@ static status_t
continue;
}

- if (obj_is_mandatory(testobj)) {
+ if (testobj->tkerr.mod->langver == NCX_YANG_VERSION10 &&
obj_is_mandatory(testobj)) {
if (augextern) {
log_error("\nError: Mandatory object '%s' not allowed "
"in external augment statement",
diff --git a/netconf/src/ncx/yang_parse.c b/netconf/src/ncx/yang_parse.c
index 3ff2443..d685e18 100644
--- a/netconf/src/ncx/yang_parse.c
+++ b/netconf/src/ncx/yang_parse.c
@@ -236,11 +236,13 @@ static status_t
if (res != NO_ERR) {

© 2021 IP Infusion Inc. Proprietary 47

Yang Patch

retres = res;
} else {
- if (xml_strcmp(TK_CUR_VAL(tkc), YANG_VERSION_STR)) {
+ if(0==xml_strcmp(TK_CUR_VAL(tkc), YANG_VERSION10_STR)) {
+ mod->langver = NCX_YANG_VERSION10;
+ } else if(0==xml_strcmp(TK_CUR_VAL(tkc), YANG_VERSION11_STR)) {
+ mod->langver = NCX_YANG_VERSION11;
+ } else {
retres = ERR_NCX_WRONG_VERSION;
ncx_print_errormsg(tkc, mod, retres);
- } else if (!mod->langver) {
- mod->langver = YANG_VERSION_NUM;
}
}
if (str) {
@@ -1164,6 +1166,7 @@ static status_t
const xmlChar *val;
const char *expstr;
tk_type_t tktyp;
+ xmlChar *str;
status_t res, retres;
boolean done, ver;

@@ -1219,18 +1222,21 @@ static status_t

ver = TRUE;

/* get the version number */

- res = ncx_consume_token(tkc, mod, TK_TT_STRING);
+ res = yang_consume_string(tkc, mod, &str);
+ m__free (str);
if (res != NO_ERR) {
retres = res;
if (NEED_EXIT(res)) {
return res;
}
} else {
- if (xml_strcmp(TK_CUR_VAL(tkc), YANG_VERSION_STR)) {
+ if(0==xml_strcmp(TK_CUR_VAL(tkc), YANG_VERSION10_STR)) {
+ mod->langver = NCX_YANG_VERSION10;
+ } else if(0==xml_strcmp(TK_CUR_VAL(tkc), YANG_VERSION11_STR)) {
+ mod->langver = NCX_YANG_VERSION11;
+ } else {
retres = ERR_NCX_WRONG_VERSION;
ncx_print_errormsg(tkc, mod, retres);
- } else {
- mod->langver = YANG_VERSION_NUM;
}
}

diff --git a/netconf/src/ncx/yangconst.h b/netconf/src/ncx/yangconst.h

48 © 2021 IP Infusion Inc. Proprietary

 Yang Patch

index 27778f0..76a37b4 100644

--- a/netconf/src/ncx/yangconst.h
+++ b/netconf/src/ncx/yangconst.h
@@ -57,8 +57,8 @@ extern "C" {
#define YIN_MODULE (const xmlChar *)"yin" /*** no mod ! ***/
#define YIN_SUFFIX (const xmlChar *)"yin"

-#define YANG_VERSION_STR (const xmlChar *)"1"

-#define YANG_VERSION_NUM 1
+#define YANG_VERSION10_STR (const xmlChar *)"1"
+#define YANG_VERSION11_STR (const xmlChar *)"1.1"

#define YANG_FILE_SEPCHAR '@'

© 2021 IP Infusion Inc. Proprietary 49

Yang Patch

50 © 2021 IP Infusion Inc. Proprietary