#CiscoLiveLA

Get ready!
Service Provider
Programmability
An introduction to XML, NETCONF and
Visualization tools
Dulce Basilio González
Julieta I. Mauleón Fernández
BRKSPG-2295

#CiscoLiveLA
Agenda
• Introduction
• Data modeling language: YANG
• XML and JSON data formats
• XCONF protocols
• Splunk, a visualization tool
• Conclusion

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Cisco Webex Teams
Questions?
Use Cisco Webex Teams to chat
with the speaker after the session

How
1 Find this session in the Cisco Live Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space

Webex Teams will be moderated cs.co/ciscolivebot#BRKSPG-2295

by the speaker until November 1st , 2019.

#CiscoLiveLA © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Acknowledgment
Special thanks for information provided and slides support

• Einar Nilsen-Nygaard, Principal Engineer

• Hank Preston III, Principal Engineer

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Introduction
Software!!!! Networks!!!!

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Programmability in new certifications

• CCNA 200-301 now includes automation and

programmability
• CCNP SPAUTO 300-535: automating Cisco
Service Provider Solutions
• Cisco Certified DevNet Associate

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Why programmability?
RFC 3535: Overview of the 2002 Internet Architecture Board (IAB)
and Network Management Workshop (IETF)
SNMP requires
SNMP works applications to MIB modules
reasonably well be useful often lack
for device (basic) writable MIB
monitoring objects

Does not support Scalability

easy retrieval and problems with
playback of the number of
configurations objects in a
device

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Network management needs

• Distinguish between configuration data and

operational data
• Single data definition language for all
programmatic interfaces
• Manage device configuration with textual
format files based on a standard across
multiple vendors and device types
• Ability to configure "services" NOT "devices“

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Key concepts (1)

Data models: describes how data is represented, accessed and

its relationships, e.g. YANG [RFC 6020]

Data Formats: the way in which the data model is presented, e.g.
XML, JSON
Transport protocol: provides host to host communication, e.g.
TCP, UDP

Application Programming Interface (API): set of definitions and

protocols for building and integrating software applications, e.g.
REST
#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Key concepts (2)
Remote Procedure Call (RPC): client–server interaction where
caller is “client” and executor is “server”. Typically implemented
via a request–response message-passing system.
Client Server

Invoke op DataWriter DataReader Invoke op

RPC Language

RPC Language
(params) <Request> <Request> (params)
Binding

Binding
RETURN DataReader DataWriter RETURN
(result) <Reply> <Reply> (result)

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Model-driven programmability
Configuration

Apps Python, C, C++, Java, Erlang, Go…

Model-Driven APIs
APIs YANG Development Kit (YDK)

Protocol NETCONF RESTCONF gRPC

Encoding XML JSON GBP

Transport SSH HTTP

Models YANG Models (native/open)

Data IOS XR, IOS XE…

Telemetry
#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Data modeling
language: YANG
Data model Example:
Person:
• Gender - male, female
• Height - <1.50-1.70> 1.70m
• Weight - <50-70> 70kg
• Hair color - brown, blond, black, red, other
A data model is a well • Eye color - brown, blue, green, hazel, other
understood and agreed upon
method to describe
"something“

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
YANG (Yet Another Next Generation)
• RFC 6020 approved in 2010
• Is a language used to model data for Network Configuration Protocol
(NETCONF)
• NETCONF uses YANG for operations such as RPC’s, configuration,
state data and notifications
• YANG 1.1 is a maintenance release of the RFC 6020 for network
management protocols [RFC 7950, 2016]

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
YANG modules

A YANG module defines a

hierarchy of nodes (configuration
or operational data) that can be
used for NETCONF-based
operations (RPC’s/notifications)

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
YANG model structure and elements
• Leaf: holds a single value of a
particular type (no children)
• Leaf list: holds multiple values for a
particular type (sequence of leafs)
• Container: groups related nodes
and has no type or value
• List: used to represent a list of
nodes containing a complex type
• Key: used to identify an instance of
a list

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
YANG modules
• YANG structures data models
Module 1
into modules and submodules

Module 2
• A module can import data from
other external modules (just
SubMod A referenced) and include data
from submodules
• Models can be extended
SubMod X SubMod Y Include through augmentations
Import
• Unsupported nodes are
specified as deviations

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
YANG modules content
• YANG version • Modules
• Namespace • Submodules
• Organization Header Information
• Contact
Imports and Include
• Description
• Revision Type Definitions
• Containers (group of
Configuration and Operational related nodes)
Data Declarations • Lists
• Leaves (node’s
Action (RPC) and Notification attributes)
Administrative actions Declarations • Data types
or notifications with
input and/or output
parameters.

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
YANG model example
ietf-interfaces@2017-12-16

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
 Container
module ietf-interfaces { Header container interfaces {
yang-version 1.1; description
namespace "urn:ietf:params:xml:ns:yang:ietf- "Interface parameters.";
interfaces";
prefix if; list interface {
Import key "name";
import ietf-yang-types { leaf name {
prefix yang; type string;
} }
organization leaf description {
"IETF NETMOD (Network Modeling) Working type string;
Group"; }
description leaf type {
"This module contains a collection of YANG type identityref {
definitions for managing network base interface-type;
interfaces.”; }
} mandatory true;
typedef interface-ref {
Type definitions }
type leafref { leaf enabled {
path "/if:interfaces/if:interface/if:name"; type boolean;
} default "true";
description }
"This type is used by data models that need } // list interfaces
to reference interfaces."; } // container interfaces
} } // module ietf-interfaces

*Example edited for brevity

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Pyang tool $ pyang -f tree ietf-interfaces.yang
Module
module: ietf-interfaces name
+--rw interfaces Key
| +--rw interface* [name]
| +--rw name string
Container | +--rw description? string Leaf
Python YANG library
| +--rw type identityref
• | +--rw enabled? boolean
| +--rw link-up-down-trap-enable? enumeration {if-mib}?

• A YANG validator, x--ro interfaces-state

x--ro interface* [name]
Optional
Data Type
converter, and code x--ro name
x--ro type
string
identityref
generator x--ro admin-status
x--ro oper-status
enumeration {if-mib}?
enumeration
x--ro last-change? yang:date-and-time
• Display and validates List
x--ro if-index
x--ro phys-address?
int32 {if-mib}?
yang:phys-address
YANG files x--ro higher-layer-if*
x--ro lower-layer-if*
interface-state-ref
interface-state-ref
x--ro speed? yang:gauge64
x--ro statistics
x--ro discontinuity-time yang:date-and-time
x--ro in-octets? yang:counter64

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Defined data models
• Standard models
ietf-inet-types.yang
ietf-interfaces@2018-02-20.yang

• Open models
openconfig-if-ethernet.yang
openconfig-bgp-neighbor.yang

• Vendor specific (native)

Cisco-IOS-XE-bgp.yang
Cisco-IOS-XR-asr9k-qos-oper.yang

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
 IOS XR data models
The name of XR data models use the following notation:
Cisco-IOS-XR-<platform><technology><suffix>.yang
• Starts with the prefix Cisco-IOS-XR
• Platform is an optional string (e.g. ncs5500, asr9k, etc.)
• Technology substring (e.g. ipv4-bgp, qos, etc.)
• Suffix indicates whether the model indicates configuration data
(cfg/cfg-sub), operational data (oper/oper-sub) or action (act/act-sub)
• Extension that indicates it is a YANG model (.yang)

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Resources and repositories (repos)
• NETCONF central: tutorials, RFC’s, YANG models and tools
http://www.netconfcentral.org/modulelist

• YANG models at GitHub: standard, open and native

https://github.com/YangModels/yang
https://github.com/openconfig/public

• IETF Datatracker: RFC, YANG models and tools

https://datatracker.ietf.org/

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
XML and JSON
data formats
Data formats (encoding)
Configuration and operational data are represented as key-value
pairs. The key identifies what the data is, while the value is the actual
data.
• Plane text: NOT a good data format for programmatic use cases
• XML: Extensible Markup Language
• JSON: Java Script Object Notation
• YAML: YAML Ain't Markup Language
• HTML/JavaScript

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Extensible Markup Language (XML)
• Developed in 1996 for • Hierarchical structure which
encoding data in a human-and starts in a “root” and “branches”
computer readable format to "the leaves“ like a tree.
• Information wrapped in tags, <root>
<child>
much like HTML but XML tags <subchild>leave 1</subchild>
are not predefined </child>
<child>
• The author must define both <subchild>leave 2</subchild>
the tags and the document </child>
</root>
structure
https://www.w3.org/TR/2008/REC-xml-20081126/

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
XML syntax and elements
<?xml version="1.0" encoding="UTF-8"?>
Prolog*
Root <bookstore>
<book id=“501”>
<title>Harry Potter </title>
Closing tag
<author>J K. Rowling</author>
Nested <year>2005</year>
<price>29.99</price> Element
<discount></discount>
</book>
Name=“value” <!-- This is a comment -->
<book id=“503” > Attribute* “quoted”
<title>Learning XML</title>
<author>Erik T. Ray</author>
Metadata should <year>2003</year>
<price>39.95</price>
be stored as <discount />
attributes. </book>
Empty element
</bookstore> *Optional

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
Namespaces: “xmlns” attribute
• Avoid duplicate names <root xmlns:h="http://www.w3.org/TR/html4/">
<h:table>
using xmlns:prefix=“URI” <h:tr>
<h:td>Apples</h:td> Namespace
• The namespace is an <h:td>Bananas</h:td>
</h:tr>
identifier for the specific </h:table>
tag definition. <f:table xmlns:f="https://www.furnit.com/tab">
<f:name>African Coffee Table</f:name>
<f:width>80</f:width>
Prefix <f:length>120</f:length>
</f:table>
The URI is not used <table xmlns="https://www.otherns.com/">
<starter>Cesar salad</starter>
by the parser to look Default <main>Roast beef with vegetables</main>
up information. prefix <dessert>Apple pie with cream</dessert>
</table>
</root>

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
IOS XR – XML API
• Configure routers or request information about configuration,
management, or operation by encoding a request in XML API
• XML request and response are performed by XML client and agent
respectively
• Management operations supported through XML are:
• Native data access (get, set, delete, and so on)
• Configuration services
• Traditional CLI access where CLI commands and command responses
are encapsulated in XML

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
XML – API data operations tags
Tag Description
<Get> Gets the value of one or more configuration, operational or action data items.
<Set> Creates or modifies one or more configuration or action data items.
<Delete> Deletes one or more configuration data items.
<Lock> Locks the running configuration.
<Unlock> Unlocks the running configuration.
Loads the target configuration from a binary file previously saved using the
<Load>
<Save> tag.
<Save> Saves the target configuration to a binary file.
<Commit> Promotes the target configuration to the running configuration.
<Clear> Aborts or clears the current target configuration session.
<Rollback> Rolls back the running configuration to a previous configuration state.

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
Example of XML RP/0/RP0/CPU0:router# configure

API code RP/0/RP0/CPU0:router(config)# router bgp 3

RP/0/RP0/CPU0:router(config-bgp)# default-metric 10

RP/0/RP0/CPU0:router(config-bgp)# timers bgp 60 180

CLI commands RP/0/RP0/CPU0:router(config-bgp)# exit

BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
 <?xml version="1.0" encoding="UTF-8"?>
Example of XML <Request MajorVersion="1" MinorVersion="0">
<CLI>

API code <Configuration>

router bgp 3
default-metric 10
timers bgp 80 160

Client: XML request

exit
commit
encapsulating CLI </Configuration>
</CLI>
commands </Request>

BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
Example of XML
API code <?xml version="1.0" encoding="UTF-8"?>
<Response MajorVersion="1" MinorVersion="0">
<CLI>
<Configuration/>
</CLI>
Server: XML response <ResultSummary ErrorCount=“0”/>

encapsulating CLI
</Response>

commands

BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
 <?xml version="1.0" encoding="UTF-8"?>
<Request MajorVersion="1" MinorVersion="0">
<Commit Mode=”Atomic”/>
<Set>
<Configuration>
<BGP>
<AS>
<Naming>

Example of XML <AS>3</AS>

</Naming>

API code <DefaultVRF>

<Global>
<DefaultMetric>10</DefaultMetric>
<GlobalTimers>
<Keepalive>60</Keepalive>
Client: XML request <HoldTime>180</HoldTime>
</GlobalTimers>
</Global>
</DefaultVRF>
</AS>
</BGP>
</Configuration>
</Set>
</Request>

BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Example of XML <?xml version="1.0" encoding="UTF-8"?>
<Response MajorVersion="1" MinorVersion="0">

API code <Commit Mode=”Atomic” CommitID=”10000075”/>

<Set>
<Configuration/>
</Set>
<ResultSummary ErrorCount=“0”/>
Server: XML response </Response>

BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
JavaScript Object Notation (JSON)
• Developed in 1999 as a subset of JavaScript and pretended to be
human readable
• Text format that is completely language independent
• JSON is based on universal data structures, therefore is an ideal
data-interchange language
• Can be either a collection of name/value pairs or an ordered list of
values
• Lacks the strong structure and schema validation that XML has

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
JSON syntax
{
"employees":[
“Name”:“value”
{
"firstName":"John",
{Object} "lastName":"Doe"
},
{
"firstName":"Anna S",
"lastName":"Smith"
},
{
"firstName":"Peter",
"lastName":"Jones"
[Array] }
]
} Separator

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
JSON valid data types

String

{"employees":[
{ “Name”:“John”, “Midlename”:null, “lastName”:“Doe”,
“Age”:36, “Married”:true, “Children”:["John", "Anna", "Peter"]
},
{Object} { “Name”:“Anna”, “Midlename”:“Susan”, “lastName”:“Smith”
“Age”:30, “Married”:false, “Children”: null
} [Array]
]}

Number Boolean Null

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
 {
"interfaces": [
{
"interface”: “Ethernet1/1”,
"vlan”: “1”,
"type”: “eth”,
"portmode”: “fabric”,
"state”: “down”,
"state_rsn_desc”: “SFP not inserted”,
"speed”: “10G”,
"ratemode”: “D”

JSON example }
]
}

{ "interfaces": [ { "interface”: “Ethernet1/1”,

"vlan”: “1”, "type”: “eth”, "portmode”: “fabric”,
"state”: “down”, "state_rsn_desc”: “SFP not
inserted”, "speed”: “10G”, "ratemode”: “D” } ] }

BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
XCONF protocols
NETCONF (1)

• NETCONF stands for Network Configuration Protocol

• RFC 6241 since 2006
• Defines a simple mechanism through which a network device can be
managed, configuration data information can be retrieved and new
configuration data can be uploaded and manipulated
• Uses a remote procedure call (RPC) paradigm
• Encodes an RPC in XML
• NETCONF namespace is urn:ietf:params:xml:ns:netconf:base:1.0

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
NETCONF (2)
The device's data model is well-known for both parties to be aware
of issues such as the layout, containment, keying, lookup,
replacement, and management of the data, as well as any other
constraints imposed by the data model.

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
NETCONF key concepts (1)
Capability: a functionality that supplements the base NETCONF
specification. Describes additional operations and its content

Configuration data: the set of writable data that is required to

transform a system from its initial default state into its current
state

State data: data on a system that is not configuration such as

read-only status information and collected statistics

Datastore: a conceptual place to store and access information

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
NETCONF key concepts (2)
Server: is a network device, also called “agent” or simply
“device” that executes the tasks requested by the client

Client: also called “manager”, can be a script or application that

invokes protocol operations and/or subscribes to receive
notifications from a server

Message: a protocol element sent over a session; are well-

formed XML documents

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
NETCONF layering model (1)
Layers Examples

Content Conf/Oper Data Notification data

Operations XML <get> <edit-config>

Messages <rpc> <rpc-reply> <notification>

Secure Transport TCP/IP Method (SSH)

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
NETCONF layering model (2)

SSH

SSH

SSH

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
NETCONF communication

SSH

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
NETCONF session
• Is the logical connection between client and server
• The transport protocol used has to be connection-oriented to
provide reliability, sequence data delivery and so on; as well as
support persisting protocol operations
• Must provide authentication, integrity and confidentiality

TCP/SSH port 830

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
NETCONF RPC
• Client sends a series of one or more RPC request and server must
reply to each one of them
• Each RPC will have a session ID

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Hello message
• Is the first exchanged message (includes capabilities).
ssh admin@192.168.0.1 -p 830 -s netconf

<?xml version="1.0" encoding="UTF-8"?>

The capability is
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities> identified by a Uniform
Resource Identifier
Hello msg <capability>
(URI, URL or URN)
urn:ietf:params:netconf:base:1.0
</capability>
<capability>
urn:ietf:params:netconf:capability:candidate:1.0
</capability>
<capability>
Capability
urn:ietf:params:netconf:capability:notification:1.0
</capability>
</capabilities>
<session-id>
285212672
</session-id>
</hello>
End of Message
]]>]]>

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
NETCONF base operations (base capability)

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
NETCONF base operations (base capability)
Operation Description

<get> Retrieve running configuration and device state information

<get-config> Retrieve all or part of specified configuration datastore

<edit-config> Loads all or part of a configuration to the specified configuration datastore:

test-option (validation), error option, operation
<copy-config> Replace an entire configuration datastore with another

<delete-config> Delete a configuration datastore

<lock> / <unlock> Lock or unlock the entire configuration datastore system

<close-session> Graceful termination of NETCONF session

<kill-session> Forced termination of NETCONF session

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
NETCONF other capabilities operations
urn:ietf:params:netconf:capability:{name}:1.x
Capability Operation Description

:candidate <commit> Instructs the device to implement the configuration

data contained in the candidate configuration.
<discard-changes> This operation discards any uncommitted changes
by resetting the candidate configuration
:confirmed-commit:1.1 <cancel-commit> Cancels an ongoing confirmed commit.

<commit>* 4 parameters added:

- confirmed
- confirm-timeout
- persist
- persist-id

* Operation modified
#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
Configuration datastore
• Holds the complete set of configuration data that is required to get
a device from its initial default state into a desired operational state
• There are four datastores
• IOS XR only has running and candidate datastores

<startup> <running> <candidate> <URL>

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
Data Store Key Points
• A container may hold an entire or partial configuration
• Not all data stores are supported by all devices
• <running> is the only mandatory data store
• Not all data stores are writeable
• Every NETCONF message must target a data store
• The system can query one or more datastores to get information
regarding networking topologies, links, policies, customers and
services

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
Network Management Datastore Architecture
NMDA [RFC 8342]

Running

Currently active Intended

Operational
Processed content
from running
Configuration used by the
system (applied, learned
and default values)

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
NETCONF with Python ncclient

#CiscoLiveLA © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
NETCONF message exchange
Server Use code libraries (ncclient)
and tools that do all the
connection handling for you

Client

Client

Server <?xml version="1.0" encoding="UTF-8"?>

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"
message-id=“1239123" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
Python ncclient
• Is a Python library that facilitates client-side scripting and
application development around the NETCONF protocol.
• Other implementations are being made such as “netconf-console”

Docs: http://ncclient.readthedocs.org
Github: https://github.com/ncclient/ncclient
Installation: https://pypi.org/project/ncclient/

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
Python ncclient <get-config> operation
Import ncclient and from ncclient import manager
libraries

with manager.connect(
Open a connection host=“192.168.0.1”,
port=“830”,
to the network username=“admin”,
device using ncclient password=“Cisco123”,
hostkey_verify=False
) as m:

Create an XML filter netconf_filter = """

<filter>
for targeted <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces">
NETCONF queries <interface></interface>
</interfaces>
</filter>"""
Make a NETCONF
<get-config> query
netconf_reply = m.get_config(source = 'running', filter = netconf_filter)
using the filter

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
Python ncclient <edit-config> operation
import ...
with manager.connect(...) as m:

netconf_interface_template = """
<config>
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces">
Create an XML <interface>
<name>{name}</name>
configuration template <description>{desc}</description>
for ietf-interfaces <type xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
{type}
</type>
<enabled>{status}</enabled>
<ipv4 xmlns="urn:ietf:params:xml:ns:yang:ietf-ip">
Ask for the Interface <address>
Details to Add <ip>{ip_address}</ip>
<netmask>{mask}</netmask>
</address>
</ipv4>
</interface>
Create the NETCONF </interfaces>
data payload for this </config>"""

interface new_loopback = {}
new_loopback["name"] = "Loopback" + input("What loopback number to add?")
new_loopback["desc"] = input("What description to use? ") ...

Make a NETCONF netconf_data = netconf_interface_template.format(

name = new_loopback["name"],
<edit-config> query desc = new_loopback["desc"], ...
using the data payload netconf_reply = m.edit_config(netconf_data, target = 'running')

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Configuring IOS XR agent
Configuration commands:
• ssh server v2
• netconf-yang agent ssh
• ssh server netconf [ vrf vrf-name[ ipv4 access-list ipv4 access
list name] [ ipv6 access-list ipv6 access list name]]
• ssh server netconf port port-number

Show commands:
• show netconf-yang statistics
• show netconf-yang clients
• show netconf-yang trace [last number]

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
Demo: NETCONF with Python ncclient
RESTCONF
REpresentational State Transfer (REST)
• Framework for client-server communication

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
RESTCONF
• Stands for REpresentational State Transfer Configuration Protocol
[RFC 8040, 2017]
• HTTP-based protocol to provide CRUD (Create, Read, Update and
Delete) operations
• Uses same YANG models and datastores than NETCONF
• Came into life due to the need of allowing web applications to
access the configuration data, state data and event notifications
• Encoded either XML or JSON
• Available for IOS XE platforms

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
RESTCONF layering model

Layers Examples

Content JSON / XML

GET, POST, PUT,

Operations
PATCH, DELETE

Transport TCP/IP Method (HTTP/HTTPS)

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
RESTCONF operations

Operation Description NETCONF

GET Read <get>, <get-config>

PATCH Update <edit-config>

PUT Replace <edit-config>

POST Create <edit-config>

DELETE Delete <delete-config>

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
RESTCONF Uniform Resource Identifier
https://<ADDRESS>/<ROOT>/data/<[YANG MODULE:]CONTAINER>/<LEAF>[?<OPTIONS>]

• ADDRESS - RESTCONF agent

• ROOT - The main entry point for RESTCONF requests. Discoverable at

“https://<ADDRESS>/.well-known/host-meta”
• data - The RESTCONF API resource type for data. Refers available operations
• [YANG MODULE:]CONTAINER - The base model container being used. Providing the
module name is optional
• LEAF - An individual element from within the container
• [?<OPTIONS>] - Optional parameters that impact returned results

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
 Uniform Resource Identifier (URI)
• Acts as a location identification for a given resource regarding YANG
models
https://172.18.80.87/restconf/data/ietf-interfaces:interfaces/interface=GigabitEthernet1?depth=unbounded

module: ietf-interfaces
+--rw interfaces
| +--rw interface* [name]
| +--rw name string
| +--rw description? string
| +--rw type identityref
| +--rw enabled? boolean
| +--rw link-up-down-trap-enable? enumeration

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
RESTCONF IOS XE configuration
Configuration commands:
• restconf
• ip http secure-server

Show commands:
• show platform software yang-management process monitor
• show platform software yang-management process
• show netconf-yang sessions

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
Demo: RESTCONF
RESTCONF vs NETCONF
• It is not a replacement. They can
coexist
• RESTCONF is Web oriented
• NETCONF has more robust
feature set such as:
• Lock operations
NETCONF RESTCONF • Candidate and Startup datastores
XML
REST • Validations
RPC YANG
HTTP
• Confirm commit
JSON

• RESTCONF not yet supported in

IOS XR
#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
 • Is a set of instructions to
be performed as a unit
• XCONF are transaction-
oriented protocols, which
means ACID:
• Atomicity
XCONF transactions • Consistency
• Independence
• Durability

• Transaction-oriented
reduces failures

BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
Best practices for NETCONF transactions
• Acquire configuration lock (:candidate)
• Checkpoint running configuration (<copy-config>)
• Load and validate incoming configuration (:candidate, :validate:1.1)
• Edit running configuration (:candidate, <commit>)
• Test new configuration (ping, RIB comparison, etc.)
• Making the change permanent (:candidate confirm commit)
• Release the configuration lock

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
XCONF FAQ

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
Customer questions (1)
Q. May I configure port 22 to enable NETCONF?
A. It is not a best practice and might cause issues
Q. Should I add RPC tags if I am using Python-ncclient?
A. No, ncclient provides functions which already manage RPC tags. Therefore “<rpc
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">” is
embedded into the library
Q. Is RESTCONF supported into my ASR?
A. Not yet, but Cisco is working, so you will soon
Q. Do I need aaa for XCONF?
A. Yes, it is mandatory for both

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
Customer questions (2)
Q. Could I have more than one active NETCONF session?
A. Yes. “netconf-yang agent session limit <1-50>”, “ssh server session-limit <1-
1024>” and “ssh server rate-limit <1-600>” commands will help
Q. Will NETCONF slow my CLI?
A. No, but if it does, please check memory usage and if needed restart NETCONF
process
Q. I cannot find NETCONF keywords for configuration.
A. Please validate that “k9sec” and “mgbl” pie are installed
Q. As recommendation:
A. Maintain necessary connections

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
Splunk,
a visualization tool
SPLUNK
Aggregate, analyze and get information from your machine data:

#CiscoLiveLA © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Splunk architecture
• Enterprise Search
Head
• Installed on-premises
• Cloud
Indexer
• No infrastructure required
• Light
• Small IT environments

Forwarders

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Add data to Splunk
• Uploading files from local • Using a forwarder that sends
computer: data from a device:
• Data only get indexed once • Remote machines gather and
forward data to indexers over a
• Monitoring files and ports: receiving port
• Gather the data located on Splunk
Enterprise instances

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 85
Data Input Types
Apps can be used
to define additional
source types
Splunk has default
settings for may
types of data

Splunk can
automatically
recognize a list of
source types

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 86
Create reports, dashboards, visualizations, alerts

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
Search & Reporting App
The default interface for searching and analyzing data

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 88
Search Language Syntax

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 89
Searching (Events tab)

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
Conclusion
SNMP vs XCONF

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
 SNMP vs XCONF use cases
Use case SNMP NETCONF RESTCONF
Get collection of status fields Yes Yes Yes
Set collection of configuration fields Yes, up to 64kB Yes Yes
Set configuration fields in transaction No Yes Yes
Transactions across multiple network No Yes No
elements
Send event notification Yes Yes, connected Yes
Backup and restore configuration Usually not Yes Yes
Secure protocol v3 Yes Yes
Test configuration before commit No Yes No

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 93
Takeaways
• XCONF protocols are platform independent which means, they can
be adopted by any operating system
• NETCONF is fully supported in IOS XR
• Unified YANG models across vendor will benefit information
manipulation
• Automation reduce cost and deploy services quickly and at scale
• XCONF protocols are creating a bridge between software and
network engineers
• Automation is dramatically changing data networks

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
What to do next? (1)
• Cisco DevNet Labs, Workshops and Videos.
• NETCONF central
• YANG Explorer
• YDK at DevNet
• Cisco IOS XR 6.0 at DevNet
• Network Configuration Protocol (NETCONF)
• The YANG 1.1 Data Modeling Language

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
What to do next? (2)
• RESTCONF Protocol
• Introduction to Model Driven Programmability
• Lab: Using NETCONF/YANG from your desktop OS
• Blog: Using CLI as Training Wheels with NETCONF/YANG
• Workshop: Network device APIs
• Blog: Model-driven Programmability: The Rise of Network
Automation

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
Complete your
online session • Please complete your session survey
evaluation after each session. Your feedback
is very important.
• All surveys can be taken:
– Cisco Live Mobile App
– Logging in to the Session Catalog:
https://reg.rainfocus.com/flow/cisco/cllatam19/adash/
page/dashboard

Cisco Live sessions will be available for viewing

on demand after the event at ciscolive.cisco.com.

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 97
Continue your education

Demos in the Walk-in

Cisco campus self-paced labs

Meet the engineer

Related sessions
1:1 meetings

#CiscoLiveLA BRKSPG-2295 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 98
Thank you

#CiscoLiveLA
#CiscoLiveLA