NETCONF Transactional Consistency on Cisco IOS XE

Thursday, March 9, 2017 08:56 +0100

NETCONF Transactional Consistency on Cisco IOS XE

During the Tech Field Day Extra event at Cisco Live Europe 2017 Fabrizio Maccioni, Technical Marketing Engineer at Cisco, described enhanced programmability available in Cisco IOS XE release 16.x. What really got my attention was the claim that they made NETCONF on Cisco IOS transactional (and Fabrizio mentioned the candidate config and commit).

Here's my initial reaction:

IOS XE 16.3 is supposed to have candidate #NETCONF data store. Have to check this... ;) #TFDX
— Ivan Pepelnjak (@ioshints) February 20, 2017

It took me a few minutes to start VIRL, start CSR 1000v running IOS-XE 16.4 within VIRL, configure netconf-yang on it, and connect to NETCONF port with SSH. The router sent me a huge list of capabilities, most of them telling me it can send me an SNMP MIB in XML format over NETCONF. The list included a few standard IETF capabilities. Here they are:

urn:ietf:params:netconf:capability:writable-running:1.0
urn:ietf:params:netconf:capability:xpath:1.0
urn:ietf:params:netconf:capability:validate:1.0
urn:ietf:params:netconf:capability:validate:1.1
urn:ietf:params:netconf:capability:rollback-on-error:1.0
urn:ietf:params:netconf:capability:notification:1.0
urn:ietf:params:netconf:capability:interleave:1.0

Conspicuously missing:

urn:ietf:params:netconf:capability:candidate:1.0
urn:ietf:params:netconf:capability:confirmed-commit:1.1

Long story short: Cisco IOS XE still doesn't have candidate configuration or commit capabilities.

What Cisco IOS XE does have is rollback on error: if some arguments in the edit-config request are invalid the whole request is rejected and the configuration is rolled back to what it was before the current request instead of leaving the configuration in messed-up state.

Sad conclusion:

So of course I had to start CSR1KV in VIRL running 16.4 release and checked for NETCONF candidate store. Not there. Meh... #TFDX #CLEUR
— Ivan Pepelnjak (@ioshints) February 20, 2017

On a more positive note, the device configuration produced by get-config request on Cisco IOS XE release 16.x has properly nested elements, so I upgraded IOS XE from pass (mostly) to pass.

3 comments:

Evgeny Zobnitsev 10 March 2017 08:40

Hi Ivan, the most interesting part, that IOS-XE gives different answers about capabilities on 830 port and 22 port, for unknown for me reason ... But good that 830 port gives you all configuration get-schema capabilities.

Einar 10 March 2017 14:01

Port 22 hosts the legacy netconf agent on IOS-XE, which only supports netconf 1.0 with a Cisco-proprietary payload (same as all other vendors). Port 830, when netconf-yang is enabled, hosts the model-based agent.

Unknown 25 July 2019 04:01

Yes, it looks like the port 830 server is an IOS XE implementation of a Tail-F Netconf server.

It feels kinda like a mini-NCS running on the box and you talk to that to configure IOS models which maybe then uses Tail-F algorithms to compute required model -> native model changes.

Looks like possibly Including candidate config datastore also.

Recent posts in the same categories

automation

NETCONF

3 comments: