Getting Started with NETCONFc¶
In this tutorial you will learn how to connect to a NETCONF server and perform some frequently used actions.
Connect over SSH or SSH Call Home¶
Start NETCONFc
![]()
Click the
Connect
button, selectNETCONF over SSH
to bring up the session creation dialog.![]()
New session parameters:
Enter server’s host name or IP address, port number, user name and password. If using Call-home to connect, specify the call-home port.
timeout
is the time NETCONFc will abort connecting if no response has been received after that period of time.
keep-alive
is the interval a heart-bear message will be sent to the server to keep the connection open if no action after that period of time.Alternatively you can use a private key file (PEM format) to do SSH public key authentication, rather than SSH password based authentication.
If you use a privkey file, then the ‘password’ is the password of the privkey, if there is one.
Then click the button “Connect” on the session creation dialog. If using call-home, click the button “Start listening for call-home”.
You should be connected to the server.
If error occurs, check if the server is running on the specified address and port. Also make sure the correct user name and password are used.
Connect over TLS or TLS Call Home¶
Start NETCONFc
![]()
Click the
Connect
button, selectNETCONF over TLS
to bring up the session creation dialog.![]()
New session parameters
Enter server’s host name or IP address, port number, ‘client certificate’ file with full path, n ‘client private key’ file with full path (this field can be left blank if the client certificate file already contains client’s private key), and the ‘trusted CA certificate’ file with full path, which is needed to validate the server’s certificate and can be a chained certificate file.
timeout
is the time NETCONFc will abort connecting if no response has been received after that period of time
keep-alive
is the interval a heart-bear message will be sent to the server to keep the connection open if no action after that period of time.Then click the button “Connect” on the session creation dialog. If using call-home, click the button “Start listening for call-home”.
You should be connected to the server.
If error occurs, check if the server is running on the specified address and port. Also make sure the correct certificates and keys are used.
ll YANG modules supported and advertised by the connected remote server.
YANG Models advertised by the server¶
After a successful connection, the YANG models loaded into NETCONFC that are also advertised by the server hello or listed in the server’s ietf-yang-library model will have a green check mark displayed.
![]()
Download YANG models¶
For modules that are not found in the local YANG module path, you can try downloading them directly from server.
Select the menu “Models | Download Models”, a listbox will come up with all available YANG model documents on the server, select the desired models and click “Download” button.
![]()
Note
This requires the server supports
get-schema
operation.
View server capabilities¶
If the connection was successful, click the “Browse” button to browse YANG models.
![]()
Click the server capabilities advertised icon to view capabilities advertised by the remote server.
Choose a target datastore for retrieving and editing¶
Before we send any queries to server, we need to decide which datastore we would like to work on.
The selected datastore will be used as the default target datastore when you browse the connected server to issue get, get-config or edit-config commands.
![]()
Browse YANG schema tree and lookup node properties¶
If a module is found in the local YANG module path, you can browse it.
Expand the module tree in the left side window pane to browse its data nodes.
Right click on a node, select “Lookup YANG Info” to view its type, enumerations, size, range etc.
Nodes are given different icons or indicators so you can easily tell what are they and determine what operations can be performed on that node. For example, for a read-only state node, it makes no sense to send a <get-config> or an <edit-config> command against it.
![]()
Send <get> requests¶
You can select one or more nodes in the module tree and send a <get> to retrieve current data (state and config) underneath.
In the notebook in the window on the right side , you will also see a notebool tab XML page that shows the XML encoding of the last RPC request and reply.
There is also a notebook tab page that is either labeled as
Get instance datatree
or<Get-config instance data tree
. It shows a tree view for the retrieved instance data.Click the context ‘menu’ icon or right click to bring up context menu:
![]()
You can use <Shift + click> or <Ctrl + click> to select multiple nodes for retrieving data
![]()
Note
When you <get> on a leaf node in a list, if the server does not send back the value for the list key nodes at the same time, then you will not make much sense out of the data you received. NETCONFc by default will include all key nodes when querying data. To turn this feature off see Retrieving with list key nodes
Send <get-config> requests¶
For module tree config nodes (node in navy color), you can send a <get-config> to retrieve current settings underneath it.
Select any node, right click and select ‘get-config’ to retrieve the config data under this node. If you select the
module
node, then all config data in that module will be retrieved.![]()
Note
When you <get> against a leaf node in a list, if the server does not send back the value for the list key nodes at the same time, then you will not make much sense out of the data you received. NETCONFc by default will include all key nodes when querying data. To turn this feature off see Retrieving with list key nodes
Send <edit-config> command from schema tree¶
We call the YANG module tree on the left side
schema tree
To create a node in the remote server config, just select the node in the module tree, right-click and select
Enter Value to include in RPC
or use shortcut keyCtrl + W
. For types such as Enumeration and indentityref a drop-down box will be available for you to select one from a list of values.![]()
You can also click the
Value
cell to enter or modify the value you want to set.After you finish entering the value, right-click and select
edit-config
to send it.To set an indentityref value that is defined in another module, enter the value in the form of modulename:indentify. For example, you can set /ietf-interfaces:interfaces/interface/type to “iana-if-type:ethernetCsmacd”, assuming module ‘iana-if-type’ is found in the current module path.
In the following example, we set /ietf-system/system/contact to “Tom”:
![]()
Send <edit-config> command from data tree¶
We call the instance tree on the right side
data tree
You can modify or delete instance nodes from the data tree on the right side window.
It is much easier to modify a list entry here since you don’t need to explicitly enter values for all list key nodes. NETCONFc will automatically add list key nodes in the <edit-config> when you edit a list node. If you want to the same thing in the module tree at the left side you would have to manually enter all values for list key nodes. It is even harder when you work with nested lists.
In some cases, it might be also easier to create a new instance based on an existing instance.
After you send a
get-config
request, you will see aGet-config reply (Read-Write)
notebook page on the right side of the screen. It shows andata tree
, a tree view for the retrieved instance data.Here you can also create or modify instance nodes by sending
edit-config
.Right-click and select
Enter Value to include in RPC
or use shortcut keyCtrl + W
. For types such as Enumeration and indentityrefa drop-down box will be available for you to select one from a list of values.
You can also click the
Value
cell to enter or modify the value you want to set.After you finish entering the value, right-click and select
edit-config
to send it.Select a node in the data tree, click the
Value
cell and enter the value you want to set, then right click and selectedit-config
to send it!![]()
If you changed your mind and do not want to set the value, you can right click and select
unstage
to remove it from list of nodes to be set. Of course you can also just do anotherget-config
.
Note
After editing configuration, you may need to Commit changes into running datastore or Copy changes to startup datastore to keep it across reboot.
Close connection and reconnect¶
Normally if you set the
keep_alive
parameter to a non-zero value, the connection should be kept open.However if the connection you are currently working is terminated for any reason, you can click
Reconnect
button to have the connection reestablished by creating a new session.![]()
You can also close the current session window and click the
Connect
toolbar button on the mainYANG module explorer
window to create a new session.To close the established connection session by issuing a
close-session
command, simply click the [x] cross button on the top right corner of the session window.
Logging¶
You can log RPCs sent and received by using NETCONFc’s “Log” feature. To bring up the Log window click the “Log” toolbar button in the top YANG Module Explorer window.
Sending Raw XML RPC¶
You can send RPC with a well formed XML message directly in the “Send Request and Show Replies” tab window. Using this feature you can modify a RPC message and resend it quickly.
For example, you can send a <get-config> request. Then in the “Send Request and Show Reply)” window, you should see the last request and reply XML message. You may want to change some fields (e.g. the message-id) and then simply click “Send RPC with the above XML” to resend the <get-config> request.
![]()
This can be a handy way to test your server and see how it responds to various requests.