libnetconf2

libnetconf2 copied to clipboard

Hi,

We run agains a server using libnetconf2.

When set to use the NETCONF 1.0 capability for the client it works like a charm.

2020-10-21 16:25:54,819 (AbstractTransport.java:328) DEBUG : <hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><capabilities><capability>urn:ietf:params:netconf:base:1.0</capability><capability>urn:ietf:params:netconf:base:1.1</capability><capability>urn:ietf:params:netconf:capability:writable-running:1.0</capability><capability>urn:ietf:params:netconf:capability:candidate:1.0</capability><capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</capability><capability>urn:ietf:params:netconf:capability:validate:1.1</capability><capability>urn:ietf:params:netconf:capability:startup:1.0</capability><capability>urn:ietf:params:netconf:capability:xpath:1.0</capability><capability>urn:ietf:params:netconf:capability:with-defaults:1.0?basic-mode=explicit&amp;also-supported=report-all,report-all-tagged,trim,explicit</capability><capability>urn:ietf:params:netconf:capability:notification:1.0</capability><capability>urn:ietf:params:netconf:capability:interleave:1.0</capability><capability>urn:ietf:params:xml:ns:yang:ietf-yang-metadata?module=ietf-yang-metadata&amp;revision=2016-08-05</capability><capability>urn:ietf:params:xml:ns:yang:1?module=yang&amp;revision=2017-02-20</capability><capability>urn:ietf:params:xml:ns:yang:ietf-inet-types?module=ietf-inet-types&amp;revision=2013-07-15</capability><capability>urn:ietf:params:xml:ns:yang:ietf-yang-types?module=ietf-yang-types&amp;revision=2013-07-15</capability><capability>urn:ietf:params:netconf:capability:yang-library:1.1?revision=2019-01-04&amp;content-id=31</capability><capability>urn:ietf:params:xml:ns:yang:ietf-netconf-acm?module=ietf-netconf-acm&amp;revision=2018-02-14</capability><capability>urn:ietf:params:xml:ns:netconf:base:1.0?module=ietf-netconf&amp;revision=2013-09-29&amp;features=writable-running,candidate,rollback-on-error,validate,startup,url,xpath</capability><capability>urn:ietf:params:xml:ns:yang:ietf-netconf-with-defaults?module=ietf-netconf-with-defaults&amp;revision=2011-06-01</capability><capability>urn:ietf:params:xml:ns:yang:ietf-netconf-notifications?module=ietf-netconf-notifications&amp;revision=2012-02-06</capability><capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring?module=ietf-netconf-monitoring&amp;revision=2010-10-04</capability><capability>urn:ietf:params:xml:ns:netconf:notification:1.0?module=notifications&amp;revision=2008-07-14</capability><capability>urn:ietf:params:xml:ns:netmod:notification?module=nc-notifications&amp;revision=2008-07-14</capability><capability>urn:ietf:params:xml:ns:yang:ietf-x509-cert-to-name?module=ietf-x509-cert-to-name&amp;revision=2014-12-10</capability><capability>urn:ietf:params:xml:ns:yang:iana-crypt-hash?module=iana-crypt-hash&amp;revision=2014-08-06</capability></capabilities><session-id>2</session-id></hello>
2020-10-21 16:25:54,975 (AbstractBaseTransport.java:53) DEBUG : Message sent to server :
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
  <capabilities>
    **<capability>urn:ietf:params:netconf:base:1.0</capability>**
  </capabilities>
</hello>
]]>]]>
2020-10-21 16:25:54,975 (AbstractTransport.java:361) DEBUG : The exchange of <hello> messages phase is completed, the session ID is 2
2020-10-21 16:25:54,975 (AbstractTransport.java:255) DEBUG : startKeepAliveThread()
2020-10-21 16:25:54,977 (Netconf.java:24) DEBUG : Created Netconf instance for Netconf1.0
2020-10-21 16:25:55,001 (AbstractBaseTransport.java:53) DEBUG : Message sent to server :
 <rpc message-id="1" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
   <get-config>
     <source>
       <running/>
     </source>
     <filter type="subtree">
       <netconf-server xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-server"/>
     </filter>
   </get-config>
 </rpc>
]]>]]>
<xml-fragment>
  <netconf-server xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-server">
    <listen>
      <endpoint>
        <name>default-ssh</name>
        <ssh>
          <tcp-server-parameters>
            <local-address>0.0.0.0</local-address>
            <keepalives>
              <idle-time>1</idle-time>
              <max-probes>10</max-probes>
              <probe-interval>5</probe-interval>
            </keepalives>
          </tcp-server-parameters>
          <ssh-server-parameters>
            <server-identity>
              <host-key>
                <name>default-key</name>
                <public-key>
                  <keystore-reference>genkey</keystore-reference>
                </public-key>
              </host-key>
            </server-identity>
            <client-authentication>
              <supported-authentication-methods>
                <publickey/>
                <passsword/>
                <other>interactive</other>
              </supported-authentication-methods>
              <users/>
            </client-authentication>
          </ssh-server-parameters>
        </ssh>
      </endpoint>
    </listen>
  </netconf-server>
</xml-fragment>

If I run the same code with NETCONF 1.1 capability. Just changing the capability. I get the following:

2020-10-21 16:36:03,311 (Ssh.java:58) DEBUG : Established a SSH connection towards 100.120.18.225:830 
2020-10-21 16:36:03,311 (AbstractTransport.java:317) DEBUG : Starting to exchange the <hello> messages
2020-10-21 16:36:03,312 (AbstractTransport.java:327) DEBUG : Hello message from server: 

2020-10-21 16:36:03,312 (AbstractTransport.java:328) DEBUG : <hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><capabilities><capability>urn:ietf:params:netconf:base:1.0</capability><capability>urn:ietf:params:netconf:base:1.1</capability><capability>urn:ietf:params:netconf:capability:writable-running:1.0</capability><capability>urn:ietf:params:netconf:capability:candidate:1.0</capability><capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</capability><capability>urn:ietf:params:netconf:capability:validate:1.1</capability><capability>urn:ietf:params:netconf:capability:startup:1.0</capability><capability>urn:ietf:params:netconf:capability:xpath:1.0</capability><capability>urn:ietf:params:netconf:capability:with-defaults:1.0?basic-mode=explicit&amp;also-supported=report-all,report-all-tagged,trim,explicit</capability><capability>urn:ietf:params:netconf:capability:notification:1.0</capability><capability>urn:ietf:params:netconf:capability:interleave:1.0</capability><capability>urn:ietf:params:xml:ns:yang:ietf-yang-metadata?module=ietf-yang-metadata&amp;revision=2016-08-05</capability><capability>urn:ietf:params:xml:ns:yang:1?module=yang&amp;revision=2017-02-20</capability><capability>urn:ietf:params:xml:ns:yang:ietf-inet-types?module=ietf-inet-types&amp;revision=2013-07-15</capability><capability>urn:ietf:params:xml:ns:yang:ietf-yang-types?module=ietf-yang-types&amp;revision=2013-07-15</capability><capability>urn:ietf:params:netconf:capability:yang-library:1.1?revision=2019-01-04&amp;content-id=31</capability><capability>urn:ietf:params:xml:ns:yang:ietf-netconf-acm?module=ietf-netconf-acm&amp;revision=2018-02-14</capability><capability>urn:ietf:params:xml:ns:netconf:base:1.0?module=ietf-netconf&amp;revision=2013-09-29&amp;features=writable-running,candidate,rollback-on-error,validate,startup,url,xpath</capability><capability>urn:ietf:params:xml:ns:yang:ietf-netconf-with-defaults?module=ietf-netconf-with-defaults&amp;revision=2011-06-01</capability><capability>urn:ietf:params:xml:ns:yang:ietf-netconf-notifications?module=ietf-netconf-notifications&amp;revision=2012-02-06</capability><capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring?module=ietf-netconf-monitoring&amp;revision=2010-10-04</capability><capability>urn:ietf:params:xml:ns:netconf:notification:1.0?module=notifications&amp;revision=2008-07-14</capability><capability>urn:ietf:params:xml:ns:netmod:notification?module=nc-notifications&amp;revision=2008-07-14</capability><capability>urn:ietf:params:xml:ns:yang:ietf-x509-cert-to-name?module=ietf-x509-cert-to-name&amp;revision=2014-12-10</capability><capability>urn:ietf:params:xml:ns:yang:iana-crypt-hash?module=iana-crypt-hash&amp;revision=2014-08-06</capability></capabilities><session-id>3</session-id></hello>
2020-10-21 16:36:03,472 (AbstractBaseTransport.java:53) DEBUG : Message sent to server :
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
  <capabilities>
    **<capability>urn:ietf:params:netconf:base:1.1</capability>**
  </capabilities>
</hello>
]]>]]>
2020-10-21 16:36:03,472 (AbstractTransport.java:361) DEBUG : The exchange of <hello> messages phase is completed, the session ID is 3
2020-10-21 16:36:03,472 (AbstractTransport.java:255) DEBUG : startKeepAliveThread()
2020-10-21 16:36:03,475 (Netconf11Impl.java:25) DEBUG : Created Netconf instance for Netconf1.1
2020-10-21 16:36:03,498 (AbstractBaseTransport.java:53) DEBUG : Message sent to server :
 <rpc message-id="1" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
   <get-config>
     <source>
       <running/>
     </source>
     <filter type="subtree">
       <netconf-server xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-server"/>
     </filter>
   </get-config>
 </rpc>
]]>]]>

As you can see the only difference is the capability. And we use the same logic so I wonder why we get no reply from server?

//mike

1.1 will switch the server to use chunked framing.

Maybe that is the issue.

Could you explain what chunked framing is a why it is for NETCONF 1.1 and not for 1.0? I checked https://tools.ietf.org/html/rfc6241 and could not find anything. How does chunked framing affect the messages?

Sorry finally found it: https://tools.ietf.org/html/rfc6242#page-5

I think I understand now. So the ssh lib needs to support encode/decode of chunked messages?

It does not matter where it is being "decoded", in out cases libnetconf2 does it but you cannot keep using NETCONF 1.0 encoding, obviously.

I would appreciate you you could show me the encode and decode functions in this library so I could do something similar in java.

If you think it will help, this function writes a full NETCONF message.