Network Configuration Protocol Commands

This chapter includes commands to configure the Network Configuration (Netconf) Protocol. More details on the Netconf protocol and the Yang model, please see the System Security Configuration Guide for Cisco NCS 5500 Series RoutersSystem Security Configuration Guide for Cisco NCS 540 Series RoutersSystem Security Configuration Guide.

netconf-yang agent rate-limit

To set the rate-limit for the netconf yang agent, use the netconf-yang agent rate-limit command in the appropriate mode. To delete the set rate-limit, use the no form of the command.

netconf-yang agent rate-limit bytes

no netconf-yang agent rate-limit bytes

Syntax Description

bytes

The number of bytes to process per second. Range is 4096-4294967295. It is based on the size of the request(s) from the client to the netconf server.

Command Default

By default, no limit is set

Command Modes

XR Config mode

Command History

Release Modification
Release 7.0.1

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Use the show netconf-yang rate-limit command to check if the set limit is adequate.

Task ID

Task ID Operation

config-services

read, write

Examples

This example shows how to use the netconf-yang agent rate-limit command: 

RP/0/RP0/CPU0:router # netconf-yang agent rate-limit 5000

clear netconf-yang agent rate-limit

To clear the set rate-limit statistics, use the clear netconf-yang agent rate-limit command in the appropriate mode.

clear netconf-yang agent rate-limit

Syntax Description

This command has no keywords or arguments.

Command Default

None

Command Modes

EXEC

Command History

Release Modification
Release 7.0.1

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Task ID

Task ID Operation
config-services

read, write

Examples

This example shows how to use the clear netconf-yang agent rate-limit command: 

RP/0/RP0/CPU0:router # clear netconf-yang agent rate-limit

clear netconf-yang agent session

To clear the specified netconf agent session, use the clear netconf-yang agent session in XR EXEC mode.

clear netconf-yang agent session session-id

Syntax Description

session-id

The session-id which needs to be cleared.

Command Default

None

Command Modes

XR EXEC mode

Command History

Release Modification
Release 7.0.1

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

The show netconf-yang clients command can be used to get the required session-id(s).

Task ID

Task ID Operation

config-services

read, write

Examples

This example shows how to use the clear netconf-yang agent session command: 

RP/0/RP0/CPU0:router (config) #  clear netconf-yang agent session 32125

netconf-yang agent session

To set the session details (limits and timeouts) for a netconf-yang agent, use the netconf-yang agent session command in the appropriate mode. To remove the configured session limits and timeouts, use the no form of the command.

netconf-yang agent session { limit value | absolute-timeout value | idle-timeout value }

no netconf-yang agent session { limit value | absolute-timeout value | idle-timeout value }

Syntax Description

limit value

Sets the maximum count for concurrent netconf-yang sessions. Range is 1 to 1024.

absolute-timeout value

Enables session absolute timeout and sets the absolute session lifetime. Range is 1 to 1440. Unit is minutes.

idle-timeout value

Enables session idle timeout and sets the idle session lifetime. Range is 1 to 1440. Unit is minutes.

Command Default

By default, no limits are set

Command Modes

XR Config mode

Command History

Release Modification
Release 7.0.1

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Task ID

Task ID Operation

config-services

read, write

Examples

This command shows how to use the netconf-yang agent session command: 

RP/0/RP0/CPU0:router (config) #   netconf-yang agent session limit

netconf-yang agent ssh

To enable netconf agent over SSH (Secure Shell) , use the netconf-yang agent ssh command in XR Config mode. To disable netconf, use the no form of the command.

netconf-yang agent ssh

Syntax Description

This command has no keywords or arguments.

Command Default

None

Command Modes

XR Config mode

Command History

Release Modification
Release 7.0.1

This command was introduced.

Usage Guidelines

SSH is currently the supported transport method for Netconf.

Task ID

Task ID Operation

config-services

read, write

Examples

This example shows how to use the netconf-yang agent ssh command: 

Router# configure
Router(config)#  netconf-yang agent ssh

show netconf-yang clients

To display the client details for netconf-yang, use the show netconf-yang clients command in XR EXEC mode.

show netconf-yang clients

Syntax Description

This command has no keywords or arguments.

Command Default

None

Command Modes

XR EXEC mode

Command History

Release Modification
Release 7.0.1

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Task ID

Task ID Operation

config-services

read

Examples

This example shows how to use the show netconf-yang clients command: 

RP/0/RP0/CPU0:router (config) #  sh netconf-yang clients
Netconf clients 
client session ID|   NC version|    client connect time|        last OP time|        last OP type|    <lock>|
 22969|          											1.1|        	 0d  0h  0m  2s|            11:11:24|       close-session|        No|           
 15389|          											1.1|        	 0d  0h  0m  1s|            11:11:25|          get-config|        No|
Table 1. Field descriptions

Field name

Description

Client session ID

Assigned session identifier

NC version

Version of the Netconf client as advertised in the hello message

Client connection time

Time elapsed since the client was connected

Last OP time

Last operation time

Last OP type

Last operation type

Lock (yes or no)

To check if the session holds a lock on the configuration datastore

show netconf-yang rate-limit

To display the statistics of the total data dropped , due to the set rate-limit, use the show netconf-yang rate-limit command in the appropriate mode.

show netconf-yang rate-limit

Syntax Description

This command has no keywords or arguments.

Command Default

None

Command Modes

EXEC

Command History

Release Modification
Release 7.0.1

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Task ID

Task ID Operation
config-services

read

Examples

This example shows how to use the show netconf-yang rate-limit command: 

RP/0/RP0/CPU0:router # show netconf-yang rate-limit
rate-limit statistics
Total data dropped: 0 Bytes

show netconf-yang statistics

To display the statistical details for netconf-yang, use the show netconf-yang statistics command in XR EXEC mode.

show netconf-yang statistics

Syntax Description

This command has no keywords or arguments.

Command Default

None

Command Modes

XR EXEC mode

Command History

Release Modification
Release 7.0.1

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Task ID

Task ID Operation

config-services

read

Examples

This example shows how to use the show netconf-yang statistics command: 

RP/0/RP0/CPU0:router (config) #  sh netconf-yang statistics
Summary statistics                         
			                      # requests|             total time|   min time per request|   max time per request|   avg time per request|
other                             0|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|
close-session                     4|       0h  0m  0s   3ms|       0h  0m  0s   0ms|       0h  0m  0s   1ms|       0h  0m  0s   0ms|
kill-session                      0|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|
get-schema                        0|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|
get                               0|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|
get-config                        1|       0h  0m  0s   1ms|       0h  0m  0s   1ms|       0h  0m  0s   1ms|       0h  0m  0s   1ms|
edit-config                       3|       0h  0m  0s   2ms|       0h  0m  0s   0ms|       0h  0m  0s   1ms|       0h  0m  0s   0ms|
commit                            0|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|
cancel-commit                     0|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|
lock                              0|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|
unlock                            0|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|
discard-changes                   0|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|
validate                          0|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|       0h  0m  0s   0ms|
xml parse                         8|       0h  0m  0s   4ms|       0h  0m  0s   0ms|       0h  0m  0s   1ms|       0h  0m  0s   0ms|
netconf processor                 8|       0h  0m  0s   6ms|       0h  0m  0s   0ms|       0h  0m  0s   1ms|       0h  0m  0s   0ms|
Table 2. Field descriptions

Field name

Description

Requests

Total number of processed requests of a given type

Total time

Total processing time of all requests of a given type

Min time per request

Minimum processing time for a request of a given type

Max time per request

Maximum processing time for a request of a given type

Avg time per request

Average processing time for a request type

ssh server capability netconf-xml

To enable NETCONF reach XML subsystem via port 22, use the ssh server capability netconf-xml command in in the XR Config mode. Use no form of this command to disable NETCONF reach XML subsystem.

ssh server capability netconf-xml

Syntax Description

This command has no keywords or arguments.

Command Default

Port 22 is the default port.

Command History

Release Modification
Release 7.0.1

This command was introduced.

Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

Task ID

Task ID

Operations

crypto

read, write

Examples

This example shows how to use the ssh server capability netconf-xml command: 

Router# configure
Router(config)# ssh server capability netconf-xml

ssh server netconf port

To configure a port for the netconf SSH server, use the ssh server netconf port command in XR Config mode. To return to the default port, use the no form of the command.

ssh server netconf port port number

Syntax Description

port port-number

Port number for the netconf SSH server (default port number is 830).

Command Default

The default port number is 830.

Command Modes

XR Config mode

Usage Guidelines

Starting with IOS-XR 6.0.0 it is no longer sufficient to configure a netconf port to enable netconf subsystem support. ssh server netconf needs to be at least configured for one vrf.

Task ID

Task ID

Operations

crypto

read, write

Examples

This example shows how to use the ssh server netconf port command with port 831: 


RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# ssh

Related Commands

Command

Description

ssh server netconf

Configures the vrf(s), where netconf subsystem requests are to be received.

netconf-yang agent ssh

Configures the ssh netconf-yang backend for the netconf subsystem (Required to allow the system to service netconf-yang requests).

For more information, see the Cisco ASR 9000 Series Aggregation Services Router System Management Command Reference.