SR OS NETCONF Server Basics

This chapter provides information about SR OS NETCONF server basics.

Topics in this chapter include:

Applicability

This chapter was initially written for SR OS Release 16.0.R4, but the MD-CLI in the current edition is based on SR OS Release 21.5.R2.

Overview

The SR OS Network Configuration Protocol (NETCONF) server can communicate with a NETCONF client, that is, exchange hello messages, receive requests, and reply with responses. Before communicating with the SR OS NETCONF server, some SR OS configurations are prerequisites, and others are optional. This chapter describes the basic configurations needed for a seamless interaction with the SR OS NETCONF server. NETCONF client-server communication shows the NETCONF client-server communication between the controller and the SR OS node.

Figure 1. NETCONF client-server communication

Configuration

The following steps describe the procedure to configure a NETCONF server on SR OS.

  • Because NETCONF uses SSH for transport, enable the SSH server in SR OS:

    configure system security ssh no server-shutdown

  • Enable the NETCONF server:

    configure system netconf no shutdown

  • Enable the YANG modules to use with NETCONF; for example, the Nokia modules:

    configure
    system 
        management-interface
            yang-modules
                no nokia-combined-modules
                nokia-submodules
            exit
    Note:

    The Nokia combined modules and the Nokia submodules cannot both be set to true at the same time.

  • Configure an "nc_user" user with administrative privileges (access netconf):

    configure
    system
        security
            user "nc-user"
                password <password>
                access netconf
                console
                    member "administrative"
                exit
            exit

  • Optionally, enable NETCONF auto-config-save, which auto-saves the data (that is, makes it persistent) after each successful NETCONF commit:

    configure system netconf auto-config-save

  • Optionally, grant the NETCONF user permission to lock a datastore through NETCONF:

    configure system security profile "administrative" netconf base-op-authorization lock

  • Optionally, grant the NETCONF user permission to kill an open NETCONF session:

    configure system security profile "administrative" netconf base-op-authorization kill-session

  • Save the configuration:

    admin save

Conclusion

This chapter describes general SR OS NETCONF server configurations.