SR OS NETCONF Server Basics

This chapter provides information about SR OS NETCONF server basics.

Topics in this chapter include:

Applicability

This chapter was initially written for SR OS Release 16.0.R4, but the MD-CLI in the current edition is based on SR OS Release 21.5.R2.

Overview

The SR OS Network Configuration Protocol (NETCONF) server can communicate with a NETCONF client, that is, exchange hello messages, receive requests, and reply with responses. Before communicating with the SR OS NETCONF server, some SR OS configurations are prerequisites, and others are optional. This chapter describes the basic configurations needed for a seamless interaction with the SR OS NETCONF server. NETCONF client-server communication shows the NETCONF client-server communication between the controller and the SR OS node.

Figure 1. NETCONF client-server communication

Configuration

The following steps describe the procedure to configure a NETCONF server on SR OS.

  • Because NETCONF uses SSH for transport, enable the SSH server in SR OS:

    configure system security ssh no server-shutdown
    
  • Enable the NETCONF server:

    configure system netconf no shutdown
    
  • Enable the YANG modules to use with NETCONF; for example, the Nokia modules:

    configure
        system 
            management-interface
                yang-modules
                    no nokia-combined-modules
                    nokia-submodules
                exit
    
    Note:

    The Nokia combined modules and the Nokia submodules cannot both be set to true at the same time.

  • Configure an "nc_user" user with administrative privileges (access netconf):

    configure
        system
            security
                user "nc-user"
                    password <password>
                    access netconf
                    console
                        member "administrative"
                    exit
                exit 
    
  • Optionally, enable NETCONF auto-config-save, which auto-saves the data (that is, makes it persistent) after each successful NETCONF commit:

    configure system netconf auto-config-save
    
  • Optionally, grant the NETCONF user permission to lock a datastore through NETCONF:

    configure system security profile "administrative" netconf base-op-authorization lock
    
  • Optionally, grant the NETCONF user permission to kill an open NETCONF session:

    configure system security profile "administrative" netconf base-op-authorization kill-session
    
  • Save the configuration:

    admin save
    

Conclusion

This chapter describes general SR OS NETCONF server configurations.