NETCONF serverΒΆ

As explained in the introduction, Virtual Service Router provides a NETCONF API that is used by NETCONF clients to configure and monitor the router remotely.

At startup, if the NETCONF server is not configured, it listens on all interfaces (IPv4 and IPv6 addresses) on port 830 of the main VRF.

The VRF, IP address and port on which the NETCONF server listens can be configured. This replaces the default configuration.

Here is an example of configuration that will start the NETCONF server in the mgmt VRF on addresses 192.168.0.5, port 8030 and fec0::dcad:cafe:ae01:203, port 830:

vsr running config# / vrf mgmt interface physical eth2 port pci-b0s5
vsr running config# / vrf mgmt interface physical eth2 ipv4 address 192.168.0.5/24
vsr running config# / vrf mgmt interface physical eth2 ipv6 address fec0::dcad:cafe:ae01:203/64
vsr running config# / vrf mgmt netconf-server address 192.168.0.5 port 8030
vsr running config# / vrf mgmt netconf-server address fec0::dcad:cafe:ae01:203

To display the NETCONF server state:

vsr> show state / vrf mgmt netconf-server
netconf-server
    enabled true
    idle-timeout 3600
    address 192.168.0.5 port 8030
    address fec0::dcad:cafe:ae01:203 port 830
    ..

The same configuration can be made using this NETCONF XML configuration:

vsr> show config xml absolute vrf mgmt netconf-server
<config xmlns="urn:6wind:vrouter">
  <vrf>
    <name>mgmt</name>
    <netconf-server xmlns="urn:6wind:vrouter/netconf-server">
      <enabled>true</enabled>
      <address>
        <ip>fec0::dcad:cafe:ae01:203</ip>
        <port>830</port>
      </address>
      <address>
        <ip>192.168.0.5</ip>
        <port>8030</port>
      </address>
    </netconf-server>
  </vrf>
</config>

Here is an example of configuration that will delete the previous configuration and reestablish the default behavior (listen on all interfaces on port 830):

vsr running config# del / vrf mgmt
vsr running config# / vrf main netconf-server enabled true

Here is an example of configuration that will stop the NETCONF server:

vsr running config# / vrf main netconf-server enabled false

Attention

If you disable the NETCONF server, any remote operation via NETCONF will be made impossible. If you have not disabled it into the startup configuration, a reboot will restore the default configuration.

If you have explicitly disabled the NETCONF server in your startup configuration, remote NETCONF operation will not be enabled on boot. SSH remote access is not related to this and remains available unless you also disabled it.

See also

The command reference for details.