Hi,
I would like to know if it is possible to send NetConfig commands using a proper SSH Connection instead of a QAction, in other words, natively from Dataminer.
The current implementation in Cisco ASR Manager uses a QAction and the Renci.SshNetSLC library to achieve this, but it is not desirable and currently does not work properly. From my testing, it looks like NetConfig commands are sent via SSH2 as part of a XML document (command is in XML format) and the response is also an XML document. It seems similar to sending CLI commands, however, the data appears to get encrypted as part of the NetConfig protocol and it is not plain text like CLI.
I have attached a screenshot showing the MG-SOFT NetConf Browser app which I am using to test sending some commands, here I sent the get-config command and the response XML document is below. Wireshark shows that the data sent / received is in hex format.
Any help is appreciated, thanks!
Hi Alex,
I believe it should be possible to implement NETCONF protocol in a SSH connection. In the case of the Cisco ASR Manager, we implemented this protocol via QAction since we were only sending commands to configure the device, not to poll data from the device.
Regarding your comments:
The current implementation in Cisco ASR Manager uses a QAction and the Renci.SshNetSLC library to achieve this, but it is not desirable and currently does not work properly.
Please could you let us know what is the error that you are experiencing? We tested this connector with a Cisco ASR device and we managed to successfully configure the service router.
From my testing, it looks like NetConfig commands are sent via SSH2 as part of a XML document (command is in XML format) and the response is also an XML document. It seems similar to sending CLI commands, however, the data appears to get encrypted as part of the NetConfig protocol and it is not plain text like CLI.
This is correct, NETCONF uses an XML based data encoding for the configuration data as well as the protocol messages. Communication is done over a secure protocol (e.g. SSH). Based on this, it is expected that the data will not be plain text.
I have attached a screenshot showing the MG-SOFT NetConf Browser app which I am using to test sending some commands, here I sent the get-config command and the response XML document is below. Wireshark shows that the data sent / received is in hex format.
Please could you let us know what is the behavior that you are expecting here? As mentioned before, NETCONF commands are sent through SSH, so all the communication will be encrypted.
Hi Miguel,
Thank you for your response.
During my testing, I tried sending the “get-config” NetConf command that I successfully tested on the MG-SOFT application but using the implementation in Cisco ASR Manager, and always got a “Channel was closed” error no matter what. I tried using different method calls within the NetConfClient class and setting different values to the properties, I verified that the credentials were correct and the connection was established, but always got the same error.
I also searched for this kind of issue online and it seems to be a common problem when using this library. I assume it works in some scenarios, but it doesn’t seem to work for sending just any command. If you’d like we can get on a call to further investigate this issue.
In any case, the requirements for the new implementation are to not use a QAction to connect and send the commands, but to have Dataminer handle the communication. I will be working on that today, and will post an update if I get it working.
The screenshots posted were just to provide some more info on NetConf commands, the format used, and what the data looks like.
Kind regards,