Open SpiffiRacoon opened 1 month ago
olofhagsand
commented
1 month ago This is the internal NETCONF protocol . The external NETCONF interface supports this. The internal protocol was updated from a proprietary framing in 7.0 There is an outdated description here: https://clixon-docs.readthedocs.io/en/latest/netconf.html#internal-netconf Related to https://github.com/clicon/clixon/issues/530
SpiffiRacoon
commented
1 month ago Further note even when I force ncclient to run on netconf base 1.1, the clixon-backend still fails to send it's server side capabilities to the client and only sends session-id.
ncclient debug log:
DEBUG:ncclient.transport.unix:[session 0x73730ded4a90] starting main loop
DEBUG:ncclient.transport.unix:[session 0x73730ded4a90] selector type = EpollSelector
DEBUG:ncclient.transport.unix:[session 0x73730ded4a90] Sending message
INFO:ncclient.transport.unix:[session 0x73730ded4a90] Sending:
b'\n#1189\n<?xml version="1.0" encoding="UTF-8"?><nc:hello xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><nc:capabilities><nc:capability>urn:ietf:params:netconf:base:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:base:1.1</nc:capability><nc:capability>urn:ietf:params:netconf:capability:writable-running:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:candidate:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:confirmed-commit:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:startup:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file,https,sftp</nc:capability><nc:capability>urn:ietf:params:netconf:capability:validate:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:xpath:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:notification:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:interleave:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:with-defaults:1.0</nc:capability></nc:capabilities></nc:hello>\n##\n'
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: starting
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: working with buffer of 98 bytes
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: matching from 0 bytes from start of buffer
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: regular expression start=0, end=5
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: found chunk delimiter
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: chunk size 89 bytes
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: appending 89 bytes
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: fragment = "<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><session-id>1</session-id></hello>"
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: matching from 94 bytes from start of buffer
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: regular expression start=0, end=4
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: found end of message delimiter
INFO:ncclient.transport.unix:[session 0x73730ded4a90] Received message from host
DEBUG:ncclient.transport.unix:[session 0x73730ded4a90] Received:
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><session-id>1</session-id></hello>
clixon-backen:
Jun 25 13:21:02.441743: clixon_msg_rcv11:606: Recv [1]: <?xml version="1.0" encoding="UTF-8"?><nc:hello xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><nc:capabilities><nc:capability>urn:ietf:params:netconf:base:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:base:1.1</nc:capability><nc:capability>urn:ietf:params:netconf:capability:writable-running:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:candidate:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:confirmed-commit:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:startup:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file,https,sftp</nc:capability><nc:capability>urn:ietf:params:netconf:capability:validate:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:xpath:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:notification:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:interleave:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:with-defaults:1.0</nc:capability></nc:capabilities></nc:hello>
Jun 25 13:21:02.441828: clixon_msg_send:358: Send [1]:
#89
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><session-id>1</session-id></hello>
Clixon-backend only listens for NETCONF 1.1 chunked messages. When trying to connect via netconf application such as ncclient the connection is never established because of the lack of proper exchange of capability's aka \.
Example using ncclient to connect to clixon-backend using unix_socket:
ncclient:
clixon-backend in D3 mode:
proper framing protocol: https://datatracker.ietf.org/doc/html/rfc6242#section-4.1