Cisco ASR 5500 System Administration Manual page 365
Hide thumbs
Also See for ASR 5500:
- Administration manual (410 pages) ,
- Installation manual (192 pages) ,
- Installation procedure overview (6 pages)
Table of Contents
Advertisement
NETCONF and ConfD
Overview
ConfD is an on-device management framework that provides a set of interfaces to manage a device. The
ConfD framework automatically renders all the management interfaces from a data model. ConfD implements
the full NETCONF specification and runs over SSH with content encoded in XML.
ConfD is configured to allow only authenticated/authorized access through external authentication. The
confdmgr provides a standalone CLI module for ConfD to invoke when authenticating/authorizing any new
users. ConfD is configured to allow only authorized access through StarOS authentication. Upon authentication,
the user is given a privilege level (0-15) which is mapped to StarOS secure admin, admin, operator, and
inspector, as defined in the YANG model. StarOS logs CLI authentication event/status messages for each
ConfD authentication request.
On the southbound side, ConfD communicates with a StarOS process called via a set of APIs provided by
the ConfD management agent. The ConfD Configuration Database (CDB) is used by ConfD to store objects.
StarOS accesses the database through the ConfD-supplied APIs. Any updates via StarOS CLI are automatically
synced back to the CDB.
YANG is a data modeling language for the NETCONF network configuration protocol. It can be used to
model both configuration data as well as state data of network elements. YANG can also be used to define
the format of event notifications emitted by network elements and it allows data modelers to define the signature
of remote procedure calls that can be invoked on network elements via the NETCONF protocol (RFC 6020).
The YANG file is compiled as part of StarOS and incorporates existing StarOS supported CLI commands.
ConfD may also collect bulkstats operational data. When enabled, StarOS will send schema information to
confdmgr while gathering statistics. Collected bulkstats are stored in the ConfD CDB for later retrieval over
REST (Representational State Transfer) interface. RESTCONF is an IETF draft
(draft-bierman-netconf-restconf-4) that describes how to map a YANG specification to a RESTful interface
using HTTP as transport. REST and RESTCONF are only enabled internally when a valid certificate and key
are configured. If client authentication is enabled, CA-certificates may be required as well.
ASR 5500 System Administration Guide, StarOS Release 21.5
339
Advertisement
Table of Contents
Troubleshooting
