MyNOG, profile picture
Uploaded byMyNOG
PDF, PPTX341 views

The Path to a Programmable Network

The document discusses strategies for automating network configuration using model-driven approaches and open standards. It provides an overview of exciting developments in software development that could enable more programmatic network configuration. Specifically, it covers NETCONF and YANG standards for automating device configuration and management, and recommends starting with familiarization of OpenConfig models, templated deployments of simple configurations, and using tools like YDK and NCClient to test automations.

Embed presentation

Download as PDF, PPTX
www.opengear.com© Copyright 2019 Opengear, Inc. 1 The Path to a Programmable Network Open Telemetry and Model-Driven Configuration David Leonard 4-Jul-2019 MyNOG-8, Kuala Lumpur
© Copyright 2019 Opengear, Inc. www.opengear.com 2
Overview © Copyright 2019 Opengear, Inc. www.opengear.com 3 • Motivation • Exciting news from the world of software development • Strategies for automation • Standards • Demo / teaser
© Copyright 2019 Opengear, Inc. www.opengear.com 4 How it starts
© Copyright 2019 Opengear, Inc. www.opengear.com 5 configure
© Copyright 2019 Opengear, Inc. www.opengear.com 6 configure configure configure
© Copyright 2019 Opengear, Inc. www.opengear.com 7 configure configure configure configureconfigure configure configure configure configure
© Copyright 2019 Opengear, Inc. www.opengear.com 8 configure configure configure configureconfigure configure configure configure configure
© Copyright 2019 Opengear, Inc. www.opengear.com 9 What have we wrought?
Trouble with configuring via the CLI © Copyright 2019 Opengear, Inc. www.opengear.com 10 • Configs applied and maintained by hand • Vendor-specific syntax, ever-changing • Inconsistent configurations, unexplained special cases • Configurations are forgotten; until... reactive break-fix model • Workarounds: brute force, diligence, hard work, RANCID • Fragile scrapers break on upgrades • Human-oriented interfaces are for humans
© Copyright 2019 Opengear, Inc. www.opengear.com 11 Manual control Controlled by software
© Copyright 2019 Opengear, Inc. www.opengear.com 12 Combining the reliability of software with the low cost of network changes
Exciting news from the world of software © Copyright 2019 Opengear, Inc. www.opengear.com 13 • Agile practices – Lighter but more intense teamwork • git + pull requests – collaborative text editing, focused review • CI/CD + tests + sandboxes – safety nets are safer • DevOps – the best tools and practices adopted by operations
© Copyright 2019 Opengear, Inc. www.opengear.com 14 programmer
© Copyright 2019 Opengear, Inc. www.opengear.com 15 configure configure configure configureconfigure configure configure configure configure 1:100
© Copyright 2019 Opengear, Inc. www.opengear.com 16 program program program configure configure configure 1:100
© Copyright 2019 Opengear, Inc. www.opengear.com 17 program program configure configure configure configure configure configure configure program 1:1000
© Copyright 2019 Opengear, Inc. www.opengear.com 18 Strategies
Pre-conditions for automation © Copyright 2019 Opengear, Inc. www.opengear.com 19 • Inventory: do you have good detail of all devices? • Requirements: business's expectation of function level; now & plans • Standards: which model/vocabulary to use in automation • Telemetry: feedback channels • Automation: control channels; tooling • Trust: get experience, confidently predict automation's behaviour • other: Budget, Stakeholders, Suppliers
© Copyright 2019 Opengear, Inc. www.opengear.com 20 Provisioning Monitoring Security … Requirements ? ? ? ? Automation ? ? ? ? Telemetry ? ? ? ? Inventory ? ? ? ? Standards ? ? ? ? Suppliers ? ? ? ? Partners ? ? ? ? Budget ? ? ? ? Trust ? ? ? ?
© Copyright 2019 Opengear, Inc. www.opengear.com 21 Standards
IETF NETCONF © Copyright 2019 Opengear, Inc. www.opengear.com 22 • 2006 RPC-based protocol for configuring network devices • "SNMP done right" • Replaces CLI-based programmatic interfaces (perl/expect over SSH) • Installs, manipulates configuration • Can validate config before activation • Atomic commit/transaction across multiple devices • Structured message and errors (XML/JSON)
NETCONF: XML over SSH © Copyright 2019 Opengear, Inc. www.opengear.com 23 $ ssh -oHostKeyAlgorithms=+ssh-dss root@ios-xe-mgmt.cisco.com -p 10000 -s netconf S: <hello> <capabilities> … </capabilities> </hello> ]]>]]> C: <hello> <capabilities> … </capabilities> </hello>
NETCONF: XML over SSH (continued) © Copyright 2019 Opengear, Inc. www.opengear.com 24 C: <rpc> <get-config> <source><running/></source> </get-config> </rpc> S: <rpc-reply> <data> <interfaces><interface> <name>eth0</name> <enabled>true<… </interfaces> </data> </rpc-reply> ]]>]]>
NETCONF landscape © Copyright 2019 Opengear, Inc. www.opengear.com 25 • YANG – the modeling language for NETCONF – like MIBs' ASN.1 notation – IETF provides some basic models, eg RFC8343 "ietf-interfaces" • NETCONF – the client-server protocol – NETCONF: sends XML over SSH – RESTCONF: sends XML or JSON over HTTP • OpenConfig – the community – a group of carriers and vendors sharing their YANG models – more than just "vendor MIBs" (called native models)
Where to get YANG models © Copyright 2019 Opengear, Inc. www.opengear.com 26 • yangcatalog.org – https://github.com/YangModels/yang (yangcatalog.org) • openconfig.org – https://github.com/openconfig/public • https://github.com/Juniper/yang
© Copyright 2019 Opengear, Inc. www.opengear.com 27 Demo – Getting Started
© Copyright 2019 Opengear, Inc. www.opengear.com 28
© Copyright 2019 Opengear, Inc. www.opengear.com 29 Summary
© Copyright 2019 Opengear, Inc. www.opengear.com 30
© Copyright 2019 Opengear, Inc. www.opengear.com 31 Suggested approach: • Get familiar with the OpenConfig models, eg BGP. Many examples available showing YANG/NX-OS CLI https://developer.cisco.com/docs/openconfig-yang-release-9-2x/#!ocni-bgp/ocni-bgp • Try simple templated deployment (interfaces) http://karneliuk.com/2018/07/openconfig-w-o-and-w-ansible-for-arista-eos- cisco-ios-xr-and-nokia-sr-os-part-1-interfaces/ • Try same using YDK or NCClient, in Python
Additional thoughts © Copyright 2019 Opengear, Inc. www.opengear.com 33 • The divide-and-conquer NETCONF strategy reflects what we’ve seen at network operators and in large scale networks • The “surgical” approach to configuration updates is – Faster and less disruptive – Allows for shared control of network devices (multi-tenant) • Alternate approach is to distribute "complete" configuration files via tools like Ansible, possibly generated from YANG models – Reliable, whole-device 'restore' • Ultimate end game is an Intent Based Network?
© Copyright 2019 Opengear, Inc. www.opengear.com 34

More Related Content

PDF
Next Gen Monitoring with INT
byMyNOG
 
PDF
Engineering The New IP Transport
byMyNOG
 
PDF
TIME Journey to the SPACE
byMyNOG
 
PDF
MyIX Updates
byMyNOG
 
PDF
12 (IDNOG02) SGIX and Singapore Internet Landscape by Kerk Chun Sing
byIndonesia Network Operators Group
 
PDF
RPKI and Me
byMyNOG
 
PDF
Next Generation DDoS Services – can we do this with NFV? - CF Chui
byMyNOG
 
PDF
NovoNet Vision and Operators' Perspective for ONAP
byITU
 
Next Gen Monitoring with INT
byMyNOG
 
Engineering The New IP Transport
byMyNOG
 
TIME Journey to the SPACE
byMyNOG
 
MyIX Updates
byMyNOG
 
12 (IDNOG02) SGIX and Singapore Internet Landscape by Kerk Chun Sing
byIndonesia Network Operators Group
 
RPKI and Me
byMyNOG
 
Next Generation DDoS Services – can we do this with NFV? - CF Chui
byMyNOG
 
NovoNet Vision and Operators' Perspective for ONAP
byITU
 

What's hot

PPTX
Colt inter-provider SDN NNIs and APIs
byColt Technology Services
 
PDF
WINS: Peering and IXPs
byAPNIC
 
PDF
Design and deployment of optical white box
byADVA
 
PDF
Prof. Danny Raz, Director, Bell Labs Israel, Nokia
bychiportal
 
PDF
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
byMyNOG
 
PDF
5G is more than a new radio - network slicing
byADVA
 
PDF
How Data Center Traffic is Changing Your Network by KC Lim
byMyNOG
 
PDF
MyIX Updates
byMyNOG
 
PDF
100Gbps Core Network Deployment in an African Network - Mark Tinka
byMyNOG
 
PDF
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
byMyNOG
 
PDF
SDN-Based Enterprise Connectivity Service
byOpen Networking Summit
 
PPTX
IPv6 deployment in Telekom Malaysia, PTC17
byAPNIC
 
PDF
MyIX Updates by Raja Mohan
byMyNOG
 
PDF
IPv6 Support at NEC CEs
byAPNIC
 
PDF
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
byMyNOG
 
PDF
vCPE Challenges and Ways Forward
bySigal Biran-Nagar
 
PDF
Five Trends Enabled by 5G that will Change Networking Forever
byOpen Networking Summit
 
PPTX
Game Changing Multilayer Networking - TNC 2017
bySigal Biran-Nagar
 
PDF
Software Defined RAN
byOpen Networking Summit
 
PDF
05 (IDNOG02) Technology to reserve the redundancy on the layer2 network by Sa...
byIndonesia Network Operators Group
 
Colt inter-provider SDN NNIs and APIs
byColt Technology Services
 
WINS: Peering and IXPs
byAPNIC
 
Design and deployment of optical white box
byADVA
 
Prof. Danny Raz, Director, Bell Labs Israel, Nokia
bychiportal
 
Experience of Implementing IPTV in an ISP Network by Thong Hawk Yen
byMyNOG
 
5G is more than a new radio - network slicing
byADVA
 
How Data Center Traffic is Changing Your Network by KC Lim
byMyNOG
 
MyIX Updates
byMyNOG
 
100Gbps Core Network Deployment in an African Network - Mark Tinka
byMyNOG
 
SP Routing Innovation with Segment Routing, VXLAN and EVPN - Ismail Ali
byMyNOG
 
SDN-Based Enterprise Connectivity Service
byOpen Networking Summit
 
IPv6 deployment in Telekom Malaysia, PTC17
byAPNIC
 
MyIX Updates by Raja Mohan
byMyNOG
 
IPv6 Support at NEC CEs
byAPNIC
 
High Speed Fiber Services and Challenges to the Core Network by Seiichi Kawamura
byMyNOG
 
vCPE Challenges and Ways Forward
bySigal Biran-Nagar
 
Five Trends Enabled by 5G that will Change Networking Forever
byOpen Networking Summit
 
Game Changing Multilayer Networking - TNC 2017
bySigal Biran-Nagar
 
Software Defined RAN
byOpen Networking Summit
 
05 (IDNOG02) Technology to reserve the redundancy on the layer2 network by Sa...
byIndonesia Network Operators Group
 

Similar to The Path to a Programmable Network

PDF
Introduction to Data Models & Cisco's NextGen Device Level APIs: an overview
byCisco DevNet
 
PDF
Model-driven Network Management
byAnees Shaikh
 
PDF
Devops For Networking Steven Armstrong Armstrong Steven
bybosomsuaa
 
PPTX
IoT System Management ppt SNMP simple network
bynarikamalliy
 
PDF
SDN in the Management Plane: OpenConfig and Streaming Telemetry
byAnees Shaikh
 
PPTX
IoT sysstem management.pptx for btech students
bysaritanayak23
 
PPTX
iot title" is not clearly defined in the
bygauthaam04
 
PDF
Network Automation Journey, A systems engineer NetOps perspective
byWalid Shaari
 
PDF
Open management interfaces for NFV
byAnees Shaikh
 
PDF
OpenConfig: collaborating to enable programmable network management
byAnees Shaikh
 
PDF
Bringing SDN to the Management Plane
byAnees Shaikh
 
PDF
An open management plane (2015 Open Networking Summit)
byAnees Shaikh
 
PDF
Kick starting Network Automation
byWalid Shaari
 
PPTX
SDN Demystified, by Dean Pemberton [APNIC 38]
byAPNIC
 
PPTX
DEVNET-1166 Open SDN Controller APIs
byCisco DevNet
 
PPTX
Dynamic Service Configuration and Automated Network Configuration with NETCON...
byTail-f Systems
 
PDF
Model-driven Network Automation
byAnees Shaikh
 
PPT
Cumulus networks - Overcoming traditional network limitations with open source
byNat Morris
 
PDF
Andy Davidson Automation Presentation from UKNOF 31
byNicole White
 
PDF
SDN/OpenFlow #lspe
byChris Westin
 
Introduction to Data Models & Cisco's NextGen Device Level APIs: an overview
byCisco DevNet
 
Model-driven Network Management
byAnees Shaikh
 
Devops For Networking Steven Armstrong Armstrong Steven
bybosomsuaa
 
IoT System Management ppt SNMP simple network
bynarikamalliy
 
SDN in the Management Plane: OpenConfig and Streaming Telemetry
byAnees Shaikh
 
IoT sysstem management.pptx for btech students
bysaritanayak23
 
iot title" is not clearly defined in the
bygauthaam04
 
Network Automation Journey, A systems engineer NetOps perspective
byWalid Shaari
 
Open management interfaces for NFV
byAnees Shaikh
 
OpenConfig: collaborating to enable programmable network management
byAnees Shaikh
 
Bringing SDN to the Management Plane
byAnees Shaikh
 
An open management plane (2015 Open Networking Summit)
byAnees Shaikh
 
Kick starting Network Automation
byWalid Shaari
 
SDN Demystified, by Dean Pemberton [APNIC 38]
byAPNIC
 
DEVNET-1166 Open SDN Controller APIs
byCisco DevNet
 
Dynamic Service Configuration and Automated Network Configuration with NETCON...
byTail-f Systems
 
Model-driven Network Automation
byAnees Shaikh
 
Cumulus networks - Overcoming traditional network limitations with open source
byNat Morris
 
Andy Davidson Automation Presentation from UKNOF 31
byNicole White
 
SDN/OpenFlow #lspe
byChris Westin
 

More from MyNOG

PDF
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
byMyNOG
 
PDF
Hierarchical Network Controller
byMyNOG
 
PDF
SRv6: DEPLOYMENT & USECASES by Aditya Kaul
byMyNOG
 
PDF
Embedded CDNs in 2023
byMyNOG
 
PDF
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
byMyNOG
 
PDF
Introducing Peering LAN 2.0 at DE-CIX
byMyNOG
 
PDF
Edge virtualisation for Carrier Networks
byMyNOG
 
PDF
Equinix: New Markets, New Frontiers
byMyNOG
 
PDF
SHADOWSERVER: INTERNET CRITICAL SECURITY AS A PUBLIC SERVICE
byMyNOG
 
PDF
Securing the Onion: 5G Cloud Native Infrastructure
byMyNOG
 
PDF
Load balancing and Service in Kubernetes
byMyNOG
 
PDF
Peering Personal MyNOG-10
byMyNOG
 
PDF
Building a Connected Future: The Power of Interconnection
byMyNOG
 
PDF
Cloud SDN: BGP Peering and RPKI
byMyNOG
 
PDF
Cleaning up your RPKI invalids
byMyNOG
 
PDF
Malaysia’s Emerging Trends in Data Center: Identifying Tomorrow’s Hotspots
byMyNOG
 
PDF
SDM – A New (Subsea) Cable Paradigm
byMyNOG
 
PDF
COHERENT OPTICAL TRANSCEIVERS – CURRENT CAPABILITIES AND FUTURE POSSIBILITIES
byMyNOG
 
PDF
MEASURING THE HEALTH AND RESILIENCE OF THE INTERNET: MALAYSIA
byMyNOG
 
PDF
Strategies for Seamless Recovery in a Dynamic Data Landscape
byMyNOG
 
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
byMyNOG
 
Hierarchical Network Controller
byMyNOG
 
SRv6: DEPLOYMENT & USECASES by Aditya Kaul
byMyNOG
 
Embedded CDNs in 2023
byMyNOG
 
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
byMyNOG
 
Introducing Peering LAN 2.0 at DE-CIX
byMyNOG
 
Edge virtualisation for Carrier Networks
byMyNOG
 
Equinix: New Markets, New Frontiers
byMyNOG
 
SHADOWSERVER: INTERNET CRITICAL SECURITY AS A PUBLIC SERVICE
byMyNOG
 
Securing the Onion: 5G Cloud Native Infrastructure
byMyNOG
 
Load balancing and Service in Kubernetes
byMyNOG
 
Peering Personal MyNOG-10
byMyNOG
 
Building a Connected Future: The Power of Interconnection
byMyNOG
 
Cloud SDN: BGP Peering and RPKI
byMyNOG
 
Cleaning up your RPKI invalids
byMyNOG
 
Malaysia’s Emerging Trends in Data Center: Identifying Tomorrow’s Hotspots
byMyNOG
 
SDM – A New (Subsea) Cable Paradigm
byMyNOG
 
COHERENT OPTICAL TRANSCEIVERS – CURRENT CAPABILITIES AND FUTURE POSSIBILITIES
byMyNOG
 
MEASURING THE HEALTH AND RESILIENCE OF THE INTERNET: MALAYSIA
byMyNOG
 
Strategies for Seamless Recovery in a Dynamic Data Landscape
byMyNOG
 

Recently uploaded

PPTX
Why-Enterprises-Should-Build-Their-Own-Core-Network-and-Own-Their-ASN-and-Pub...
bybunhongkruy
 
PPTX
Artificial Intelligence (AI) Technology Project Proposal _ by Slidesgo.pptx
byadhyaadi804
 
DOCX
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
PDF
Key Duties and Roles of an Ecommerce Developer Singapore
byHachi Web Solution
 
PPTX
Lesson 3 - Methodology of Green Computing - part2 - dela cruz.pptx
byOmar Fernandez
 
PPTX
Overview-of-Anti-DDoS-Solutions-On-Premise-vs-On-Cloud.pptx
bybunhongkruy
 
PPTX
tacacstrianingforwirelessnetworkengineers
byRaviTejaTammineni
 
PPTX
Lesson 5 - Cyber attack Pt 3 - Matsuhashi.pptx
byOmar Fernandez
 
PDF
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
PPTX
Number_Guessing_Game_Dsbsbssbzboc[1].pptx
byfbinsta3426
 
PDF
Beacon Kit slides tech framework for world game (s) pdf
bySteven McGee
 
PDF
Novi.LMS.Veseli.Cetvrtak.001 (1).pdfjjjj
byzoran radovic
 
PPTX
Dalhousie University Diploma
by文凭办理维多利亚大学购买毕业证学位认证知乎【Q微:1954292140】
 
PDF
Greetings All Students Update 3 by LDMMIA
by©LDMMIA, ©Reiki Yoga
 
PDF
LMS.Golconda.Vanredni.Broj.001.pdfjjjjjjj
byzoran radovic
 
Why-Enterprises-Should-Build-Their-Own-Core-Network-and-Own-Their-ASN-and-Pub...
bybunhongkruy
 
Artificial Intelligence (AI) Technology Project Proposal _ by Slidesgo.pptx
byadhyaadi804
 
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
Key Duties and Roles of an Ecommerce Developer Singapore
byHachi Web Solution
 
Lesson 3 - Methodology of Green Computing - part2 - dela cruz.pptx
byOmar Fernandez
 
Overview-of-Anti-DDoS-Solutions-On-Premise-vs-On-Cloud.pptx
bybunhongkruy
 
tacacstrianingforwirelessnetworkengineers
byRaviTejaTammineni
 
Lesson 5 - Cyber attack Pt 3 - Matsuhashi.pptx
byOmar Fernandez
 
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
Number_Guessing_Game_Dsbsbssbzboc[1].pptx
byfbinsta3426
 
Beacon Kit slides tech framework for world game (s) pdf
bySteven McGee
 
Novi.LMS.Veseli.Cetvrtak.001 (1).pdfjjjj
byzoran radovic
 
Dalhousie University Diploma
by文凭办理维多利亚大学购买毕业证学位认证知乎【Q微:1954292140】
 
Greetings All Students Update 3 by LDMMIA
by©LDMMIA, ©Reiki Yoga
 
LMS.Golconda.Vanredni.Broj.001.pdfjjjjjjj
byzoran radovic
 

The Path to a Programmable Network

  • 1.
    www.opengear.com© Copyright 2019Opengear, Inc. 1 The Path to a Programmable Network Open Telemetry and Model-Driven Configuration David Leonard 4-Jul-2019 MyNOG-8, Kuala Lumpur
  • 2.
    © Copyright 2019Opengear, Inc. www.opengear.com 2
  • 3.
    Overview © Copyright 2019Opengear, Inc. www.opengear.com 3 • Motivation • Exciting news from the world of software development • Strategies for automation • Standards • Demo / teaser
  • 4.
    © Copyright 2019Opengear, Inc. www.opengear.com 4 How it starts
  • 5.
    © Copyright 2019Opengear, Inc. www.opengear.com 5 configure
  • 6.
    © Copyright 2019Opengear, Inc. www.opengear.com 6 configure configure configure
  • 7.
    © Copyright 2019Opengear, Inc. www.opengear.com 7 configure configure configure configureconfigure configure configure configure configure
  • 8.
    © Copyright 2019Opengear, Inc. www.opengear.com 8 configure configure configure configureconfigure configure configure configure configure
  • 9.
    © Copyright 2019Opengear, Inc. www.opengear.com 9 What have we wrought?
  • 10.
    Trouble with configuringvia the CLI © Copyright 2019 Opengear, Inc. www.opengear.com 10 • Configs applied and maintained by hand • Vendor-specific syntax, ever-changing • Inconsistent configurations, unexplained special cases • Configurations are forgotten; until... reactive break-fix model • Workarounds: brute force, diligence, hard work, RANCID • Fragile scrapers break on upgrades • Human-oriented interfaces are for humans
  • 11.
    © Copyright 2019Opengear, Inc. www.opengear.com 11 Manual control Controlled by software
  • 12.
    © Copyright 2019Opengear, Inc. www.opengear.com 12 Combining the reliability of software with the low cost of network changes
  • 13.
    Exciting news fromthe world of software © Copyright 2019 Opengear, Inc. www.opengear.com 13 • Agile practices – Lighter but more intense teamwork • git + pull requests – collaborative text editing, focused review • CI/CD + tests + sandboxes – safety nets are safer • DevOps – the best tools and practices adopted by operations
  • 14.
    © Copyright 2019Opengear, Inc. www.opengear.com 14 programmer
  • 15.
    © Copyright 2019Opengear, Inc. www.opengear.com 15 configure configure configure configureconfigure configure configure configure configure 1:100
  • 16.
    © Copyright 2019Opengear, Inc. www.opengear.com 16 program program program configure configure configure 1:100
  • 17.
    © Copyright 2019Opengear, Inc. www.opengear.com 17 program program configure configure configure configure configure configure configure program 1:1000
  • 18.
    © Copyright 2019Opengear, Inc. www.opengear.com 18 Strategies
  • 19.
    Pre-conditions for automation ©Copyright 2019 Opengear, Inc. www.opengear.com 19 • Inventory: do you have good detail of all devices? • Requirements: business's expectation of function level; now & plans • Standards: which model/vocabulary to use in automation • Telemetry: feedback channels • Automation: control channels; tooling • Trust: get experience, confidently predict automation's behaviour • other: Budget, Stakeholders, Suppliers
  • 20.
    © Copyright 2019Opengear, Inc. www.opengear.com 20 Provisioning Monitoring Security … Requirements ? ? ? ? Automation ? ? ? ? Telemetry ? ? ? ? Inventory ? ? ? ? Standards ? ? ? ? Suppliers ? ? ? ? Partners ? ? ? ? Budget ? ? ? ? Trust ? ? ? ?
  • 21.
    © Copyright 2019Opengear, Inc. www.opengear.com 21 Standards
  • 22.
    IETF NETCONF © Copyright2019 Opengear, Inc. www.opengear.com 22 • 2006 RPC-based protocol for configuring network devices • "SNMP done right" • Replaces CLI-based programmatic interfaces (perl/expect over SSH) • Installs, manipulates configuration • Can validate config before activation • Atomic commit/transaction across multiple devices • Structured message and errors (XML/JSON)
  • 23.
    NETCONF: XML overSSH © Copyright 2019 Opengear, Inc. www.opengear.com 23 $ ssh -oHostKeyAlgorithms=+ssh-dss root@ios-xe-mgmt.cisco.com -p 10000 -s netconf S: <hello> <capabilities> … </capabilities> </hello> ]]>]]> C: <hello> <capabilities> … </capabilities> </hello>
  • 24.
    NETCONF: XML overSSH (continued) © Copyright 2019 Opengear, Inc. www.opengear.com 24 C: <rpc> <get-config> <source><running/></source> </get-config> </rpc> S: <rpc-reply> <data> <interfaces><interface> <name>eth0</name> <enabled>true<… </interfaces> </data> </rpc-reply> ]]>]]>
  • 25.
    NETCONF landscape © Copyright2019 Opengear, Inc. www.opengear.com 25 • YANG – the modeling language for NETCONF – like MIBs' ASN.1 notation – IETF provides some basic models, eg RFC8343 "ietf-interfaces" • NETCONF – the client-server protocol – NETCONF: sends XML over SSH – RESTCONF: sends XML or JSON over HTTP • OpenConfig – the community – a group of carriers and vendors sharing their YANG models – more than just "vendor MIBs" (called native models)
  • 26.
    Where to getYANG models © Copyright 2019 Opengear, Inc. www.opengear.com 26 • yangcatalog.org – https://github.com/YangModels/yang (yangcatalog.org) • openconfig.org – https://github.com/openconfig/public • https://github.com/Juniper/yang
  • 27.
    © Copyright 2019Opengear, Inc. www.opengear.com 27 Demo – Getting Started
  • 28.
    © Copyright 2019Opengear, Inc. www.opengear.com 28
  • 29.
    © Copyright 2019Opengear, Inc. www.opengear.com 29 Summary
  • 30.
    © Copyright 2019Opengear, Inc. www.opengear.com 30
  • 31.
    © Copyright 2019Opengear, Inc. www.opengear.com 31 Suggested approach: • Get familiar with the OpenConfig models, eg BGP. Many examples available showing YANG/NX-OS CLI https://developer.cisco.com/docs/openconfig-yang-release-9-2x/#!ocni-bgp/ocni-bgp • Try simple templated deployment (interfaces) http://karneliuk.com/2018/07/openconfig-w-o-and-w-ansible-for-arista-eos- cisco-ios-xr-and-nokia-sr-os-part-1-interfaces/ • Try same using YDK or NCClient, in Python
  • 32.
    Additional thoughts © Copyright2019 Opengear, Inc. www.opengear.com 33 • The divide-and-conquer NETCONF strategy reflects what we’ve seen at network operators and in large scale networks • The “surgical” approach to configuration updates is – Faster and less disruptive – Allows for shared control of network devices (multi-tenant) • Alternate approach is to distribute "complete" configuration files via tools like Ansible, possibly generated from YANG models – Reliable, whole-device 'restore' • Ultimate end game is an Intent Based Network?
  • 33.
    © Copyright 2019Opengear, Inc. www.opengear.com 34