JUNOS automation, NETCONF


JUNOS supports NETCONF protocol which is XML-RPC based mechanism to communicate
with router/firewalls (any thing that runs JUNOS). Get information to and from the JUNOS,
Upgrade devices remotely. Make applications either web based or right on the JUNOS device.
I am rather interested in some thing new, as I like SNMP protocol and have built many web based applications for monitoring and configuring devices, gathering statistics for network planning and other useful stuff. I am interested in a web based NETCONF application because if you want to transport a VLAN over a network from point A to point B, it does not make sense of making scripts on individual JUNOS device but make a script on a central server which then deploys it to each and every device in-path.
Juniper’s CLI is a itself client to NETCONF protocol.
Mgd daemon is responsible for the NETCONF procotol. JUNOS runs NETCONF over ssh,
lets enable the ssh procotol.
root# set system services ssh
root# set system services netconf ssh



now access a linux machine and execute the following command



root@nms:~# ssh root@ -s netconf root@’s password:










JUNOS will reply like the following,



<!– No zombies were killed during the creation of this user interface –> <!– user root, class super-user –> <hello> <capabilities> <capability>urn:ietf:params:xml:ns:netconf:base:1.0</capability> <capability>urn:ietf:params:xml:ns:netconf:capability:candidate:1.0</capability> <capability>urn:ietf:params:xml:ns:netconf:capability:confirmed-commit:1.0</capability> <capability>urn:ietf:params:xml:ns:netconf:capability:validate:1.0</capability> <capability>urn:ietf:params:xml:ns:netconf:capability:url:1.0?protocol=http,ftp,file</capability> <capability>http://xml.juniper.net/netconf/junos/1.0</capability> <capability>http://xml.juniper.net/dmi/system/1.0</capability> </capabilities> <session-id>4509</session-id> </hello> ]]>]]>



XML output shows the connection is established and JUNOS has just welcomed you to it’s NETCONF interface.



execute a command and see what JUNOS replies, paste the following into same sshd session



<rpc message-id=”1″ xmlns=”urn:ietf:params:xml:ns:netconf:base:1.0″> <get-system-uptime-information/> </rpc>


The above command retrieves information from the device about the uptime of the JUNOS access via ssh.


<rpc-reply xmlns=”urn:ietf:params:xml:ns:netconf:base:1.0″ xmlns:junos=”http://xml.juniper.net/junos/9.1R2/junos” message-id=”1″ xmlns=”urn:ietf:params:xml:ns:netconf:base:1.0″> ]]>]]><system-uptime-information xmlns=”http://xml.juniper.net/junos/9.1R2/junos”> <current-time> <date-time junos:seconds=”1366935506″>2013-04-26 00:18:26 UTC</date-time> </current-time> <system-booted-time> <date-time junos:seconds=”1366933535″>2013-04-25 23:45:35 UTC</date-time> <time-length junos:seconds=”1971″>00:32:51</time-length> </system-booted-time> <protocols-started-time> <date-time junos:seconds=”1366933734″>2013-04-25 23:48:54 UTC</date-time> <time-length junos:seconds=”1772″>00:29:32</time-length> </protocols-started-time> <last-configured-time> <date-time junos:seconds=”1366933868″>2013-04-25 23:51:08 UTC</date-time> <time-length junos:seconds=”1638″>00:27:18</time-length> <user>root</user> </last-configured-time> <uptime-information> <date-time junos:seconds=”1366935506″> 12:18AM </date-time> <up-time junos:seconds=”2001″> 33 mins </up-time> <active-user-count junos:format=”1 user”> 1 </active-user-count> <load-average-1> 0.16 </load-average-1> <load-average-5> 0.03 </load-average-5> <load-average-15> 0.03 </load-average-15> </uptime-information> </system-uptime-information> </rpc-reply> ]]>]]>



]]>]]> is used to represent the end of XML-RPC message, this will normally always be used in request/response messages.



The above XML reply can be formatted to display it in more readable format, which can be done using any XML parser.Thank You,

Related Posts
Leave a reply