- play_arrow Overview
- play_arrow NETCONF XML Management Protocol Overview
- play_arrow NETCONF and Junos XML Tags Overview
- XML and Junos OS Overview
- XML Overview
- XML and NETCONF XML Management Protocol Conventions Overview
- Map Junos OS Commands and Command Output to Junos XML Tag Elements
- Map Configuration Statements to Junos XML Tag Elements
- Using NETCONF Configuration Response Tag Elements in NETCONF Requests and Configuration Changes
-
- play_arrow Manage Configurations Using NETCONF
- play_arrow Change the Configuration Using NETCONF
- Edit the Configuration Using NETCONF
- Upload and Format Configuration Data in a NETCONF Session
- Set the Edit Configuration Mode in a NETCONF Session
- Handle Errors While Editing the Candidate Configuration in a NETCONF Session
- Replace the Candidate Configuration Using NETCONF
- Roll Back Uncommitted Changes in the Candidate Configuration Using NETCONF
- Delete the Configuration Using NETCONF
- Change Individual Configuration Elements Using NETCONF
- Merge Configuration Elements Using NETCONF
- Create Configuration Elements Using NETCONF
- Delete Configuration Elements Using NETCONF
- Replace Configuration Elements Using NETCONF
- Replace Patterns in Configuration Data Using the NETCONF or Junos XML Protocol
- play_arrow Commit the Configuration Using NETCONF
- play_arrow Ephemeral Configuration Database
- Understanding the Ephemeral Configuration Database
- Unsupported Configuration Statements in the Ephemeral Configuration Database
- Enable and Configure Instances of the Ephemeral Configuration Database
- Commit and Synchronize Ephemeral Configuration Data Using the NETCONF or Junos XML Protocol
- Managing Ephemeral Configuration Database Space
- Example: Configure the Ephemeral Configuration Database Using NETCONF
-
- play_arrow Request Operational and Configuration Information Using NETCONF
- play_arrow Request Operational Information Using NETCONF
- play_arrow Request Configuration Information Using NETCONF
- Request the Committed Configuration and Device State Using NETCONF
- Request Configuration Data Using NETCONF
- Specify the Source for Configuration Information Requests Using NETCONF
- Specify the Scope of Configuration Information to Return in a NETCONF Response
- Request the Complete Configuration Using NETCONF
- Request a Configuration Hierarchy Level or Container Object Without an Identifier Using NETCONF
- Request All Configuration Objects of a Specified Type Using NETCONF
- Request Identifiers for Configuration Objects of a Specified Type Using NETCONF
- Request A Specific Configuration Object Using NETCONF
- Request Specific Child Tags for a Configuration Object Using NETCONF
- Request Multiple Configuration Elements Simultaneously Using NETCONF
- Retrieve a Previous (Rollback) Configuration Using NETCONF
- Compare Two Previous (Rollback) Configurations Using NETCONF
- Retrieve the Rescue Configuration Using NETCONF
- Request an XML Schema for the Configuration Hierarchy Using NETCONF
-
- play_arrow NETCONF Utilities
- play_arrow NETCONF Perl Client
- play_arrow Develop NETCONF Perl Client Applications
- Write NETCONF Perl Client Applications
- Import Perl Modules and Declare Constants in NETCONF Perl Client Applications
- Connect to the NETCONF Server in Perl Client Applications
- Collect Parameters Interactively in NETCONF Perl Client Applications
- Submit a Request to the NETCONF Server in Perl Client Applications
- Example: Request an Inventory of Hardware Components Using a NETCONF Perl Client Application
- Example: Change the Configuration Using a NETCONF Perl Client Application
- Parse the NETCONF Server Response in Perl Client Applications
- Close the Connection to the NETCONF Server in Perl Client Applications
-
- play_arrow YANG
- play_arrow YANG Overview
- Understanding YANG on Devices Running Junos OS
- Understanding Junos YANG Modules
- YANG Modules Overview
- Understanding the YANG Modules That Define the Junos OS Configuration
- Understanding the YANG Modules for Junos Operational Commands
- Junos Genstate YANG Data Models
- Understanding the Junos DDL Extensions YANG Module
- YANG Metadata Annotations for Junos Devices
- Use Juniper Networks YANG Modules
- play_arrow Create and Use Non-Native YANG Modules
- Understanding the Management of Nonnative YANG Modules on Devices Running Junos OS
- Manage YANG Packages, Modules, and Scripts on Junos Devices
- Managing YANG Packages and Configurations During a Software Upgrade or Downgrade
- Create Translation Scripts for YANG Configuration Models
- Disable and Enable YANG Translation Scripts on Devices Running Junos OS
- Commit and Display Configuration Data for Nonnative YANG Modules
- Create Custom RPCs in YANG for Devices Running Junos OS
- Create Action Scripts for YANG RPCs on Junos Devices
- Use Custom YANG RPCs on Devices Running Junos OS
- Example: Use a Custom YANG RPC to Retrieve Operational Information on Junos Devices
- Understanding Junos OS YANG Extensions for Formatting RPC Output
- Customize YANG RPC Output on Devices Running Junos OS
- Define Different Levels of Output in Custom YANG RPCs for Junos Devices
- Display Valid Command Option and Configuration Statement Values in the CLI for Custom YANG Modules
- Configure a NETCONF Proxy Telemetry Sensor in Junos
-
- play_arrow OpenDaylight Integration
- play_arrow Configure OpenDaylight Integration
-
- play_arrow Configuration Statements and Operational Commands
NETCONF Monitoring
You can query Junos devices to retrieve NETCONF state information and supported schemas from the NETCONF server.
Junos devices support concurrent management sessions from multiple local and remote NETCONF clients. At times, you need visibility into the active NETCONF sessions on a device as well as information about NETCONF server statistics and support. Having easy access to NETCONF state information enables you to more effectively manage your network devices.
The NETCONF monitoring data model provides operational information about the NETCONF server. NETCONF clients can query a Junos device to retrieve NETCONF state information from the NETCONF server. Clients can request information for NETCONF capabilities, NETCONF sessions and statistics, configuration datastores, and supported schemas.
For more information about the NETCONF monitoring model, see RFC 6022, YANG Module for NETCONF Monitoring.
NETCONF State Information Overview
The NETCONF monitoring data model defines the NETCONF server's operational data. The
netconf-state container comprises subtrees that define and
include the data for the different areas of operation.
Table 1
outlines the netconf-state subtrees supported on Junos devices.
| Description |
|---|---|
| NETCONF operations supported by the NETCONF server. |
| Available configuration datastores, for example,
|
| Schemas supported on the device. |
| Active NETCONF management sessions on the device. |
| NETCONF server performance data. |
Junos devices that support the NETCONF monitoring data model advertise this capability in the NETCONF session's capabilities exchange during session setup.
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:base:1.0</capability>
...
<capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring</capability>
...
</capabilities>
<session-id>12976</session-id>
</hello>
]]>]]>To request NETCONF state information, send a <get> request, and
specify the netconf-state subtree of interest, for example,
<datastores>.
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get>
<filter type="subtree">
<netconf-state xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring">
<subtree>
</netconf-state>
</filter>
</get>
</rpc>When you request NETCONF state information, the server's RPC reply includes the
<data> and <netconf-state>
elements. These elements enclose the subtree for the requested information.
<rpc-reply xmlns:junos="http://xml.juniper.net/junos/23.4R1.12-EVO/junos" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <data> <netconf-state xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"> ... </netconf-state> </data> </rpc-reply>
The netconf-state <sessions> and <statistics> subtrees
include information about active NETCONF sessions and NETCONF server data,
respectively. Table 2 outlines the supported elements returned for these filters. The
<sessions> data includes per-session counters. The
<statistics> data reports global counters for the NETCONF
server.
| Node | Description | Filters |
|---|---|---|
| Number of NETCONF sessions that were abnormally terminated. |
|
| Number of incorrect RPC messages received by the server. |
|
| Number of correct RPC messages received by the server. |
|
| Number of NETCONF sessions started. |
|
| Date and time when the NETCONF session was established. |
|
| Date and time when the NETCONF server was started. |
|
| Number of |
|
| Number of NETCONF server RPC replies that contained an
|
|
| NETCONF session identifier. |
|
| IP address or hostname from which the NETCONF client connected. |
|
| Transport protcol for the NETCONF session, for example,
|
|
| Client identity authenticated by the NETCONF transport protocol. |
|
Retrieve NETCONF Capabilities
A NETCONF client can retrieve the NETCONF server's capabilities. The capabilities define the operations supported by the NETCONF server. The NETCONF server advertises the supported capabilities during session setup. By default, Junos devices do not advertise supported YANG modules in the capabilities list. However, you can configure the device to include them.
To request the capabilities of the NETCONF server:
The NETCONF server returns the <capabilities> element with
the supported capabilities. The <capabilities> information
is identical to that in the <hello> message exchange sent
during session setup.
<rpc-reply xmlns:junos="http://xml.juniper.net/junos/23.4R1.12-EVO/junos" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<data>
<netconf-state xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
<capability>urn:ietf:params:netconf:capability:candidate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:confirmed-commit:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file</capability>
<capability>urn:ietf:params:xml:ns:netconf:base:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:candidate:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:confirmed-commit:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:validate:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:url:1.0?scheme=http,ftp,file</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-yang-metadata?module=ietf-yang-metadata&revision=2016-08-05</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring</capability>
<capability>http://xml.juniper.net/netconf/junos/1.0</capability>
<capability>http://xml.juniper.net/dmi/system/1.0</capability>
<capability>http://yang.juniper.net/junos/jcmd?module=junos-configuration-metadata&revision=2021-09-01</capability>
<capability>http://yang.juniper.net/junos/common/types?module=junos-common-types&revision=2023-01-01</capability>
<capability>http://yang.juniper.net/junos/conf/access-profile?module=junos-conf-access-profile&revision=2023-01-01</capability>
<capability>http://yang.juniper.net/junos/conf/access?module=junos-conf-access&revision=2023-01-01</capability>
<capability>http://yang.juniper.net/junos/conf/accounting-options?module=junos-conf-accounting-options&revision=2023-01-01</capability>
...
</capabilities>
</netconf-state>
</data>
</rpc-reply>Retrieve Configuration Datastores
The configuration datastores are the configuration databases supported on the device. When you request information about the configuration datastores, the server also returns their lock status.
To request the list of configuration datastores supported by the NETCONF server:
In a NETCONF session, execute a
<get>operation for thenetconf-state/datastoressubtree.content_copy zoom_out_map<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <get> <filter type="subtree"> <netconf-state xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"> <datastores/> </netconf-state> </filter> </get> </rpc>
The NETCONF server returns the configuration datastores and their lock states. In
this case, the datastores include the candidate configuration,
which has a lock on it, and the running (active)
configuration.
<rpc-reply xmlns:junos="http://xml.juniper.net/junos/23.4R1.12-EVO/junos" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<data>
<netconf-state xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring">
<datastores>
<datastore>
<name>candidate</name>
<locks>
<locked-by-session>0</locked-by-session>
<locked-time junos:seconds="1691539727">2023-08-08T17:08:47-07:00</locked-time>
</locks>
</datastore>
<datastore>
<name>running</name>
</datastore>
</datastores>
</netconf-state>
</data>
</rpc-reply>Retrieve Schemas
NETCONF clients can request the list of schemas supported on the device. By default, Junos devices return only the Junos native schemas in the supported schemas list. However, you can configure the device to include any additional supported schemas, including custom YANG modules that are installed on the device as well as standard modules, such as OpenConfig.
To request the list of supported schemas:
The device returns the list of supported schemas. The output includes the Junos native schemas. The output also include custom and standard schemas, if you configured the device to emit these schemas.
<rpc-reply xmlns:junos="http://xml.juniper.net/junos/23.4R1.12-EVO/junos" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <data> <netconf-state xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"> <schemas> <schema> <identifier>junos-common-types</identifier> <version>2023-01-01</version> <format>yang</format> <namespace>http://yang.juniper.net/junos/common/types</namespace> <location>NETCONF</location> </schema> <schema> <identifier>junos-conf-access-profile</identifier> <version>2023-01-01</version> <format>yang</format> <namespace>http://yang.juniper.net/junos/conf/access-profile</namespace> <location>NETCONF</location> </schema> ... </schemas> </netconf-state> </data> </rpc-reply>
The netconf-state/schemas subtree only returns the identifiers
for the supported schemas. It does not include the actual schemas. Given the
identifer, you can retrieve a specific schema instance. To request a schema
instance in a NETCONF session:
Execute the
<get-schema>operation and specify the schema identifier.content_copy zoom_out_map<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <get-schema xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"> <identifier>schema-identifier</identifier> </get-schema> </rpc>For example, the following RPC retrieves the
junos-conf-access-profileschema.content_copy zoom_out_map<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <get-schema xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"> <identifier>junos-conf-access-profile</identifier> </get-schema> </rpc>
The NETCONF server returns the schema in YANG format, which is the default and only supported format.
<rpc-reply xmlns:junos="http://xml.juniper.net/junos/23.4R1.12-EVO/junos" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<data xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring">
/*
* Copyright (c) 2023 Juniper Networks, Inc.
* All rights reserved.
*/
module junos-conf-access-profile {
namespace "http://yang.juniper.net/junos/conf/access-profile";
prefix jc-access-profile;
import junos-common-types {
prefix jt;
revision-date 2023-01-01;
}
import junos-conf-root {
prefix jc;
revision-date 2023-01-01;
}
organization "Juniper Networks, Inc.";
contact "yang-support@juniper.net";
description "Junos access-profile configuration module";
revision 2023-01-01 {
description "Junos: 23.4R1.12-EVO";
}
augment /jc:configuration {
uses access-profile-group;
}
augment /jc:configuration/jc:groups {
uses access-profile-group;
}
grouping access-profile-group {
container access-profile {
description "Access profile for this instance";
leaf access-profile-name {
description "Profile name";
type string;
}
}
}
}
</data>
</rpc-reply>
Retrieve NETCONF Session Information
NETCONF clients can request a list of the active NETCONF sessions on the device. The NETCONF server returns the active sessions along with information about each session. The returned data includes per-session counters. See Table 2 for descriptions of the output fields.
For sessions where certain values are undefined, for example, internal sessions,
the default values for transport, username,
and source-host are netconf-ssh,
internal-user, and local-host,
respectively.
To retrieve the active NETCONF sessions on the device:
In a NETCONF session, execute a
<get>operation for thenetconf-state/sessionssubtree.content_copy zoom_out_map<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <get> <filter type="subtree"> <netconf-state xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"> <sessions/> </netconf-state> </filter> </get> </rpc>
The NETCONF server returns the active NETCONF sessions along with the session-specific data.
<rpc-reply xmlns:junos="http://xml.juniper.net/junos/23.4R1.12-EVO/junos" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<data>
<netconf-state xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring">
<sessions>
<session>
<session-id>2614</session-id>
<transport>netconf-ssh</transport>
<username>admin</username>
<source-host>10.1.1.101</source-host>
<login-time junos:seconds="1691699108">2023-08-10T13:25:08-07:00</login-time>
<in-rpcs>6</in-rpcs>
<in-bad-rpcs>0</in-bad-rpcs>
<out-rpc-errors>1</out-rpc-errors>
<out-notifications>0</out-notifications>
</session>
<session>
<session-id>2879</session-id>
<transport>netconf-ssh</transport>
<username>sec-admin</username>
<source-host>198.51.100.11</source-host>
<login-time junos:seconds="1691699237">2023-08-10T13:27:17-07:00</login-time>
<in-rpcs>11</in-rpcs>
<in-bad-rpcs>1</in-bad-rpcs>
<out-rpc-errors>2</out-rpc-errors>
<out-notifications>0</out-notifications>
</session>
<session>
<session-id>13559</session-id>
<transport>netconf-ssh</transport>
<username>root</username>
<source-host>local-host</source-host>
<login-time junos:seconds="1689712208">2023-07-18T13:30:08-07:00</login-time>
<in-rpcs>14</in-rpcs>
<in-bad-rpcs>0</in-bad-rpcs>
<out-rpc-errors>0</out-rpc-errors>
<out-notifications>0</out-notifications>
</session>
</sessions>
</netconf-state>
</data>
</rpc-reply>Retrieve NETCONF Server Statistics
A NETCONF client can request the NETCONF server statistics for a given device.
Whereas the <netconf-state> <sessions> filter returns per-session counters, the
<netconf-state> <statistics> filter returns global counters for the NETCONF
server. See Table 2 for descriptions of the output fields.
To request NETCONF server statistics on a device:
In a NETCONF session, execute a
<get>operation for thenetconf-state/statisticssubtree.content_copy zoom_out_map<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <get> <filter type="subtree"> <netconf-state xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"> <statistics/> </netconf-state> </filter> </get> </rpc>
The NETCONF server returns the global performance data for the server.
<rpc-reply xmlns:junos="http://xml.juniper.net/junos/23.4R1.12-EVO/junos" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <netconf-state xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"> <statistics> <netconf-start-time junos:seconds="1689712174">2023-07-18T13:29:34-07:00</netconf-start-time> <in-sessions>43</in-sessions> <dropped-sessions>3</dropped-sessions> <in-rpcs>58</in-rpcs> <in-bad-rpcs>48</in-bad-rpcs> <out-rpc-errors>4</out-rpc-errors> <out-notifications>2</out-notifications> </statistics> </netconf-state> </data> </rpc-reply>
