Re: [Nsi-wg] ietf NETCONF group
Hi all- I'd like to make a couple comments about this...I am not by any means an expert, but I see some issues that I wonder if anyone has considered or knows about?... From what I know of the JUNOS implementation, the NETCONF API seems completely Juniper centric. And therefore JUNOS centric. I.e. it really is focused on configuring IP routers and Juniper routers at that... I think the issue of configuring devices using automated network agents will be more useful if it can cover devices other than just routers. Certainly ethernet switches fall into this catagory (perhaps JUNOS is implemented on some of these as well), but also other network devices including SONET/SDH or DWDM devices (ala GMPLS "LSR" architecture). I also believe a generic NETCONF architecture could be useful for configuring and monitoring other devices as well such as firewalls and end-systems or even non-network devices such as instuments or sensors... And it could be used to reconfigure larger service functions such as a DHCP elements or routing domains, or policy domains if it were designed to do so as part of the architectural background. So two questions: a) Does anyone know of any NETCONF type of package that portends to doing this type of of architectural domain autoconfiguration?, and b) Should this effort to develop an automated configuration process for IP devices consider how to define a *generic* device configuration protocol that could be used to cover a broader set of cyber-devices? Thanks Jerry Bartek Belter wrote:
Hi Guy, all,
The GN2 AMPS (Advance Multi-domain Provisioning System, a federated resource reservation system for Premium IP) also uses this API to configure Juniper routers. And indeed, as Joan Antoni pointed out, this API is used to configure a single network device, not the whole network.
If you have valid GN2 credentials you may take a look at the page: http://wiki.geant2.net/bin/view/SA3/AmpsConfigurationService This gives a brief overview to the part of AMPS responsible for the configuration of network elements. I can try to dig a bit more, if some of you are interested to get more detailed description.
Best regards, Bartek
Hi all, The netconf specification is quite simple, and does not define what is the device being configured. You can look at the RFC or at this nice wikipedia entry (http://en.wikipedia.org/wiki/Netconf), but basically NETCONF defines an XML-RPC protocol with 7 messages: <get>, <get-config>, <edit-config>, <copy-config>, <delete-config>, <lock>, <unlock>, <close-session>, <kill-session>. The contens of each message (the configuration data in the wikipedia picture) are not part of the standard, they are left to every implementor, who defines the XML data that goes inside each message (taht's why JunOS netconf looks juniper centric, Cisco one looks Cisco centric, and so on). Therefore you can configure whatever you want as long as you use the 7 messages above (which are pretty generic anyway). Hope this helps, Best regards, Eduard Jerry Sobieski escribió:
Hi all-
I'd like to make a couple comments about this...I am not by any means an expert, but I see some issues that I wonder if anyone has considered or knows about?...
From what I know of the JUNOS implementation, the NETCONF API seems completely Juniper centric. And therefore JUNOS centric. I.e. it really is focused on configuring IP routers and Juniper routers at that...
I think the issue of configuring devices using automated network agents will be more useful if it can cover devices other than just routers. Certainly ethernet switches fall into this catagory (perhaps JUNOS is implemented on some of these as well), but also other network devices including SONET/SDH or DWDM devices (ala GMPLS "LSR" architecture).
I also believe a generic NETCONF architecture could be useful for configuring and monitoring other devices as well such as firewalls and end-systems or even non-network devices such as instuments or sensors... And it could be used to reconfigure larger service functions such as a DHCP elements or routing domains, or policy domains if it were designed to do so as part of the architectural background.
So two questions: a) Does anyone know of any NETCONF type of package that portends to doing this type of of architectural domain autoconfiguration?, and b) Should this effort to develop an automated configuration process for IP devices consider how to define a *generic* device configuration protocol that could be used to cover a broader set of cyber-devices?
Thanks Jerry
Bartek Belter wrote:
Hi Guy, all,
The GN2 AMPS (Advance Multi-domain Provisioning System, a federated resource reservation system for Premium IP) also uses this API to configure Juniper routers. And indeed, as Joan Antoni pointed out, this API is used to configure a single network device, not the whole network.
If you have valid GN2 credentials you may take a look at the page: http://wiki.geant2.net/bin/view/SA3/AmpsConfigurationService This gives a brief overview to the part of AMPS responsible for the configuration of network elements. I can try to dig a bit more, if some of you are interested to get more detailed description.
Best regards, Bartek
_______________________________________________ nsi-wg mailing list nsi-wg@ogf.org http://www.ogf.org/mailman/listinfo/nsi-wg
-- Eduard Grasa Gras Network Technologies Cluster (CTX) Fundació i2Cat, Internet i Innovació Digital a Catalunya C/ Gran Capità 2 - 4, Nexus I building, 2nd floor, office 203 08034 Barcelona, Catalonia, Spain P: +34 93 401 7179 F: +34 93 553 2520
Hi Guys, Thanks for all your info on NETCONF, this is helpful. I guess Jerry's question is interesting - i.e. has anyone attempted to create a non-vendor specific configuration protocol? Guy -----Original Message----- From: Eduard Grasa [mailto:eduard.grasa@i2cat.net] Sent: 26 June 2009 12:28 To: Jerry Sobieski Cc: bartosz.belter@man.poznan.pl; 'NSI WG'; Guy Roberts Subject: Re: [Nsi-wg] ietf NETCONF group Hi all, The netconf specification is quite simple, and does not define what is the device being configured. You can look at the RFC or at this nice wikipedia entry (http://en.wikipedia.org/wiki/Netconf), but basically NETCONF defines an XML-RPC protocol with 7 messages: <get>, <get-config>, <edit-config>, <copy-config>, <delete-config>, <lock>, <unlock>, <close-session>, <kill-session>. The contens of each message (the configuration data in the wikipedia picture) are not part of the standard, they are left to every implementor, who defines the XML data that goes inside each message (taht's why JunOS netconf looks juniper centric, Cisco one looks Cisco centric, and so on). Therefore you can configure whatever you want as long as you use the 7 messages above (which are pretty generic anyway). Hope this helps, Best regards, Eduard Jerry Sobieski escribió:
Hi all-
I'd like to make a couple comments about this...I am not by any means an expert, but I see some issues that I wonder if anyone has considered or knows about?...
From what I know of the JUNOS implementation, the NETCONF API seems completely Juniper centric. And therefore JUNOS centric. I.e. it really is focused on configuring IP routers and Juniper routers at that...
I think the issue of configuring devices using automated network agents will be more useful if it can cover devices other than just routers. Certainly ethernet switches fall into this catagory (perhaps JUNOS is implemented on some of these as well), but also other network devices including SONET/SDH or DWDM devices (ala GMPLS "LSR" architecture).
I also believe a generic NETCONF architecture could be useful for configuring and monitoring other devices as well such as firewalls and end-systems or even non-network devices such as instuments or sensors... And it could be used to reconfigure larger service functions such as a DHCP elements or routing domains, or policy domains if it were designed to do so as part of the architectural background.
So two questions: a) Does anyone know of any NETCONF type of package that portends to doing this type of of architectural domain autoconfiguration?, and b) Should this effort to develop an automated configuration process for IP devices consider how to define a *generic* device configuration protocol that could be used to cover a broader set of cyber-devices?
Thanks Jerry
Bartek Belter wrote:
Hi Guy, all,
The GN2 AMPS (Advance Multi-domain Provisioning System, a federated resource reservation system for Premium IP) also uses this API to configure Juniper routers. And indeed, as Joan Antoni pointed out, this API is used to configure a single network device, not the whole network.
If you have valid GN2 credentials you may take a look at the page: http://wiki.geant2.net/bin/view/SA3/AmpsConfigurationService This gives a brief overview to the part of AMPS responsible for the configuration of network elements. I can try to dig a bit more, if some of you are interested to get more detailed description.
Best regards, Bartek
_______________________________________________ nsi-wg mailing list nsi-wg@ogf.org http://www.ogf.org/mailman/listinfo/nsi-wg
-- Eduard Grasa Gras Network Technologies Cluster (CTX) Fundació i2Cat, Internet i Innovació Digital a Catalunya C/ Gran Capità 2 - 4, Nexus I building, 2nd floor, office 203 08034 Barcelona, Catalonia, Spain P: +34 93 401 7179 F: +34 93 553 2520
Hi, Yes, Netconf is an example. It is a generic protocol to configure devices (the trick is that it specifies very little). Best regards, Eduard Guy Roberts escribió:
Hi Guys,
Thanks for all your info on NETCONF, this is helpful.
I guess Jerry's question is interesting - i.e. has anyone attempted to create a non-vendor specific configuration protocol?
Guy
-----Original Message----- From: Eduard Grasa [mailto:eduard.grasa@i2cat.net] Sent: 26 June 2009 12:28 To: Jerry Sobieski Cc: bartosz.belter@man.poznan.pl; 'NSI WG'; Guy Roberts Subject: Re: [Nsi-wg] ietf NETCONF group
Hi all,
The netconf specification is quite simple, and does not define what is the device being configured. You can look at the RFC or at this nice wikipedia entry (http://en.wikipedia.org/wiki/Netconf), but basically NETCONF defines an XML-RPC protocol with 7 messages: <get>, <get-config>, <edit-config>, <copy-config>, <delete-config>, <lock>, <unlock>, <close-session>, <kill-session>.
The contens of each message (the configuration data in the wikipedia picture) are not part of the standard, they are left to every implementor, who defines the XML data that goes inside each message (taht's why JunOS netconf looks juniper centric, Cisco one looks Cisco centric, and so on). Therefore you can configure whatever you want as long as you use the 7 messages above (which are pretty generic anyway).
Hope this helps,
Best regards,
Eduard
Jerry Sobieski escribió:
Hi all-
I'd like to make a couple comments about this...I am not by any means an expert, but I see some issues that I wonder if anyone has considered or knows about?...
From what I know of the JUNOS implementation, the NETCONF API seems completely Juniper centric. And therefore JUNOS centric. I.e. it really is focused on configuring IP routers and Juniper routers at that...
I think the issue of configuring devices using automated network agents will be more useful if it can cover devices other than just routers. Certainly ethernet switches fall into this catagory (perhaps JUNOS is implemented on some of these as well), but also other network devices including SONET/SDH or DWDM devices (ala GMPLS "LSR" architecture).
I also believe a generic NETCONF architecture could be useful for configuring and monitoring other devices as well such as firewalls and end-systems or even non-network devices such as instuments or sensors... And it could be used to reconfigure larger service functions such as a DHCP elements or routing domains, or policy domains if it were designed to do so as part of the architectural background.
So two questions: a) Does anyone know of any NETCONF type of package that portends to doing this type of of architectural domain autoconfiguration?, and b) Should this effort to develop an automated configuration process for IP devices consider how to define a *generic* device configuration protocol that could be used to cover a broader set of cyber-devices?
Thanks Jerry
Bartek Belter wrote:
Hi Guy, all,
The GN2 AMPS (Advance Multi-domain Provisioning System, a federated resource reservation system for Premium IP) also uses this API to configure Juniper routers. And indeed, as Joan Antoni pointed out, this API is used to configure a single network device, not the whole network.
If you have valid GN2 credentials you may take a look at the page: http://wiki.geant2.net/bin/view/SA3/AmpsConfigurationService This gives a brief overview to the part of AMPS responsible for the configuration of network elements. I can try to dig a bit more, if some of you are interested to get more detailed description.
Best regards, Bartek
_______________________________________________ nsi-wg mailing list nsi-wg@ogf.org http://www.ogf.org/mailman/listinfo/nsi-wg
-- Eduard Grasa Gras Network Technologies Cluster (CTX) Fundació i2Cat, Internet i Innovació Digital a Catalunya C/ Gran Capità 2 - 4, Nexus I building, 2nd floor, office 203 08034 Barcelona, Catalonia, Spain P: +34 93 401 7179 F: +34 93 553 2520
Hi Guy, all, In one of the sub-projects of GN2-AMPS we were trying to address that issue. We defined a very simple structure, Abstract Vendor Independent XML (AVI-XML), which is an abstraction to provide generic specification for the configuration service. Our AMPS Configuration Service was supposed to work with an implementation of AVI-XML designed for Premium IP only. The assumption behind this work was to make it as flexible as possible, to allow future extensions to support other specific configurations (e.g. Firewall AVI-XML, etc.). I am trying to find the latest version of this specification, but in general the idea was to identify the common attributes/parameters usually put in the request and define an abstract part, where the user can put all service-oriented data. An example (not sure about the naming, most probably original tags have slightly different names): <AVI-XML> <global-information> ... </global-information> <request-information> ... </request-information> <device> ... </device> <service> ... </service> </AVI-XML> The "service" tag is a placeholder for further extensions. AVI-XML forms an interface to our software. In further steps, the configuration service translates the Premium IP request into the XML file, which is applied finally to the Juniper routers. In summary, I must say this wasn't an attempt to standardize an interface or protocol for the communication with the network equipment. What we were trying to achieve was to design and develop a piece of software which potentially could be re-used in different projects/activities to configure "any kind" of equipment for "any kind" of services. Pragmatic approach, but maybe too idealistic, don't you think? :-) Best regards, Bartek -- Bartosz Belter Poznan Supercomputing and Networking Center Network Department tel. +48 61 858 2028 http://www.man.poznan.pl
-----Original Message----- From: Guy Roberts [mailto:Guy.Roberts@dante.net] Sent: Friday, June 26, 2009 2:00 PM To: Eduard Grasa; Jerry Sobieski Cc: bartosz.belter@man.poznan.pl; 'NSI WG' Subject: RE: [Nsi-wg] ietf NETCONF group
Hi Guys,
Thanks for all your info on NETCONF, this is helpful.
I guess Jerry's question is interesting - i.e. has anyone attempted to create a non-vendor specific configuration protocol?
Guy
-----Original Message----- From: Eduard Grasa [mailto:eduard.grasa@i2cat.net] Sent: 26 June 2009 12:28 To: Jerry Sobieski Cc: bartosz.belter@man.poznan.pl; 'NSI WG'; Guy Roberts Subject: Re: [Nsi-wg] ietf NETCONF group
Hi all,
The netconf specification is quite simple, and does not define what is the device being configured. You can look at the RFC or at this nice wikipedia entry (http://en.wikipedia.org/wiki/Netconf), but basically NETCONF defines an XML-RPC protocol with 7 messages: <get>, <get-config>, <edit-config>, <copy-config>, <delete-config>, <lock>, <unlock>, <close-session>, <kill-session>.
The contens of each message (the configuration data in the wikipedia picture) are not part of the standard, they are left to every implementor, who defines the XML data that goes inside each message (taht's why JunOS netconf looks juniper centric, Cisco one looks Cisco centric, and so on). Therefore you can configure whatever you want as long as you use the 7 messages above (which are pretty generic anyway).
Hope this helps,
Best regards,
Eduard
Hi all-
I'd like to make a couple comments about this...I am not by any means an expert, but I see some issues that I wonder if anyone has considered or knows about?...
From what I know of the JUNOS implementation, the NETCONF API seems completely Juniper centric. And therefore JUNOS centric. I.e. it really is focused on configuring IP routers and Juniper routers at
Jerry Sobieski escribió: that...
I think the issue of configuring devices using automated network
agents
will be more useful if it can cover devices other than just routers. Certainly ethernet switches fall into this catagory (perhaps JUNOS is implemented on some of these as well), but also other network devices including SONET/SDH or DWDM devices (ala GMPLS "LSR" architecture).
I also believe a generic NETCONF architecture could be useful for configuring and monitoring other devices as well such as firewalls and end-systems or even non-network devices such as instuments or sensors... And it could be used to reconfigure larger service functions such as a DHCP elements or routing domains, or policy domains if it were designed to do so as part of the architectural background.
So two questions: a) Does anyone know of any NETCONF type of package that portends to doing this type of of architectural domain autoconfiguration?, and b) Should this effort to develop an automated configuration process for IP devices consider how to define a *generic* device configuration protocol that could be used to cover a broader set of cyber-devices?
Thanks Jerry
Bartek Belter wrote:
Hi Guy, all,
The GN2 AMPS (Advance Multi-domain Provisioning System, a federated resource reservation system for Premium IP) also uses this API to configure Juniper routers. And indeed, as Joan Antoni pointed out, this API is used to configure a single network device, not the whole network.
If you have valid GN2 credentials you may take a look at the page: http://wiki.geant2.net/bin/view/SA3/AmpsConfigurationService This gives a brief overview to the part of AMPS responsible for the configuration of network elements. I can try to dig a bit more, if some of you are interested to get more detailed description.
Best regards, Bartek
_______________________________________________ nsi-wg mailing list nsi-wg@ogf.org http://www.ogf.org/mailman/listinfo/nsi-wg
--
Eduard Grasa Gras
Network Technologies Cluster (CTX) Fundació i2Cat, Internet i Innovació Digital a Catalunya C/ Gran Capità 2 - 4, Nexus I building, 2nd floor, office 203 08034 Barcelona, Catalonia, Spain
P: +34 93 401 7179 F: +34 93 553 2520
Hello Jerry, Jerry Sobieski wrote:
From what I know of the JUNOS implementation, the NETCONF API seems completely Juniper centric. And therefore JUNOS centric. I.e. it really is focused on configuring IP routers and Juniper routers at that...
What I understand is that NETCONF only defines the sequence of the messages, not the actual content of the message (say commands). So Cisco's and Juniper's NETCONF both use the same message method, but indeed one can not configure a Cisco using a Juniper string of commands (or the other way around). Standardizing also the string of commands (or the objects, but you need the results of this workgroup I assume) would be better. In MANTICORE-II project we use NETCONF for communicating with Cisco and Juniper (but one needs to adjust the content of the message/commands for each device, so we have two different manufacturer proxies still).
So two questions: a) Does anyone know of any NETCONF type of package that portends to doing this type of of architectural domain autoconfiguration?,
When we implemented a layer 2 UCLP system to configure Cisco equipment (ethernet switches and Ethernet over MPLS) we used the first NETCONF implementations of Cisco (a few years ago now). We are at present incorporating Juniper and Cisco [Nexus] NETCONF proxy in our logical IP service project (MANTICORE-II), to provide virtualised IP networks to users. It uses the IaaS (Infrastructure as a Service) framework, so it is (or should be) integrated with layer 0,1,3 and higher level WebServices (so fits in PaaS [Platform] and SaaS [Software]).
and b) Should this effort to develop an automated configuration process for IP devices consider how to define a *generic* device configuration protocol that could be used to cover a broader set of cyber-devices?
Fully agree. All the best, Victor -- Victor Reijs, Network Development Manager HEAnet Limited, Ireland's Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin 1 Registered in Ireland, no 275301 tel: +353-1-660 9040 fax: +353-1-660 3666 web: http://www.heanet.ie/
participants (5)
-
Bartek Belter -
Eduard Grasa -
Guy Roberts -
Jerry Sobieski -
Victor Reijs