OpenDaylightでCisco IOS-XRvをNETCONFしてみようね

Cisco XRv 5.3.1 を制御対象として、SDNコントローラとしてOpenDaylightを間に挟んでRESTCONFによる制御を行います。

前回のなんとやら!

では、 OpenDaylightのインストール も終わったことだし、SDNっぽい機能の動きを見てみます。
今回は、 Cisco XRv 5.3.1 を対象に、NETCONFを用いた設定変更を試してみます。
NETCONFを直接利用するのではなく、SDNコントローラとしてOpenDaylightを間に挟み、RESTCONFによる制御を行います。
データの構造上出力が非常に長くなるので、あらかじめ御承知くださいませ。
あと、しれっとRESTCONFを叩いていますが、YANGを自然に読めないと厳しいのでハードル高めだと思います。

でも気にせずゴー

環境説明

(SDNコントローラから設定する前に)構成するトポロジは下図の通り

所謂データプレーンとなるgi0/0/0/0, gi0/0/0/1とルータの経路テーブルは、NETCONF経由で設定します。
動きとしてはこんな感じ

最終的には下図のようになる予定

インタフェースのUp/Down、インタフェースのIP設定、静的経路設定まで動けば、何となく動きはつかめるはず。
主な参照ページは以下。

参照ページではXMLで表記されていますが、こちらでは基本的にJSONでやりますのでその点ご留意くださいませ。(XMLが出てこないとは言っていない)
いやー、図らずともXMLアレルギーの人にも配慮してしまったなー、いやー、まいったなー。少し出てくるけど無視してもらえば良いしなー。
それにしても情報少ないから手探り感半端ナス。

ノードセットアップ

NETCONFで制御したいのは山々ですが、最低限の管理用IPとNETCONFの設定をしておきます。
(これくらいなら、納品時の初期設定の範囲内で対応してくれることもあるでしょう)

XRv01

管理用IP

1
2
3
4
5
6
7

configure
 hostname XRv01
 interface MgmtEth0/0/CPU0/0
  ipv4 address 192.168.122.201/24
  no shut
commit
end

XRv02

管理用IP

1
2
3
4
5
6
7

configure
 hostname XRv02
 interface MgmtEth0/0/CPU0/0
  ipv4 address 192.168.122.202/24
  no shut
commit
end

XRv01,XRv02

NETCONFとSSH鍵の作成

1
2
3
4
5
6
7
8

configure
 ssh server v2
 ssh server netconf port 830
 netconf-yang agent ssh
commit
end
crypto key generate rsa
crypto key generate dsa

あとは、ぶら下がってるノードの初期設定。

Node1 

1
2
3
4

hostname Node1
ifconfig em0 up
ifconfig em0 192.168.1.11
route add default 192.168.1.1

Node2 

1
2
3
4

hostname Node2
ifconfig em0 up
ifconfig em0 192.168.2.11
route add default 192.168.2.1

適当な管理ノード

NETCONFが動きそうか確認してみます。
接続するのはOpenDaylightからですし、そこからで良いでしょう。
ちゃんと返事が返って来たらオッケーです。

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103

(odl)$ ssh cisco@192.168.122.201 -p 830 -s netconf



IMPORTANT:  READ CAREFULLY
Welcome to the Demo Version of Cisco IOS XRv (the "Software").
The Software is subject to and governed by the terms and conditions
of the End User License Agreement and the Supplemental End User
License Agreement accompanying the product, made available at the
time of your order, or posted on the Cisco website at
www.cisco.com/go/terms (collectively, the "Agreement").
As set forth more fully in the Agreement, use of the Software is
strictly limited to internal use in a non-production environment
solely for demonstration and evaluation purposes.  Downloading,
installing, or using the Software constitutes acceptance of the
Agreement, and you are binding yourself and the business entity
that you represent to the Agreement.  If you do not agree to all
of the terms of the Agreement, then Cisco is unwilling to license
the Software to you and (a) you may not download, install or use the
Software, and (b) you may return the Software as more fully set forth
in the Agreement.


Please login with any configured user/password, or cisco/cisco


cisco@192.168.122.201's password:
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
 <capabilities>
  <capability>urn:ietf:params:netconf:base:1.1</capability>
  <capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring</capability>
  <capability>urn:ietf:params:netconf:capability:candidate:1.0</capability>
  <capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</capability>
  <capability>urn:ietf:params:netconf:capability:validate:1.1</capability>
  <capability>urn:ietf:params:netconf:capability:confirmed-commit:1.1</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-cdp-cfg?module=Cisco-IOS-XR-cdp-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-cdp-oper?module=Cisco-IOS-XR-cdp-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-config-mibs-cfg?module=Cisco-IOS-XR-config-mibs-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-crypto-sam-cfg?module=Cisco-IOS-XR-crypto-sam-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-crypto-sam-oper?module=Cisco-IOS-XR-crypto-sam-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-crypto-ssh-cfg?module=Cisco-IOS-XR-crypto-ssh-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-crypto-ssh-oper?module=Cisco-IOS-XR-crypto-ssh-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-drivers-media-eth-cfg?module=Cisco-IOS-XR-drivers-media-eth-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-drivers-media-eth-oper?module=Cisco-IOS-XR-drivers-media-eth-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ha-eem-cfg?module=Cisco-IOS-XR-ha-eem-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ha-eem-oper?module=Cisco-IOS-XR-ha-eem-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ifmgr-cfg?module=Cisco-IOS-XR-ifmgr-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ifmgr-oper?module=Cisco-IOS-XR-ifmgr-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-infra-alarm-logger-cfg?module=Cisco-IOS-XR-infra-alarm-logger-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-infra-alarm-logger-datatypes?module=Cisco-IOS-XR-infra-alarm-logger-datatypes&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-infra-alarm-logger-oper?module=Cisco-IOS-XR-infra-alarm-logger-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-infra-ceredundancymib-cfg?module=Cisco-IOS-XR-infra-ceredundancymib-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-infra-infra-cfg?module=Cisco-IOS-XR-infra-infra-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-infra-rsi-cfg?module=Cisco-IOS-XR-infra-rsi-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-infra-rsi-oper?module=Cisco-IOS-XR-infra-rsi-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-infra-syslog-cfg?module=Cisco-IOS-XR-infra-syslog-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-infra-syslog-oper?module=Cisco-IOS-XR-infra-syslog-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ip-domain-cfg?module=Cisco-IOS-XR-ip-domain-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ip-domain-oper?module=Cisco-IOS-XR-ip-domain-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ip-iarm-datatypes?module=Cisco-IOS-XR-ip-iarm-datatypes&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ip-static-cfg?module=Cisco-IOS-XR-ip-static-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv4-io-cfg?module=Cisco-IOS-XR-ipv4-io-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv4-io-oper?module=Cisco-IOS-XR-ipv4-io-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv4-ma-cfg?module=Cisco-IOS-XR-ipv4-ma-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv4-ma-oper?module=Cisco-IOS-XR-ipv4-ma-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv6-ma-cfg?module=Cisco-IOS-XR-ipv6-ma-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-ipv6-ma-oper?module=Cisco-IOS-XR-ipv6-ma-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-lib-keychain-cfg?module=Cisco-IOS-XR-lib-keychain-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-lib-keychain-oper?module=Cisco-IOS-XR-lib-keychain-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-lib-mpp-cfg?module=Cisco-IOS-XR-lib-mpp-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-lib-mpp-oper?module=Cisco-IOS-XR-lib-mpp-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-man-netconf-cfg?module=Cisco-IOS-XR-man-netconf-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-man-xml-ttyagent-cfg?module=Cisco-IOS-XR-man-xml-ttyagent-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-man-xml-ttyagent-oper?module=Cisco-IOS-XR-man-xml-ttyagent-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-parser-cfg?module=Cisco-IOS-XR-parser-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-plat-chas-invmgr-oper?module=Cisco-IOS-XR-plat-chas-invmgr-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-qos-ma-oper?module=Cisco-IOS-XR-qos-ma-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-rgmgr-cfg?module=Cisco-IOS-XR-rgmgr-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-rgmgr-oper?module=Cisco-IOS-XR-rgmgr-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-shellutil-cfg?module=Cisco-IOS-XR-shellutil-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-shellutil-oper?module=Cisco-IOS-XR-shellutil-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-snmp-agent-cfg?module=Cisco-IOS-XR-snmp-agent-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-snmp-agent-oper?module=Cisco-IOS-XR-snmp-agent-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-snmp-entitymib-cfg?module=Cisco-IOS-XR-snmp-entitymib-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-snmp-entstatemib-cfg?module=Cisco-IOS-XR-snmp-entstatemib-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-snmp-frucontrolmib-cfg?module=Cisco-IOS-XR-snmp-frucontrolmib-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-snmp-ifmib-cfg?module=Cisco-IOS-XR-snmp-ifmib-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-snmp-ifmib-oper?module=Cisco-IOS-XR-snmp-ifmib-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-management-cfg?module=Cisco-IOS-XR-tty-management-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-management-datatypes?module=Cisco-IOS-XR-tty-management-datatypes&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-management-oper?module=Cisco-IOS-XR-tty-management-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-server-cfg?module=Cisco-IOS-XR-tty-server-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-server-oper?module=Cisco-IOS-XR-tty-server-oper&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/Cisco-IOS-XR-tty-vty-cfg?module=Cisco-IOS-XR-tty-vty-cfg&amp;revision=2015-01-07</capability>
  <capability>http://cisco.com/ns/yang/cisco-xr-types?module=Cisco-IOS-XR-types&amp;revision=2015-01-19</capability>
  <capability>urn:ietf:params:xml:ns:yang:ietf-inet-types?module=ietf-inet-types&amp;revision=2013-07-15</capability>
  <capability>urn:ietf:params:xml:ns:yang:ietf-yang-types?module=ietf-yang-types&amp;revision=2013-07-15</capability>
 </capabilities>
 <session-id>1737463494</session-id>
</hello>
]]>]]>
]]>]]>
(odl)$

OpenDaylightのセットアップ

OpenDaylightの起動から必須モジュールの追加まで 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

(odl)$ cd opendaylight
(odl)$ cd distribution-karaf-0.3.2-Lithium-SR2
(odl)$ ./bin/start
(odl)$ ssh karaf@localhost -p 8101
Password authentication
Password: karaf

    ________                       ________                .__  .__       .__     __
    \_____  \ ______   ____   ____ \______ \ _____  ___.__.|  | |__| ____ |  |___/  |_
     /   |   \\____ \_/ __ \ /    \ |    |  \\__  \<   |  ||  | |  |/ ___\|  |  \   __\
    /    |    \  |_> >  ___/|   |  \|    `   \/ __ \\___  ||  |_|  / /_/  >   Y  \  |
    \_______  /   __/ \___  >___|  /_______  (____  / ____||____/__\___  /|___|  /__|
            \/|__|        \/     \/        \/     \/\/            /_____/      \/


Hit '<tab>' for a list of available commands
and '[cmd] --help' for help on a specific command.
Hit '<ctrl-d>' or type 'system:shutdown' or 'logout' to shutdown OpenDaylight.

opendaylight-user@root>feature:install odl-restconf-all odl-netconf-mdsal odl-netconf-connector-all
opendaylight-user@root>logout

(odl)$ grep 2830 data/log/karaf.log
2015-11-01 05:31:26,074 | INFO  | oupCloseable-7-1 | NetconfNorthboundSshModule       | 256 - org.opendaylight.controller.netconf-ssh - 0.3.2.Lithium-SR2 | Netconf SSH endpoint started successfully at /0.0.0.0:2830
(odl)$ grep 8181 data/log/karaf.log
2015-11-01 05:08:15,431 | INFO  | pool-7-thread-1  | AbstractConnector                | 71 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.15.v20140411 | Started SelectChannelConnector@0.0.0.0:8181
2015-11-01 05:08:15,437 | INFO  | pool-7-thread-1  | JettyServerImpl                  | 80 - org.ops4j.pax.web.pax-web-jetty - 3.1.4 | Pax Web available at [0.0.0.0]:[8181]
(odl)$ grep successfully data/log/karaf.log
2015-11-01 05:29:57,344 | INFO  | lt-dispatcher-15 | kka://opendaylight-cluster-data) | 202 - com.typesafe.akka.slf4j - 2.3.10 | Cluster Node [akka.tcp://opendaylight-cluster-data@127.0.0.1:2550] - Started up successfully
2015-11-01 05:29:58,308 | INFO  | ult-dispatcher-3 | kka://opendaylight-cluster-data) | 202 - com.typesafe.akka.slf4j - 2.3.10 | Cluster Node [akka.tcp://opendaylight-cluster-data@127.0.0.1:2550] - Metrics collection has started successfully
2015-11-01 05:30:14,877 | INFO  | ult-dispatcher-2 | Cluster(akka://odl-cluster-rpc)  | 202 - com.typesafe.akka.slf4j - 2.3.10 | Cluster Node [akka.tcp://odl-cluster-rpc@127.0.0.1:2551] - Started up successfully
2015-11-01 05:30:15,531 | INFO  | ult-dispatcher-6 | Cluster(akka://odl-cluster-rpc)  | 202 - com.typesafe.akka.slf4j - 2.3.10 | Cluster Node [akka.tcp://odl-cluster-rpc@127.0.0.1:2551] - Metrics collection has started successfully
2015-11-01 05:31:26,074 | INFO  | oupCloseable-7-1 | NetconfNorthboundSshModule       | 256 - org.opendaylight.controller.netconf-ssh - 0.3.2.Lithium-SR2 | Netconf SSH endpoint started successfully at /0.0.0.0:2830
2015-11-01 05:33:04,260 | INFO  | sing-executor-11 | NetconfDevice                    | 251 - org.opendaylight.controller.sal-netconf-connector - 1.2.2.Lithium-SR2 | RemoteDevice{controller-config}: Netconf connector initialized successfully

RESTCONFの動作確認

OpenDaylightのNETCONFモジュールは、初期設定では自分自身と接続するため、接続ノード情報を取得しに行くと、何となくどのようなデータを持つかが確認できます。
ただし長い。

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100

(odl)$ curl -u admin:admin -H "Content-Type: application/json" -X GET http://localhost:8181/restconf/operational/network-topology:network-topology/topology/topology-netconf/ -s | python -m json.tool
{
    "topology": [
        {
            "node": [
                {
                    "netconf-node-topology:available-capabilities": {
                        "available-capability": [
                            "(urn:opendaylight:params:xml:ns:yang:controller:netconf:northbound:tcp?revision=2015-04-23)netconf-northbound-tcp",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:connector:netconf?revision=2013-10-28)odl-sal-netconf-connector-cfg",
                            "(urn:opendaylight:params:xml:ns:yang:controller:config?revision=2013-04-05)config",
                            "(urn:opendaylight:params:xml:ns:yang:controller:config:netconf:client:dispatcher?revision=2014-04-08)odl-netconfig-client-cfg",
                            "(urn:ietf:params:xml:ns:yang:ospf-topology?revision=2013-07-12)ospf-topology",
                            "(urn:opendaylight:params:xml:ns:yang:controller:netconf:mdsal:mapper?revision=2015-01-14)netconf-mdsal-mapper",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:rest:connector?revision=2014-07-24)opendaylight-rest-connector",
                            "urn:ietf:params:netconf:base:1.1",
                            "urn:ietf:params:netconf:base:1.0",
                            "(urn:ietf:params:xml:ns:netconf:base:1.0?revision=2011-06-01)ietf-netconf",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:core:spi:entity-ownership-service?revision=2015-08-10)opendaylight-entity-ownership-service",
                            "(urn:opendaylight:params:xml:ns:yang:controller:threadpool?revision=2013-04-09)threadpool",
                            "(urn:ietf:params:xml:ns:yang:ietf-restconf?revision=2013-10-19)ietf-restconf",
                            "(urn:TBD:params:xml:ns:yang:network:ted?revision=2013-10-21)ted",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:binding:impl?revision=2013-10-28)opendaylight-sal-binding-broker-impl",
                            "(urn:TBD:params:xml:ns:yang:network:isis-topology?revision=2013-07-12)isis-topology",
                            "(urn:ietf:params:xml:ns:yang:ietf-yang-types?revision=2013-07-15)ietf-yang-types",
                            "(urn:opendaylight:params:xml:ns:yang:controller:threadpool:impl?revision=2013-04-05)threadpool-impl",
                            "(urn:opendaylight:params:xml:ns:yang:controller:netty:eventexecutor?revision=2013-11-12)netty-event-executor",
                            "(urn:TBD:params:xml:ns:yang:ospf-topology?revision=2013-10-21)ospf-topology",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:core:general-entity?revision=2015-08-20)general-entity",
                            "(urn:opendaylight:params:xml:ns:yang:controller:threadpool:impl:flexible?revision=2013-12-01)threadpool-impl-flexible",
                            "(urn:opendaylight:params:xml:ns:yang:controller:netty?revision=2013-11-19)netty",
                            "(urn:TBD:params:xml:ns:yang:network:isis-topology?revision=2013-10-21)isis-topology",
                            "(urn:TBD:params:xml:ns:yang:network:ted?revision=2013-07-12)ted",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:clustering:entity-owners?revision=2015-08-04)entity-owners",
                            "urn:ietf:params:netconf:capability:exi:1.0",
                            "(urn:opendaylight:params:xml:ns:yang:controller:config:netconf:northbound:impl?revision=2015-01-12)netconf-northbound-impl",
                            "(urn:opendaylight:params:xml:ns:yang:controller:netconf:north:mapper?revision=2015-01-14)netconf-northbound-mapper",
                            "(urn:TBD:params:xml:ns:yang:nt:l3-unicast-igp-topology?revision=2013-10-21)l3-unicast-igp-topology",
                            "(urn:opendaylight:params:xml:ns:yang:controller:netconf:northbound:ssh?revision=2015-01-14)netconf-northbound-ssh",
                            "(urn:opendaylight:params:xml:ns:yang:controller:config:netconf:northbound?revision=2015-01-14)netconf-northbound",
                            "(urn:sal:restconf:event:subscription?revision=2014-07-08)sal-remote-augment",
                            "(urn:opendaylight:params:xml:ns:yang:controller:config:distributed-datastore-provider?revision=2014-06-12)distributed-datastore-provider",
                            "(urn:opendaylight:params:xml:ns:yang:controller:threadpool:impl:scheduled?revision=2013-12-01)threadpool-impl-scheduled",
                            "(urn:opendaylight:params:xml:ns:yang:controller:config:netconf?revision=2014-04-08)odl-netconf-cfg",
                            "(urn:opendaylight:params:xml:ns:yang:controller:config:concurrent-data-broker?revision=2014-11-24)odl-concurrent-data-broker-cfg",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:dom:impl?revision=2013-10-28)opendaylight-sal-dom-broker-impl",
                            "(urn:TBD:params:xml:ns:yang:network-topology?revision=2013-07-12)network-topology",
                            "(urn:ietf:params:xml:ns:yang:ietf-netconf-notifications?revision=2012-02-06)ietf-netconf-notifications",
                            "(urn:opendaylight:params:xml:ns:yang:controller:protocol:framework?revision=2014-03-13)protocol-framework",
                            "(urn:opendaylight:params:xml:ns:yang:controller:netty:timer?revision=2013-11-19)netty-timer",
                            "(urn:opendaylight:params:xml:ns:yang:controller:netconf:mdsal:monitoring?revision=2015-02-18)netconf-mdsal-monitoring",
                            "(urn:opendaylight:params:xml:ns:yang:controller:shutdown:impl?revision=2013-12-18)shutdown-impl",
                            "(urn:opendaylight:params:xml:ns:yang:controller:threadpool:impl:fixed?revision=2013-12-01)threadpool-impl-fixed",
                            "(urn:ietf:params:xml:ns:netmod:notification?revision=2008-07-14)nc-notifications",
                            "(urn:opendaylight:inventory?revision=2013-08-19)opendaylight-inventory",
                            "(urn:opendaylight:params:xml:ns:yang:controller:netty:threadgroup?revision=2013-11-07)threadgroup",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:core:spi:operational-dom-store?revision=2014-06-17)opendaylight-operational-dom-datastore",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:binding?revision=2013-10-28)opendaylight-md-sal-binding",
                            "(urn:TBD:params:xml:ns:yang:network-topology?revision=2013-10-21)network-topology",
                            "(urn:opendaylight:yang:extension:yang-ext?revision=2013-07-09)yang-ext",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:common?revision=2013-10-28)opendaylight-md-sal-common",
                            "(urn:ietf:params:xml:ns:yang:iana-afn-safi?revision=2013-07-04)iana-afn-safi",
                            "(urn:opendaylight:params:xml:ns:yang:controller:config:remote-rpc-connector?revision=2014-07-07)remote-rpc-connector",
                            "(urn:ietf:params:xml:ns:yang:ietf-yang-types?revision=2010-09-24)ietf-yang-types",
                            "(urn:ietf:params:xml:ns:yang:ietf-interfaces?revision=2014-05-08)ietf-interfaces",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:dom:pingpong?revision=2014-11-07)opendaylight-pingpong-broker",
                            "(urn:opendaylight:params:xml:ns:yang:controller:shutdown?revision=2013-12-18)shutdown",
                            "(urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring-extension?revision=2013-12-10)ietf-netconf-monitoring-extension",
                            "(urn:ietf:params:xml:ns:yang:ietf-inet-types?revision=2010-09-24)ietf-inet-types",
                            "(urn:ietf:params:xml:ns:yang:rpc-context?revision=2013-06-17)rpc-context",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:core:spi:config-dom-store?revision=2014-06-17)opendaylight-config-dom-datastore",
                            "(urn:opendaylight:netconf-node-inventory?revision=2014-01-08)netconf-node-inventory",
                            "(urn:aaa:yang:authn:claims?revision=2014-10-29)aaa-authn-model",
                            "(urn:TBD:params:xml:ns:yang:nt:l3-unicast-igp-topology?revision=2013-07-12)l3-unicast-igp-topology",
                            "(config:aaa:authn:mdsal:store?revision=2014-10-31)aaa-authn-mdsal-store-cfg",
                            "(urn:opendaylight:netconf-node-topology?revision=2015-01-14)netconf-node-topology",
                            "(urn:ietf:params:xml:ns:yang:iana-if-type?revision=2014-05-08)iana-if-type",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:remote?revision=2014-01-14)sal-remote",
                            "(urn:ietf:params:xml:ns:netconf:notification:1.0?revision=2008-07-14)notifications",
                            "(urn:opendaylight:params:xml:ns:yang:controller:config:distributed-entity-ownership-service?revision=2015-08-10)distributed-entity-ownership-service",
                            "(urn:opendaylight:l2:types?revision=2013-08-27)opendaylight-l2-types",
                            "(urn:opendaylight:params:xml:ns:yang:controller:sal:restconf:service?revision=2015-07-08)sal-restconf-service",
                            "(urn:opendaylight:params:xml:ns:yang:controller:md:sal:dom?revision=2013-10-28)opendaylight-md-sal-dom",
                            "urn:ietf:params:netconf:capability:candidate:1.0",
                            "(urn:opendaylight:params:xml:ns:yang:controller:inmemory-datastore-provider?revision=2014-06-17)opendaylight-inmemory-datastore-provider",
                            "(urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring?revision=2010-10-04)ietf-netconf-monitoring",
                            "urn:ietf:params:netconf:capability:notification:1.0"
                        ]
                    },
                    "netconf-node-topology:connection-status": "connected",
                    "netconf-node-topology:host": "127.0.0.1",
                    "netconf-node-topology:port": 1830,
                    "netconf-node-topology:unavailable-capabilities": {},
                    "node-id": "controller-config"
                }
            ],
            "topology-id": "topology-netconf"
        }
    ]
}

RESTCONFで設定

以下の手順で進める

  1. SDNコントローラとルータ間でNETCONFのコネクションを張る
  2. ルータにIPを振ってLink upさせる
  3. ルータに静的経路を設定する
  4. Node1,2間でping
Note
リモートからRESTCONFを叩く場合は、当然Firewallも設定しましょう。
横着するなら $ sudo firewall-cmd --set-default-zone=trusted とかで。

SDNコントローラとルータ間でNETCONFのコネクションを張る

と言うわけでコネクションを張ります。

これは参照ページの OpenDaylight_Controller:Config:Examples:Netconf を参考に書こう。

と、思っていましたが、localhostと接続している設定を引っこ抜いてきて、真似る方が早いと思います。
ここからは、ODLのlocalhostに向けてではなく、操作端末からリモートでRESTCONFを実行していきます。

まずlocalhostと接続しているconfigを取得します

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

$ curl -u admin:admin -H "Content-Type: application/json" -X GET http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/controller-config/yang-ext:mount/config:modules/module/odl-sal-netconf-connector-cfg:sal-netconf-connector/controller-config -s | python -m json.tool
{
    "module": [
        {
            "name": "controller-config",
            "odl-sal-netconf-connector-cfg:address": "127.0.0.1",
            "odl-sal-netconf-connector-cfg:between-attempts-timeout-millis": 2000,
            "odl-sal-netconf-connector-cfg:binding-registry": {
                "name": "binding-osgi-broker",
                "type": "opendaylight-md-sal-binding:binding-broker-osgi-registry"
            },
            "odl-sal-netconf-connector-cfg:client-dispatcher": {
                "name": "global-netconf-dispatcher",
                "type": "odl-netconf-cfg:netconf-client-dispatcher"
            },
            "odl-sal-netconf-connector-cfg:connection-timeout-millis": 20000,
            "odl-sal-netconf-connector-cfg:default-request-timeout-millis": 60000,
            "odl-sal-netconf-connector-cfg:dom-registry": {
                "name": "dom-broker",
                "type": "opendaylight-md-sal-dom:dom-broker-osgi-registry"
            },
            "odl-sal-netconf-connector-cfg:event-executor": {
                "name": "global-event-executor",
                "type": "netty:netty-event-executor"
            },
            "odl-sal-netconf-connector-cfg:keepalive-delay": 120,
            "odl-sal-netconf-connector-cfg:keepalive-executor": {
                "name": "global-netconf-ssh-scheduled-executor",
                "type": "threadpool:scheduled-threadpool"
            },
            "odl-sal-netconf-connector-cfg:max-connection-attempts": 0,
            "odl-sal-netconf-connector-cfg:password": "admin",
            "odl-sal-netconf-connector-cfg:port": 1830,
            "odl-sal-netconf-connector-cfg:processing-executor": {
                "name": "global-netconf-processing-executor",
                "type": "threadpool:threadpool"
            },
            "odl-sal-netconf-connector-cfg:reconnect-on-changed-schema": true,
            "odl-sal-netconf-connector-cfg:sleep-factor": 1.5,
            "odl-sal-netconf-connector-cfg:tcp-only": false,
            "odl-sal-netconf-connector-cfg:username": "admin",
            "type": "odl-sal-netconf-connector-cfg:sal-netconf-connector"
        }
    ]
}
Warning
なんか 「configを取得します」 とか簡単に言ってますけど、こういった接続先に対する適切なURLを書くには、cache/schema/odl-sal-netconf-connector-cfg@2013-10-28.yang とかをじっくり読み解いたりしないとダメだったりして、手作業でやるもんじゃないな、って本気で思います、まる。

これと参照ページを見比べつつ、こんな感じで作って実行します。
大事なのは、以下の6つだけなんですけどね。

  • URLをxrv01に向けること
  • “name”: “xrv01”,
  • “odl-sal-netconf-connector-cfg:address”: “192.168.122.201”,
  • “odl-sal-netconf-connector-cfg:port”: 830,
  • “odl-sal-netconf-connector-cfg:username”: “cisco”,
  • “odl-sal-netconf-connector-cfg:password”: “cisco”,
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

$ curl -u admin:admin -H "Content-Type: application/json" -X PUT http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/controller-config/yang-ext:mount/config:modules/module/odl-sal-netconf-connector-cfg:sal-netconf-connector/xrv01 -d '
{
    "module": [
        {
            "type": "odl-sal-netconf-connector-cfg:sal-netconf-connector",
            "name": "xrv01",
            "odl-sal-netconf-connector-cfg:address": "192.168.122.201",
            "odl-sal-netconf-connector-cfg:port": 830,
            "odl-sal-netconf-connector-cfg:username": "cisco",
            "odl-sal-netconf-connector-cfg:password": "cisco",
            "odl-sal-netconf-connector-cfg:tcp-only": false,
            "odl-sal-netconf-connector-cfg:event-executor": {
                "name": "global-event-executor",
                "type": "netty:netty-event-executor"
            },
            "odl-sal-netconf-connector-cfg:binding-registry": {
                "name": "binding-osgi-broker",
                "type": "opendaylight-md-sal-binding:binding-broker-osgi-registry"
            },
            "odl-sal-netconf-connector-cfg:dom-registry": {
                "name": "dom-broker",
                "type": "opendaylight-md-sal-dom:dom-broker-osgi-registry"
            },
            "odl-sal-netconf-connector-cfg:client-dispatcher": {
                "name": "global-netconf-dispatcher",
                "type": "odl-netconf-cfg:netconf-client-dispatcher"
            },
            "odl-sal-netconf-connector-cfg:processing-executor": {
                "name": "global-netconf-processing-executor",
                "type": "threadpool:threadpool"
            },
            "odl-sal-netconf-connector-cfg:keepalive-executor": {
                "name": "global-netconf-ssh-scheduled-executor",
                "type": "threadpool:scheduled-threadpool"
            },
            "odl-sal-netconf-connector-cfg:reconnect-on-changed-schema": true
        }
    ]
}'
Warning
手動でやる場合は、カンマの位置とか凄くハマるので気を付けましょう。

応答の出力が例外で埋め尽くされなければ、多分大丈夫。上手く接続できたかルータ上で確認してみましょう。

1
2
3
4
5

RP/0/0/CPU0:XRv01#show netconf-yang clients
Sun Nov  1 04:06:31.493 UTC
Netconf clients
client session ID|     NC version|    client connect time|        last OP time|        last OP type|    <lock>|
       1217997891|            1.1|         0d  0h  1m 28s|            09:27:48|          get-schema|        No|

繋がっていそうですね。
では、RESTCONFから接続状態を確認していきます。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

$ curl -u admin:admin -H "Content-Type: application/json" -X GET http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv01/yang-ext:mount -s | python -m json.tool
{
    "Cisco-IOS-XR-crypto-sam-cfg:crypto": {
        "Cisco-IOS-XR-crypto-ssh-cfg:ssh": {
            "server": {
                "netconf": 830,
                "v2": [
                    null
                ]
            }
        }
    },
    "Cisco-IOS-XR-ifmgr-cfg:interface-configurations": {
        "interface-configuration": [
            {
                "active": "act",
                "interface-name": "GigabitEthernet0/0/0/4",
                "shutdown": [
                    null
                ]
            },
            {
                "active": "act",
                "interface-name": "GigabitEthernet0/0/0/3",
                "shutdown": [
                    null
                ]
            },
            {
                "active": "act",
                "interface-name": "GigabitEthernet0/0/0/6",
                "shutdown": [
                    null
                ]
            },
            {
                "active": "act",
                "interface-name": "GigabitEthernet0/0/0/5",
                "shutdown": [
                    null
                ]
            },
            {
                "Cisco-IOS-XR-ipv4-io-cfg:ipv4-network": {
                    "addresses": {
                        "primary": {
                            "address": "192.168.122.201",
                            "netmask": "255.255.255.0"
                        }
                    }
                },
                "active": "act",
                "interface-name": "MgmtEth0/0/CPU0/0"
            },
            {
                "active": "act",
                "interface-name": "GigabitEthernet0/0/0/0",
                "shutdown": [
                    null
                ]
            },
            {
                "active": "act",
                "interface-name": "GigabitEthernet0/0/0/2",
                "shutdown": [
                    null
                ]
            },
            {
                "active": "act",
                "interface-name": "GigabitEthernet0/0/0/1",
                "shutdown": [
                    null
                ]
            }
        ]
    },
    "Cisco-IOS-XR-man-netconf-cfg:netconf-yang": {
        "agent": {
            "ssh": {
                "enable": [
                    null
                ]
            }
        }
    },
    "Cisco-IOS-XR-shellutil-cfg:host-name": "XRv01"
}

お、良い感じで取得できているみたいですね。
では、XRv02も同じように接続しておきます。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

$ curl -u admin:admin -H "Content-Type: application/json" -X PUT http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/controller-config/yang-ext:mount/config:modules/module/odl-sal-netconf-connector-cfg:sal-netconf-connector/xrv02 -d '
{
    "module": [
        {
            "type": "odl-sal-netconf-connector-cfg:sal-netconf-connector",
            "name": "xrv02",
            "odl-sal-netconf-connector-cfg:address": "192.168.122.202",
            "odl-sal-netconf-connector-cfg:port": 830,
            "odl-sal-netconf-connector-cfg:username": "cisco",
            "odl-sal-netconf-connector-cfg:password": "cisco",
            "odl-sal-netconf-connector-cfg:tcp-only": false,
            "odl-sal-netconf-connector-cfg:event-executor": {
                "name": "global-event-executor",
                "type": "netty:netty-event-executor"
            },
            "odl-sal-netconf-connector-cfg:binding-registry": {
                "name": "binding-osgi-broker",
                "type": "opendaylight-md-sal-binding:binding-broker-osgi-registry"
            },
            "odl-sal-netconf-connector-cfg:dom-registry": {
                "name": "dom-broker",
                "type": "opendaylight-md-sal-dom:dom-broker-osgi-registry"
            },
            "odl-sal-netconf-connector-cfg:client-dispatcher": {
                "name": "global-netconf-dispatcher",
                "type": "odl-netconf-cfg:netconf-client-dispatcher"
            },
            "odl-sal-netconf-connector-cfg:processing-executor": {
                "name": "global-netconf-processing-executor",
                "type": "threadpool:threadpool"
            },
            "odl-sal-netconf-connector-cfg:keepalive-executor": {
                "name": "global-netconf-ssh-scheduled-executor",
                "type": "threadpool:scheduled-threadpool"
            },
            "odl-sal-netconf-connector-cfg:reconnect-on-changed-schema": true
        }
    ]
}'

では、今度はアドレスを振ってトポロジを作っていきましょう。

これは、要するにさっき取得したルータのコンフィグっぽいデータを、IPアドレス設定済みのデータで置き換えてPUTすれば良いんですよね。
まずは対象のインタフェースの部分だけ抜き出してみましょう。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

$ curl -u admin:admin -H "Content-Type: application/json" -X GET http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv01/yang-ext:mount/Cisco-IOS-XR-ifmgr-cfg:interface-configurations/interface-configuration/act/GigabitEthernet0%2F0%2F0%2F0 -s | python -m json.tool
{
    "interface-configuration": [
        {
            "active": "act",
            "interface-name": "GigabitEthernet0/0/0/0",
            "shutdown": [
                null
            ]
        }
    ]
}
Note
OpenDaylightのRESTCONF URLは、データストアの階層を '/' で区切っているので、URL上で GigabitEthernet0/0/0/0 と書きたい場合は GigabitEthernet0%2F0%2F0%2F0 のようにURLエンコードする必要があります。
詳しくは http://tools.ietf.org/html/draft-bierman-netconf-restconf-04#section-4.5.1 を参照してもらうのが良いのですが The "/" character MUST be URL-encoded (i.e., "%2F"). などと平然と書かれていました。
いい具合に人間が手動でやるとかクソゲーの様相となってまいりました。

あとはここにデータを放り込んでやればいいはずです。

API叩く前

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

RP/0/0/CPU0:XRv01#show ipv4 interface brief
Sun Nov  1 04:25:49.764 UTC

Interface                      IP-Address      Status                Protocol
MgmtEth0/0/CPU0/0              192.168.122.201 Up                    Up
GigabitEthernet0/0/0/0         unassigned      Shutdown              Down
GigabitEthernet0/0/0/1         unassigned      Shutdown              Down
GigabitEthernet0/0/0/2         unassigned      Shutdown              Down
GigabitEthernet0/0/0/3         unassigned      Shutdown              Down
GigabitEthernet0/0/0/4         unassigned      Shutdown              Down
GigabitEthernet0/0/0/5         unassigned      Shutdown              Down
GigabitEthernet0/0/0/6         unassigned      Shutdown              Down

API叩く

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17

$ curl -u admin:admin -H "Content-Type: application/json" -X PUT http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv01/yang-ext:mount/Cisco-IOS-XR-ifmgr-cfg:interface-configurations/interface-configuration/act/GigabitEthernet0%2F0%2F0%2F1 -d '
{
    "interface-configuration": [
        {
            "active": "act",
            "interface-name": "GigabitEthernet0/0/0/1",
            "Cisco-IOS-XR-ipv4-io-cfg:ipv4-network": {
                "addresses": {
                    "primary": {
                        "address": "192.168.1.1",
                        "netmask": "255.255.255.0"
                    }
                }
            }
        }
    ]
}'

API叩いた後

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

RP/0/0/CPU0:XRv01#show ipv4 interface brief
Sun Nov  1 04:26:21.911 UTC

Interface                      IP-Address      Status                Protocol
MgmtEth0/0/CPU0/0              192.168.122.201 Up                    Up
GigabitEthernet0/0/0/0         unassigned      Shutdown              Down
GigabitEthernet0/0/0/1         192.168.1.1     Up                    Up
GigabitEthernet0/0/0/2         unassigned      Shutdown              Down
GigabitEthernet0/0/0/3         unassigned      Shutdown              Down
GigabitEthernet0/0/0/4         unassigned      Shutdown              Down
GigabitEthernet0/0/0/5         unassigned      Shutdown              Down
GigabitEthernet0/0/0/6         unassigned      Shutdown              Down

どんどん叩く

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

$ curl -u admin:admin -H "Content-Type: application/json" -X PUT http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv01/yang-ext:mount/Cisco-IOS-XR-ifmgr-cfg:interface-configurations/interface-configuration/act/GigabitEthernet0%2F0%2F0%2F0 -d '
{
    "interface-configuration": [
        {
            "active": "act",
            "interface-name": "GigabitEthernet0/0/0/0",
            "Cisco-IOS-XR-ipv4-io-cfg:ipv4-network": {
                "addresses": {
                    "primary": {
                        "address": "10.0.0.1",
                        "netmask": "255.255.255.0"
                    }
                }
            }
        }
    ]
}'
$ curl -u admin:admin -H "Content-Type: application/json" -X PUT http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv02/yang-ext:mount/Cisco-IOS-XR-ifmgr-cfg:interface-configurations/interface-configuration/act/GigabitEthernet0%2F0%2F0%2F1 -d '
{
    "interface-configuration": [
        {
            "active": "act",
            "interface-name": "GigabitEthernet0/0/0/1",
            "Cisco-IOS-XR-ipv4-io-cfg:ipv4-network": {
                "addresses": {
                    "primary": {
                        "address": "192.168.2.1",
                        "netmask": "255.255.255.0"
                    }
                }
            }
        }
    ]
}'
$ curl -u admin:admin -H "Content-Type: application/json" -X PUT http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv02/yang-ext:mount/Cisco-IOS-XR-ifmgr-cfg:interface-configurations/interface-configuration/act/GigabitEthernet0%2F0%2F0%2F0 -d '
{
    "interface-configuration": [
        {
            "active": "act",
            "interface-name": "GigabitEthernet0/0/0/0",
            "Cisco-IOS-XR-ipv4-io-cfg:ipv4-network": {
                "addresses": {
                    "primary": {
                        "address": "10.0.0.2",
                        "netmask": "255.255.255.0"
                    }
                }
            }
        }
    ]
}'

XRv01

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

RP/0/0/CPU0:XRv01#show ipv4 interface brief
Sun Nov  1 04:33:34.372 UTC

Interface                      IP-Address      Status                Protocol
MgmtEth0/0/CPU0/0              192.168.122.201 Up                    Up
GigabitEthernet0/0/0/0         10.0.0.1        Up                    Up
GigabitEthernet0/0/0/1         192.168.1.1     Up                    Up
GigabitEthernet0/0/0/2         unassigned      Shutdown              Down
GigabitEthernet0/0/0/3         unassigned      Shutdown              Down
GigabitEthernet0/0/0/4         unassigned      Shutdown              Down
GigabitEthernet0/0/0/5         unassigned      Shutdown              Down
GigabitEthernet0/0/0/6         unassigned      Shutdown              Down
RP/0/0/CPU0:XRv01#ping 192.168.1.11
Sun Nov  1 04:33:41.041 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.11, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/7/19 ms
RP/0/0/CPU0:XRv01#ping 10.0.0.2
Sun Nov  1 04:33:48.101 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/6/19 ms

XRv02

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

RP/0/0/CPU0:XRv02#show ipv4 interface brief
Sun Nov  1 04:34:06.940 UTC

Interface                      IP-Address      Status                Protocol
MgmtEth0/0/CPU0/0              192.168.122.202 Up                    Up
GigabitEthernet0/0/0/0         10.0.0.2        Up                    Up
GigabitEthernet0/0/0/1         192.168.2.1     Up                    Up
GigabitEthernet0/0/0/2         unassigned      Shutdown              Down
GigabitEthernet0/0/0/3         unassigned      Shutdown              Down
GigabitEthernet0/0/0/4         unassigned      Shutdown              Down
GigabitEthernet0/0/0/5         unassigned      Shutdown              Down
GigabitEthernet0/0/0/6         unassigned      Shutdown              Down
RP/0/0/CPU0:XRv02#ping 192.168.2.11
Sun Nov  1 04:34:11.140 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.11, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/7/19 ms
RP/0/0/CPU0:XRv02#ping 10.0.0.1
Sun Nov  1 04:34:17.139 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/9 ms

と言うわけで、問題無さそうです。
後は、静的経路を設定してやれば、Node1,2間で通信できる期待が高まります。

ルータに静的経路を設定する

書き方が分かんないので、ルータに手動で静的経路を設定してみて、データ構造を見ます(ズル)
設定よいしょっと

1
2
3
4
5
6
7
8
9

RP/0/0/CPU0:XRv01#configure
Sun Nov  1 04:35:40.683 UTC
Current Configuration Session  Line       User     Date                     Lock
00000000-000be0be-00000004     NETCONF    cisco    Sun Nov  1 04:05:03 2015
RP/0/0/CPU0:XRv01(config)#router static address-family ipv4 unicast 172.16.0.1/32 10.0.0.2
RP/0/0/CPU0:XRv01(config)#commit
Sun Nov  1 04:36:18.221 UTC
RP/0/0/CPU0:XRv01(config)#end
RP/0/0/CPU0:XRv01#

APIで確認

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

$ curl -u admin:admin -H "Content-Type: application/json" -X GET http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv01/yang-ext:mount/Cisco-IOS-XR-ip-static-cfg:router-static -s | python -m json.tool
{
    "router-static": {
        "default-vrf": {
            "address-family": {
                "vrfipv4": {
                    "vrf-unicast": {
                        "vrf-prefixes": {
                            "vrf-prefix": [
                                {
                                    "prefix": "172.16.0.1",
                                    "prefix-length": 32,
                                    "vrf-route": {
                                        "vrf-next-hops": {
                                            "next-hop-address": [
                                                {
                                                    "next-hop-address": "10.0.0.2"
                                                }
                                            ]
                                        }
                                    }
                                }
                            ]
                        }
                    }
                }
            }
        }
    }
}

こんなん分かるか(半ギレ)

でも設定できるなら何でもいいか。ルータ2台に設定を入れましょう。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

$ curl -u admin:admin -H "Content-Type: application/json" -X PUT http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv01/yang-ext:mount/Cisco-IOS-XR-ip-static-cfg:router-static -d '
{
    "router-static": {
        "default-vrf": {
            "address-family": {
                "vrfipv4": {
                    "vrf-unicast": {
                        "vrf-prefixes": {
                            "vrf-prefix": [
                                {
                                    "prefix": "192.168.2.0",
                                    "prefix-length": 24,
                                    "vrf-route": {
                                        "vrf-next-hops": {
                                            "next-hop-address": [
                                                {
                                                    "next-hop-address": "10.0.0.2"
                                                }
                                            ]
                                        }
                                    }
                                }
                            ]
                        }
                    }
                }
            }
        }
    }
}'
$ curl -u admin:admin -H "Content-Type: application/json" -X PUT http://192.168.122.158:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv02/yang-ext:mount/Cisco-IOS-XR-ip-static-cfg:router-static -d '
{
    "router-static": {
        "default-vrf": {
            "address-family": {
                "vrfipv4": {
                    "vrf-unicast": {
                        "vrf-prefixes": {
                            "vrf-prefix": [
                                {
                                    "prefix": "192.168.1.0",
                                    "prefix-length": 24,
                                    "vrf-route": {
                                        "vrf-next-hops": {
                                            "next-hop-address": [
                                                {
                                                    "next-hop-address": "10.0.0.1"
                                                }
                                            ]
                                        }
                                    }
                                }
                            ]
                        }
                    }
                }
            }
        }
    }
}'
Warning
POSTは置き換えなので、URLで対象データストアを絞ったcommit replaceと捉えるのが良いでしょう。
要するに、さっきズルのために作った設定は消えます。

設定されたっぽい

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22

RP/0/0/CPU0:XRv01#show route
Sun Nov  1 04:40:54.192 UTC

Codes: C - connected, S - static, R - RIP, B - BGP, (>) - Diversion path
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
       U - per-user static route, o - ODR, L - local, G  - DAGR, l - LISP
       A - access/subscriber, a - Application route
       M - mobile route, r - RPL, (!) - FRR Backup path

Gateway of last resort is not set

C    10.0.0.0/24 is directly connected, 00:08:02, GigabitEthernet0/0/0/0
L    10.0.0.1/32 is directly connected, 00:08:02, GigabitEthernet0/0/0/0
C    192.168.1.0/24 is directly connected, 00:08:29, GigabitEthernet0/0/0/1
L    192.168.1.1/32 is directly connected, 00:08:29, GigabitEthernet0/0/0/1
S    192.168.2.0/24 [1/0] via 10.0.0.2, 00:00:03
C    192.168.122.0/24 is directly connected, 01:11:14, MgmtEth0/0/CPU0/0
L    192.168.122.201/32 is directly connected, 01:11:14, MgmtEth0/0/CPU0/0

こっちも

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22

RP/0/0/CPU0:XRv02#show route
Sun Nov  1 04:41:56.448 UTC

Codes: C - connected, S - static, R - RIP, B - BGP, (>) - Diversion path
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
       U - per-user static route, o - ODR, L - local, G  - DAGR, l - LISP
       A - access/subscriber, a - Application route
       M - mobile route, r - RPL, (!) - FRR Backup path

Gateway of last resort is not set

C    10.0.0.0/24 is directly connected, 00:08:42, GigabitEthernet0/0/0/0
L    10.0.0.2/32 is directly connected, 00:08:42, GigabitEthernet0/0/0/0
S    192.168.1.0/24 [1/0] via 10.0.0.1, 00:00:29
C    192.168.2.0/24 is directly connected, 00:08:42, GigabitEthernet0/0/0/1
L    192.168.2.1/32 is directly connected, 00:08:42, GigabitEthernet0/0/0/1
C    192.168.122.0/24 is directly connected, 01:11:38, MgmtEth0/0/CPU0/0
L    192.168.122.202/32 is directly connected, 01:11:38, MgmtEth0/0/CPU0/0

Node1,2間でping

んじゃハイ。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

[root@Node2]~# ifconfig em0
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
        ether 00:00:ab:22:2a:00
        inet6 fe80::200:abff:fe22:2a00%em0 prefixlen 64 scopeid 0x1
        inet 192.168.2.11 netmask 0xffffff00 broadcast 192.168.2.255
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
[root@Node2]~# netstat -rn -f inet
Routing tables

Internet:
Destination        Gateway            Flags      Netif Expire
default            192.168.2.1        UGS         em0
127.0.0.1          link#5             UH          lo0
192.168.2.0/24     link#1             U           em0
192.168.2.11       link#1             UHS         lo0
[root@Node2]~# ping -c 5 192.168.1.11
PING 192.168.1.11 (192.168.1.11): 56 data bytes
64 bytes from 192.168.1.11: icmp_seq=0 ttl=62 time=111.879 ms
64 bytes from 192.168.1.11: icmp_seq=1 ttl=62 time=9.380 ms
64 bytes from 192.168.1.11: icmp_seq=2 ttl=62 time=8.965 ms
64 bytes from 192.168.1.11: icmp_seq=3 ttl=62 time=7.268 ms
64 bytes from 192.168.1.11: icmp_seq=4 ttl=62 time=7.700 ms

--- 192.168.1.11 ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 7.268/29.038/111.879/41.428 ms
[root@Node2]~# traceroute -n -m 3 192.168.1.11
traceroute to 192.168.1.11 (192.168.1.11), 3 hops max, 40 byte packets
 1  192.168.2.1  4.249 ms  3.611 ms  2.559 ms
 2  10.0.0.1  7.070 ms  5.851 ms  5.798 ms
 3  * * *

ちゃんとルータを通って通信出来てますね。

今日はここまで

これでRESTCONFとNETCONFが動くOpenDaylight環境が、皆さんの手元でも作れることがお分かり頂けたのではないだろうか。
お姉ちゃんに褒められたい一心でここまで書いてはみたものの、よく考えたら僕にはお姉ちゃんがいないのだった。

悲しいがここまでのようだ。

© 2010 - 2025 ainoniwa.net 技術ブログ
Hugo で構築されています。
テーマ StackJimmy によって設計されています。