http://socpuppet.blogspot.com/2018/11/junos-srx-api-interface-is-so-easy.html
I'm going to demo netconf over ssh. It requires you to enable the netconf services on the SRX.
config
set system services netconf ssh port 2023
commit
So in the above I enable netconf on tcp-port 2023 and it's ready for connections;
kfelix@HOME_SRX_SOCPUPPETS> show system connections | grep 2023
tcp4 0 0 *.2023 *.* LISTEN
Now we will test netconf and look for a netconf hello;
If you do not get a netconf hello this means your have some connection or filter issue, or the system services is not set for the interface-zone and netconf or the port# is incorrect.
Now, I will make a simple get-software-information aka ( show version )
the rpc call is structure like the below '
<rpc>
<get-software-information>
</get-software-information>
</rpc>
You can also string multiple rpc-calls against a single netconf session, in this below example we get the show version and arp-table.
Netconf is a powerful and super user friendly in Junos for remote management. Any command that displays in the xml rpc output can be called via netconf over ssh.
Junos has made it so simple that if you send a request that can't be understood, it will error out and tell you.
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment