Table of Contents

1  Preface

1.1  Legal Statements

1.2  Additional Resources

1.2.1  WEB Sites

1.2.2  Mailing Lists

1.3  Conventions Used in this Document

2  netconfd-pro User Guide

2.1  Introduction

2.1.1  Features

2.1.2  Setting the Server Profile

2.1.3  Loading YANG Modules

2.1.4  Unloading YANG Modules

2.1.5  Starting netconfd-pro

2.1.6  Starting SIL-SA Subsystems with sil-sa-app

2.1.7  Stopping netconfd-pro

2.1.8  Signal Handling

2.1.9  Starting netconfd-pro with ypwatcher program

2.1.10  Signal Handling with ypwatcher program

2.1.11  Error Handling

2.1.12  Module Summary

2.1.13  Notification Summary

2.1.14  Operation Summary

2.1.15  Configuration Parameter List

2.1.16  Editing CLI Parameters at Run-Time

2.1.17  Using logrotate to Manage Log Files

2.1.18  Evaluation Version Restrictions

2.1.19  Maintenance Mode

2.1.20  Disabling YumaWorks YANG Modules

2.1.21  DB-Config-Lock Mode

2.1.22  Deferred Configuration Load Mode

2.2  Capabilities

2.2.1  :base:1.0

2.2.2  :base:1.1

2.2.3  :candidate

2.2.4  :config-id

2.2.5  :confirmed-commit

2.2.6  :interleave

2.2.7  :netconf-monitoring

2.2.8  :notification

2.2.9  :partial-lock

2.2.10  :rollback-on-error

2.2.11  :schema-retrieval

2.2.12  :startup

2.2.13  :validate

2.2.14  :url

2.2.15  :with-defaults

2.2.16  :writable-running

2.2.17  :xpath

2.2.18  :yang-library

2.3  Databases

2.3.1  Database Locking

2.3.2  Using the <candidate> Database

2.3.3  Using the <running> Database

2.3.4  Using the <startup> Database

2.4  Sessions

2.4.1  User Names

2.4.2  Session ID

2.4.3  Server <hello> Message

2.4.4  Client <hello> Message

2.4.5  RPC Request Processing

2.4.6  Session Termination

2.5  Error Reporting

2.5.1  <error-severity> Element

2.5.2  <error-tag> Element

2.5.3  <error-app-tag> Element

2.5.4  <error-path> Element

2.5.5  <error-message> Element

2.5.6  <error-info> Element

2.5.7  Dynamic Error Messages

2.5.8  Using Annotations to Define Dynamic Error Messages

2.5.9  Replacing a Standard Error Message

2.5.10  Multi-Language Error Messages

2.5.11  Instance-Required Error Example

2.5.12  Missing-Choice Error Example

2.5.13  No-Matches Error Example

2.5.14  not-in-range Error Example

2.6  Protocol Operations

2.6.1  <backup>

2.6.2  <cancel-commit>

2.6.3  <cancel-subscription>

2.6.4  <close-session>

2.6.5  <commit>

2.6.6  <copy-config>

2.6.7  <create-subscription>

2.6.8  <delete-backup>

2.6.9  <delete-config>

2.6.10  <delete-subscription>

2.6.11  <discard-changes>

2.6.12  <edit-config>

2.6.13  <establish-subscription>

2.6.14  <get>

2.6.15  <get-bulk>

2.6.16  <get-config>

2.6.17  <get-data>

2.6.18  <get-module-tags>

2.6.19  <get-my-session>

2.6.20  <get-schema>

2.6.21  <get-support-save>

2.6.22  <kill-session>

2.6.23  <kill-subscription>

2.6.24  <load>

2.6.25  <load-bundle>

2.6.26  <modify-subscription>

2.6.27  <lock>

2.6.28  <no-op>

2.6.29  <partial-lock>

2.6.30  <partial-unlock>

2.6.31  <restart>

2.6.32  <restore>

2.6.33  <resync-subscription>

2.6.34   <set-log-level>

2.6.35  <set-my-session>

2.6.36  <shutdown>

2.6.37  <unload>

2.6.38  <unload-bundle>

2.6.39  <unlock>

2.6.40  <validate>

2.7  Access Control

2.7.1  NACM Module Structure

2.7.2  Users and Groups

2.7.3  Creating New Groups

2.7.4  Access Control Modes

2.7.5  Permissions

2.7.6  Special YANG Extensions For Access Control

2.7.7  Default Enforcement Behavior

2.7.8  Access Control Algorithm

2.7.9  Passwords and crypt-hash

2.7.10  Using Module Tags with NACM

2.8  Using RESTCONF

2.8.1  Features

2.8.2  Resource Types

2.8.3  RESTCONF Headers

2.8.4   RESTCONF Query Parameters

2.9  Using gNMI

2.9.1  Features

2.9.2  Restrictions for gNMI Protocol

2.9.3  Running Ypgnmi-app

2.9.4  Running gNMI Client Applications

2.9.5  Closing Ypgnmi-app

2.9.6  gNMI GetRequest

2.9.7  gNMI SetRequest

2.9.8  gNMI JSON_ietf_val

2.9.9  gNMI Error Messages

2.10  Monitoring

2.10.1  Using Subtree Filters

2.10.2  Using XPath Filters

2.10.3  Using Time Filters

2.11  YANG-Library Monitoring

2.11.1  Using  YANG-Library

2.12  Notifications

2.12.1  Enabling Notifications

2.12.2  Using Custom Event Streams

2.12.3  Subscriptions

2.12.4  Notification Log

2.12.5  Using Event Filters

2.12.6  Using Notification Filters

2.12.7  <notification> Element

2.12.8  Choosing System Notifications

2.12.9  <replayComplete> Event

2.12.10  <notificationComplete> Event

2.12.11  <sysStartup> Event

2.12.12  <netconf-session-start> Event

2.12.13  <netconf-session-end> Event

2.12.14  <netconf-config-change> Event

2.12.15  <netconf-capability-change> Event

2.12.16  <netconf-confirmed-commit> Event

2.12.17  <yang-library-change> Event

2.13  High Availability (YP-HA)

2.13.1  YP-HA Configuration

2.14  Configuration Templates

2.14.1  yumaworks-templates.yang

2.14.2  Configuration Template Example: NACM group

2.15  NETCONF Over TLS

2.15.1  TLS Configuration

2.16  IETF Call Home

2.16.1  Call Home Configuration

2.17  YANG Push

2.17.1  RFCs and Features Supported

2.17.2  Configuring YANG Push

2.17.3  Configuring Named Filters

2.17.4  RPC Operations

2.17.5  Notifications

2.17.6  Periodic Subscriptions

2.17.7  Conventional On-Change Subscriptions

2.17.8  Simulated Operational On-Change Subscriptions

2.17.9  Operational On-Change Subscriptions

3  CLI Reference

3.1  --access-control

3.2  --allow-leaflist-delete-all

3.3  --allow-list-delete-all

3.4  --allowed-user

3.5  --alt-names

3.6  --annotation

3.7  --audit-log

3.8  --no-audit-log

3.9  --audit-log-append

3.10  --audit-log-candidate

3.11  --audit-log-console-level

3.12  --audit-log-events

3.13  --audit-log-level

3.14  --autodelete-pdu-error

3.15  --binary-display-maxlen

3.16  --bundle

3.17  --callhome-reconnect

3.18  --callhome-retry-interval

3.19  --callhome-retry-max

3.20  --callhome-server

3.21  --callhome-sshd-command

3.22  --callhome-sshd-config

3.23  --callhome-subsys-command

3.24  --callhome-tls-server

3.25  --cert-default-user

3.26  --cert-usermap

3.27  --confdir

3.28  --config

3.29  --convert-subtree-filter

3.30  --create-empty-npcontainers

3.31  --datapath

3.32  --db-lock-retry-interval

3.33  --db-lock-timeout

3.34  --default-style

3.35  --delete-empty-npcontainers

3.36  --deviation

3.37  --errmsg

3.38  --errmsg-lang

3.39  --eventlog-size

3.40  --event-stream

3.41  --event-stream-map

3.42  --factory-startup

3.43  --feature-disable

3.44  --feature-enable

3.45  --feature-enable-default

3.46  --fileloc-fhs

3.47  --ha-enabled

3.48  --ha-initial-active

3.49  --ha-server

3.50  --ha-server-key

3.51  --ha-sil-standby

3.52  --hello-timeout

3.53  --help

3.54  --help-mode

3.55  --hide-module

3.56  --home

3.57  --idle-timeout

3.58  --import-version-bestmatch

3.59  --indent

3.60  --insecure-ok

3.61  --library-mode

3.62  --loadpath

3.63  --log

3.64  --log-append

3.65  --log-backtrace

3.66  --log-backtrace-detail

3.67  --log-backtrace-level

3.68  --log-backtrace-stream

3.69  --log-console

3.70  --log-event-drops

3.71  --log-header

3.72  --log-level

3.73  --log-mirroring

3.74  --log-pthread-level

3.75  --log-stderr

3.76  --log-syslog

3.77  --log-syslog-level

3.78  --log-vendor

3.79  --log-vendor-level

3.80  --match-names

3.81  --max-burst

3.82  --max-cli-sessions

3.83  --max-getbulk

3.84  --max-sessions

3.85  --max-strlen

3.86  --message-indent

3.87  --modpath

3.88  --module

3.89  --module-tagmap

3.90  --netconf-capability

3.91  --netconf-tls-address

3.92  --netconf-tls-certificate

3.93  --netconf-tls-key

3.94  --netconf-tls-port

3.95  --netconf-tls-trust-store

3.96  --no-config

3.97  --no-log

3.98  --no-nvstore

3.99  --no-startup

3.100  --no-watcher

3.101  --port

3.102  --protocols

3.103  --push-max-operational

3.104  --push-max-periodic

3.105  --push-min-dampening

3.106  --push-min-period

3.107  --push-simop-enabled

3.108  --push-simop-patch-update

3.109  --push-simop-period

3.110  --restconf-capability

3.111  --restconf-default-encoding

3.112  --restconf-server-url

3.113  --restconf-strict-headers

3.114  --running-error

3.115  --runpath

3.116  --save-owners

3.117  --session-sync-mutex

3.118  --sil-delete-children-first

3.119  --sil-invoke-for-defaults

3.120  --sil-missing-error

3.121  --sil-prio-reverse-for-deletes

3.122  --sil-root-check-first

3.123  --sil-skip-load

3.124  --sil-test-get-when

3.125  --sil-validate-candidate

3.126  --simple-json-names

3.127  --socket-address

3.128  --socket-port

3.129  --socket-type

3.130  --startup

3.131  start choice

3.132  --startup-error

3.133  --startup-factory-file

3.134  --startup-prune-ok

3.135  --startup-skip-validation

3.136  --subdirs

3.137  --subsys-timeout

3.138  --superuser

3.139  --system-notifications

3.140  --system-sorted

3.141  --target

3.142  --tls-crl-missing-ok

3.143  --tls-crl-mode

3.144  --trim-whitespace

3.145  --usexmlorder

3.146  --version

3.147  --warn-error

3.148  --warn-idlen

3.149  --warn-linelen

3.150  --warn-off

3.151  --warn-up

3.152  --watcher-interval

3.153  --wildcard-keys

3.154  --with-callhome

3.155  --with-canonical

3.156  --with-config-id

3.157  --with-db-lock

3.158  --with-gnmi

3.159  --with-maintenance-mode

3.160  --with-modtags

3.161  --with-netconf

3.162  --with-netconf-tls

3.163  --with-nmda

3.164  --with-notifications

3.165  --with-restconf

3.166  --with-rollback-on-error

3.167  --with-ocpattern

3.168  --with-startup

3.169  --with-support-save

3.170  --with-term-msg

3.171  --with-url

3.172  --with-url-ftp

3.173  --with-url-tftp

3.174  --with-validate

3.175  --with-warnings

3.176  --with-yang-api

3.177  --with-yang11-hello

3.178  --with-yang-patch-running

3.179  --with-yp-coap

3.180  --with-yp-coap-dtls

3.181  --with-yp-shell

3.182  --with-yuma-system

3.183  --with-yuma-time-filter

3.184  --with-yumaworks-config-change

3.185  --with-yumaworks-event-filter

3.186  --with-yumaworks-getbulk

3.187  --with-yumaworks-ids

3.188  --with-yumaworks-system

3.189  --with-yumaworks-templates

3.190  --yangapi-server-url

3.191  --yumapro-home

3.192  --yp-coap-address

3.193  --yp-coap-dtls-port