测试环境:Cisco CSR1000V虚拟化环境

Step 1:开启Cisco设备netconf-Yang,如下图:

CSR1000V(config)#netconf-yang

CSR1000V(config)#netconf-yang ssh port 830

Step 2:配置AAA

CSR1000V(config)#aaa new-model

CSR1000V(config)#aaa authorization exec default local

Step 3:查看netconf-Yang配置

CSR1000V#show platform software yang-management process
confd : Running
nesd : Running
syncfd : Running
ncsshd : Running
dmiauthd : Running
vtyserverutild : Running
opdatamgrd : Running
ngnix : Running

Step 4:使用SSH登录Cisco设备

[root@docker ~]# ssh -s admin@192.168.188.150 -p 830 netconf

admin@192.168.188.150's password:

<?xml version="1.0" encoding="UTF-8"?>
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
<capability>urn:ietf:params:netconf:base:1.1</capability>
<capability>urn:ietf:params:netconf:capability:writable-running:1.0</capability>
<capability>urn:ietf:params:netconf:capability:xpath:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.1</capability>
<capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</capability>
<capability>urn:ietf:params:netconf:capability:notification:1.0</capability>
<capability>urn:ietf:params:netconf:capability:interleave:1.0</capability>
<capability>http://tail-f.com/ns/netconf/actions/1.0</capability>
<capability>http://tail-f.com/ns/netconf/extensions</capability>
<capability>urn:ietf:params:netconf:capability:with-defaults:1.0?basic-mode=explicit&amp;also-supported=report-all-tagged</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-netconf-with-defaults?revision=2011-06-01&amp;module=ietf-netconf-with-defaults</capability>
<capability>http://cisco.com/ns/yang/ned/ios?module=ned&amp;revision=2016-10-24&amp;features=zone,vservice,vpdn,voice,service-insertion,seg-routing,ptp,pfr,otv,mpls-te,mls,l3vpn,l2vpn,intf-service,eth-evc,esmc,controller,card,bridge-domain,bba-group</capability>
<capability>http://cisco.com/ns/yang/ned/ios/asr1k?module=ned-asr1k&amp;revision=2016-04-07</capability>
<capability>http://cisco.com/yang/cisco-ia?module=cisco-ia&amp;revision=2016-06-30</capability>
<capability>http://cisco.com/yang/cisco-odm?module=cisco-odm&amp;revision=2016-08-05</capability>
<capability>http://cisco.com/yang/cisco-self-mgmt?module=cisco-self-mgmt&amp;revision=2016-05-14</capability>
<capability>http://tail-f.com/ns/aaa/1.1?module=tailf-aaa&amp;revision=2015-06-16</capability>
<capability>http://tail-f.com/ns/mibs/IPV6-TC/199812010000Z?module=IPV6-TC&amp;revision=1998-12-01</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-COMMUNITY-MIB/200308060000Z?module=SNMP-COMMUNITY-MIB&amp;revision=2003-08-06</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-FRAMEWORK-MIB/200210140000Z?module=SNMP-FRAMEWORK-MIB&amp;revision=2002-10-14</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-MPD-MIB/200210140000Z?module=SNMP-MPD-MIB&amp;revision=2002-10-14</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-NOTIFICATION-MIB/200210140000Z?module=SNMP-NOTIFICATION-MIB&amp;revision=2002-10-14</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-TARGET-MIB/200210140000Z?module=SNMP-TARGET-MIB&amp;revision=2002-10-14</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-USER-BASED-SM-MIB/200210160000Z?module=SNMP-USER-BASED-SM-MIB&amp;revision=2002-10-16</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-VIEW-BASED-ACM-MIB/200210160000Z?module=SNMP-VIEW-BASED-ACM-MIB&amp;revision=2002-10-16</capability>

附配置文件:

version 16.4
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
platform console auto
!
hostname CSR1000V
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$EyMO$IFGbXXBCiWsUq/N9Nrzyg1
!
aaa new-model
!
!
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
!
!
!
!
!
!
!
!
!

ip domain name cisco.com
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
crypto pki trustpoint TP-self-signed-2486061073
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2486061073
revocation-check none
rsakeypair TP-self-signed-2486061073
!
!
crypto pki certificate chain TP-self-signed-2486061073
certificate self-signed 01
30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32343836 30363130 3733301E 170D3139 30363137 30313433
35375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 34383630
36313037 33308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201
0A028201 0100A11C B1E382EB 9D9CF6CD 857D1F86 1BA3C2A7 A421769C BE1B8861
2C8A61EB 6062547D 2C5B16C7 937714BC EE9496F3 59729571 2792B5D5 5440E09B
C42EC60A D744E30D AD4F16B0 7E756F2B 5CDEB554 9D9D5E82 C854219F D97FBADC
07AD7BD4 E915EDA6 0BB756CE 974043B1 44E24777 C0991BFD 9F7FB2CF 6B5EE0BF
EFA0FD35 6A7969DE DB441727 0614E0A0 0A82181F F70109D3 2BCDC2E6 7BB657ED
EEB9E5E9 C5D727B7 4A0F0245 0C6D7F32 A3B340E5 79C69962 55CEFDFA 9702BDF1
CF51419D 2E3FF490 4235A8F1 ABB8B0ED BEE35789 0CAADE77 176082EF 8C687CAC
AC11AE51 515E0818 DB4E77AA 014D3BA0 456305CF ADAEB10E 907CF3C2 C2AC9589
BC9143BC 904B0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF
301F0603 551D2304 18301680 14AA70B5 41780650 94D75910 18614801 139F3E51
3D301D06 03551D0E 04160414 AA70B541 78065094 D7591018 61480113 9F3E513D
300D0609 2A864886 F70D0101 05050003 82010100 3FAA16B0 D110FF20 DEC3D85E
98F87B2A 748350BB 71A854AD F32E3DA9 CEFE181B 9AB9BE80 574168A7 3F011ED4
E51E7E01 4DBD1F7E 5C10A0FB 3F6E2A58 3A62F989 E022E53D 227D60AD 17D30BAC
41523589 AB87F1E6 81606280 416D0306 96777BB5 7012943D FD30F18C FE2D65E5
0C9F8FCE E64252D5 02AAD7D4 09853E89 8F0EFDB1 E0FE371C D02BE009 472EDBC1
9CB025CF F02DF230 088B890F BBCFD378 10AA6ED4 EB135C43 03D16848 450100C2
068F87D2 7D1449D8 9C4B6D9E AAE791D2 3B6A5B0A B871A93F 9BD729DF 301A2277
7153BABC BE42A970 92A81AB7 269F6EF6 9873F8C1 EB747F75 9881F1DC 2CFB35DF
8BC05006 5C87EC7F 67616742 231FFD68 65BB6503
quit

!
!
!
!
!
!
!
license udi pid CSR1000V sn 9U8UJUQ3U0O
license boot level ax
diagnostic bootup level minimal
!
spanning-tree extend system-id
netconf-yang cisco-odm actions ACL
netconf-yang cisco-odm actions BGP
netconf-yang cisco-odm actions OSPF
netconf-yang cisco-odm actions Archive
netconf-yang cisco-odm actions IPRoute
netconf-yang cisco-odm actions EFPStats
netconf-yang cisco-odm actions IPSLAStats
netconf-yang cisco-odm actions Interfaces
netconf-yang cisco-odm actions Environment
netconf-yang cisco-odm actions FlowMonitor
netconf-yang cisco-odm actions MemoryStats
netconf-yang cisco-odm actions BFDNeighbors
netconf-yang cisco-odm actions BridgeDomain
netconf-yang cisco-odm actions CPUProcesses
netconf-yang cisco-odm actions LLDPNeighbors
netconf-yang cisco-odm actions VirtualService
netconf-yang cisco-odm actions MemoryProcesses
netconf-yang cisco-odm actions EthernetCFMStats
netconf-yang cisco-odm actions MPLSLDPNeighbors
netconf-yang cisco-odm actions PlatformSoftware
netconf-yang cisco-odm actions MPLSStaticBinding
netconf-yang cisco-odm actions MPLSForwardingTable
netconf-yang
!
!
username admin privilege 15 secret 5 $1$1U/S$7ZnTHY6orTeSU4HPGR7G81
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet1
ip address 192.168.188.150 255.255.0.0
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet2
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet3
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
!
virtual-service csr_mgmt
ip shared host-interface GigabitEthernet1
activate
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet1 192.168.188.254
ip ssh rsa keypair-name ssh-key
ip ssh version 2
!
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
stopbits 1
line vty 0 4
transport input ssh
!
!
!
!
!
!
end

使用Netconf管理Cisco网络设备的更多相关文章

  1. 使用域账号统一管理cisco网络设备

    1.思科设备和微软系统整合的背景: 公司内部有一定数量的客户端,为了实现统一化,在管理内部部署了域架构,这样可以通过组策略对客户端进行批量化管理,提高了管理的效率. 同样公司内部有一定数量的网络设备( ...

  2. 使用python管理Cisco设备-乾颐堂

    今天发现一个老外使用python写的管理cisco设备的小框架tratto,可以用来批量执行命令. 下载后主要有3个文件: Systems.py 定义了一些不同设备的操作系统及其常见命令. Conne ...

  3. 使用tratto进行CISCO网络设备的管理

    测试环境: CSR1000V CentOS7.4 X64 Step 1:在CentOS7上安装python 3.0环境 [root@docker ~]# python3 -VPython 3.7.0[ ...

  4. H3C、Huawei、Cisco网络设备AAA TACACS认证配置

    TACACS技术白皮书 摘要:TACACS是实现AAA功能的一种安全协议,主要是通过TACACS客户端与TACACS服务器通信来实现多种用户的AAA功能. HWTACACS采用TCP协议承载报文,TC ...

  5. 用python管理Cisco路由器

    目前DevOps是整个运维发展的方向,Network的运维也一样.使用程序控制底层的路由器是最基本的要求之一. 本文简单解释如何用Python控制路由器,对网络设备进行配置. Python和网络设备连 ...

  6. Cisco网络设备命名规则

      1. CISCO 开头的产品都是路由器:2. RSP 开头的都是CISCO7500 系列产品的引擎:3. VIP 开头的产品都是CISCO 7500系列产品的多功能接口处理器模块:4. PA 开头 ...

  7. 配置Cisco网络设备

    了解就行,不用记 电脑管理路由器软件   路由器显示命令: router#show run :显示配置信息 router#show interface :显示接口信息 router#show ip r ...

  8. cisco网络设备IOS升级步骤

    step1:检查和备份================================================================4507R#write4507R#copy run ...

  9. Cisco的互联网络操作系统IOS和安全设备管理器SDM__管理Cisco互联网络

    1.如果不能远程登录到一台设备上,可能是由于远程设备上没有设置口令.也可能是由于访问控制列表过滤了远程登录会话. show users:检查都有哪些设备连接到了此路由器. clear line #:清 ...

随机推荐

  1. 【25.33%】【codeforces 552D】Vanya and Triangles

    time limit per test4 seconds memory limit per test512 megabytes inputstandard input outputstandard o ...

  2. LUA整合进MFC代码

    这几天研究了一下lua,主要关注的是lua和vc之间的整合,把代码都写好放在VC宿主程序里,然后在lua里调用宿主程序的这些代码(或者叫接口.组件,随便你怎么叫),希望能用脚本来控制主程序的行为.这实 ...

  3. Warning: file_put_contents(常用单词1.txt): failed to open stream: Invalid argument in

    Warning: file_put_contents(常用单词1.txt): failed to open stream: Invalid argument in 一.总结 1.上述问题是因为Win ...

  4. [读书笔记]《Android开发艺术探索》第十五章笔记

    Android性能优化 Android不可能无限制的使用内存和CPU资源,过多的使用内存会导致内存溢出,即OOM. 而过多的使用CPU资源,通常是指做大量的耗时任务,会导致手机变的卡顿甚至出现程序无法 ...

  5. [Typescript 2] Nullable Types - Avoiding null and undefined Bugs

    For example you have a TS app: enum PaylerPosition { Guard, Forward, Center } interface Player { nam ...

  6. C#中类和结构体的区别

    结构体和类同样能够定义字段,方法和构造函数,都能实例化对象,这样看来结构体和类的功能好像是一样的了,但是他们在数据的存储上是不一样的(以下摘录): C#结构体和类的区别问题:在C#编程语言中,类属于引 ...

  7. Starting MySQL.. ERROR! The server quit without updating PID file (/usr/local/mysql/data/vm10-0-0-19

    输入:service mysqld start 报错: Starting MySQL.. ERROR! The server quit without updating PID file (/usr/ ...

  8. DevCloud项目管理与Leangoo使用对比

    DevCloud(华为软件开发云)是集华为研发实践.前沿研发理念.先进研发工具为一体的研发云平台,面向开发者提供端到端的研发工具服务.项目管理是DevCloud服务之一,致力于为敏捷开发团队提供简单高 ...

  9. Lucene分词报错:”TokenStream contract violation: close() call missing”

    Lucene使用IKAnalyzer分词时报错:”TokenStream contract violation: close() call missing”  解决办法是每次完成后必须调用关闭方法. ...

  10. LeetCode总结 -- 树结构的一部分

    这篇总结主要介绍树中比較常见的一类题型--树的构造.事实上本质还是用递归的手法来实现,可是这类题目有一个特点.就是它是构建一棵树.而不是给定一棵树,然后进行遍历,所以实现起来思路上有点逆向,还是要练习 ...