NETCONF¶
Overview¶
The NETCONF projects hosts multiple components relating to IETF’s NETCONF Working Group:
Northbound and southbound plugins for NETCONF protocol, as described in RFC-6241
Northbound plugin for RESTCONF protocol, as described in RFC-8040
Northnound plugin for descring RESTCONF endpoint in terms of OpenAPI 3.0
Behavior/Feature Changes¶
The most important new feature is implementation of support for RFC 8639 subscribed notifications, including filtering, counters and stop-time features. The next note worthy delivered efforts are migration to Apache Pekko and migration of RESTCONF OpenAPI to Netty.
New Features¶
Deprecated and Removed Features¶
There are no deprecated or removed features.
Resolved Issues¶
The following table lists the issues resolved in this release.
Type |
Key |
Summary |
Resolution |
Fix Version(s) |
|---|---|---|---|---|
|
Stop SSE stream on subscription termination |
Done |
9.0.0 |
|
|
|
Netty RESTCONF endpoint freezes when request handler throws |
Done |
8.0.8, 9.0.0 |
|
|
|
Semaphore concurrent RPC limit permit not released after session down in NetconfDeviceCommunicator |
Done |
7.0.12, 8.0.8, 9.0.0 |
|
|
|
Deadlock risk with Session Lock & KeepaliveTask Synchronization |
Done |
7.0.12, 8.0.8, 9.0.0 |
|
|
|
Unable to update leaf-list data with the merge operation in a YANG-PATCH request |
Done |
7.0.12, 8.0.8, 9.0.0 |
|
|
|
Unable to update leaf-list data with PUT request on the device |
Done |
7.0.12, 8.0.8, 9.0.0 |
|
|
|
Getting leaf-list data from device fails with a 500 Server Error |
Done |
7.0.12, 8.0.8, 9.0.0 |
|
|
|
IETF get-config is failing with rpc-reply transformation error |
Done |
7.0.12, 8.0.8, 9.0.0 |
|
|
|
Restconf returns 500 for invalid PUT data |
Done |
8.0.8, 9.0.0 |
|
|
|
Restconf return 500 Server Error if YangPatch body is incorrect |
Done |
7.0.12, 8.0.8, 9.0.0 |
|
|
|
Call Home Device Connection Failure |
Done |
8.0.4, 9.0.0 |
|
|
|
Device attempts to reconnect even if client config throws exception |
Done |
7.0.11, 8.0.4, 9.0.0 |
|
|
|
Netconf does not attempt reconnection if initial session is closed |
Done |
7.0.12, 8.0.6, 9.0.0 |
|
|
|
Refactor HTTPServerSession pipeline setup |
Done |
9.0.0 |
|
|
|
Reconfigured device failed to reconnect with: IllegalStateException: Transaction factory was closed. No further operations allowed. |
Done |
7.0.11, 8.0.4, 9.0.0 |
|
|
|
Description of subscription query parameters is wrong |
Done |
7.0.11, 8.0.4, 9.0.0 |
|
|
|
HTTP/2 cleartext upgrade flow fails for Java built in HttpClient |
Done |
8.0.4, 9.0.0 |
|
|
|
Reconnection failure after deleting and re-adding call-home devices |
Done |
7.0.11, 8.0.4, 9.0.0 |
|
|
|
StreamWriterFacade.warnLegacyAttribute() warning on rpc-reply message-id |
Done |
7.0.12, 8.0.6, 9.0.0 |
|
|
|
Integrate SubscriptionStateService |
Done |
9.0.0 |
|
|
|
Refactor SubscriptionStateMachine |
Done |
9.0.0 |
|
|
|
Remove transaction to update mountpoint to connecting state before device removal |
Done |
7.0.12, 8.0.4, 9.0.0 |
|
|
|
Offload transport-http request processing |
Done |
8.0.4, 9.0.0 |
|
|
|
Add transport.http.AcceptHeader and its parser |
Cannot Reproduce |
8.0.4, 9.0.0 |
|
|
|
Require properly-parameterized TransportChannelListener |
Done |
9.0.0 |
|
|
|
OpenAPI: improve parameters validation |
Done |
8.0.1, 9.0.0 |
|
|
|
Migrate to Apache Pekko |
Done |
9.0.0 |
|
|
|
Expose support for TCP MD5 Signature option from NettyTransportSupport |
Done |
9.0.0 |
|
|
|
Add filtering to notification subscriptions |
Done |
9.0.0 |
|
|
|
Expose NETCONF event stream for RESTCONF subscriptions |
Done |
9.0.0 |
|
|
|
Add support for RFC 8639 notification subscriptions |
Done |
9.0.0 |
|
|
|
Implement stop-time |
Done |
9.0.0 |
|
|
|
Refactor ReceiverHolder into RestconfStream class |
Won’t Do |
9.0.0 |
|
|
|
Get stream info for subscription |
Done |
9.0.0 |
|
|
|
Enable subscription filtering tests |
Done |
9.0.0 |
|
|
|
Apply counting of excluded notifications |
Won’t Do |
9.0.0 |
|
|
|
Refactor subscription state service |
Done |
9.0.0 |
|
|
|
Populate subtree filters using DTCL |
Done |
9.0.0 |
|
|
|
Implement (databind) SubtreeMatcher |
Done |
9.0.0 |
|
|
|
Implement (databind) SubtreeFilterWriter |
Done |
9.0.0 |
|
|
|
Implement (databind) SubtreeFilterReader |
Done |
9.0.0 |
|
|
|
Implement counters |
Done |
9.0.0 |
|
|
|
Add netconf.databind.subtree.SubtreeFilter |
Done |
9.0.0 |
|
|
|
Add netconf.api.subtree.SubtreeFilter |
Done |
9.0.0 |
|
|
|
Test NETCONF stream is updated when model context changes |
Duplicate |
9.0.0 |
|
|
|
Create integration test for writing filter into config |
Done |
9.0.0 |
|
|
|
Improve stream existence check with subscribed stream registry |
Done |
9.0.0 |
|
|
|
Provide Java based tests for OpenApi over Netty |
Done |
8.0.10, 9.0.0 |
|
|
|
Migrate restconf-openapi to Netty |
Done |
8.0.10, 9.0.0 |
|
|
|
OpenAPI: add metadata endpoint |
Done |
8.0.2, 9.0.0 |
Known Issues¶
The following table lists the known issues that exist in this release.
Type |
Key |
Summary |
Status |
Affected Version(s) |
Fix Version(s) |
|---|---|---|---|---|---|
|
|
SshKeyExchangeAlgorithm.Sntrup761x25519Sha512 cannot be explicitly configured |
Resolved |
9.0.0 |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
Incorrect mapping of SshEncryptionAlgorithm.AEADAES256GCM |
Resolved |
5.0.10, 5.0.5, 6.0.0, 6.0.9, 7.0.0, 7.0.12, 8.0.9, 9.0.0 |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
NetconfDeviceCommunicator.sessionLock can cause starvation |
Resolved |
7.0.12, 8.0.8, 8.0.9, 9.0.0 |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
Received data order from GET request is not preserved |
Resolved |
7.0.11, 8.0.7, 9.0.0 |
10.0.0, 7.0.12, 8.0.8, 9.0.1 |
|
|
|
Netty does not return error on non-existing mountpoint |
Resolved |
8.0.7, 9.0.0 |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
Stop-time is not removed from datastore during modifySubscription |
Resolved |
9.0.0 |
10.0.0, 9.0.2 |
|
|
|
netconf-testtool seems to misconfigure the datastore |
Confirmed |
6.0.8, 7.0.10, 8.0.2, 9.0.0 |
11.0.0 |
Resolved Issues in SR1¶
The following table lists the issues resolved in this release.
Type |
Key |
Summary |
Resolution |
Fix Version(s) |
|---|---|---|---|---|
|
|
SshKeyExchangeAlgorithm.Sntrup761x25519Sha512 cannot be explicitly configured |
Done |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
Cannot configure SshEncryptionAlgorithm.Chacha20Poly1305 |
Done |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
Incorrect mapping of SshEncryptionAlgorithm.AEADAES256GCM |
Done |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
NetconfDeviceCommunicator.sessionLock can cause starvation |
Done |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
Received data order from GET request is not preserved |
Done |
10.0.0, 7.0.12, 8.0.8, 9.0.1 |
|
|
|
Netty does not return error on non-existing mountpoint |
Done |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
SshKeyExchangeAlgorithm.Mlklem* cannot be explicitly configured |
Done |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
Refactor transport.ssh.TransportUtil |
Done |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
Make RestconfStrategy.readData() asynchronous |
Done |
10.0.0, 9.0.1 |
|
|
|
Stop using net.i2p.crypto |
Done |
10.0.0, 8.0.9, 9.0.1 |
|
|
|
Update swager UI to 5.28.1 |
Done |
10.0.0, 9.0.1 |
Known Issues in SR1¶
The following table lists the known issues that exist in this release.
Type |
Key |
Summary |
Status |
Affected Version(s) |
Fix Version(s) |
|---|---|---|---|---|---|
|
|
Netty based OpenAPI operates with JAXRS configuration |
Resolved |
10.0.2, 9.0.1 |
10.0.3, 11.0.0, 8.0.10, 9.0.2 |
|
|
|
Unable to change NETCONF device configuration in clustered toloplogy |
Resolved |
10.0.3, 8.0.9, 9.0.1 |
10.0.3, 11.0.0, 8.0.10, 9.0.2 |
|
|
|
ServerPublicKeyVerifier relies on key implementation |
Resolved |
10.0.0, 7.0.0, 7.0.12, 8.0.9, 9.0.1 |
10.0.1, 8.0.10, 9.0.2 |
|
|
|
ChunkedFrameDecoder may produce error “LEAK: ByteBuf.release() was not called before it’s garbage-collected” |
Confirmed |
8.0.9, 9.0.1 |
10.0.4, 11.0.0, 9.0.3 |
|
|
|
Few devices fail to reconnect after device restart |
Resolved |
10.0.0, 7.0.10, 8.0.2, 9.0.1 |
10.0.3, 11.0.0, 8.0.10, 9.0.2 |
Resolved Issues in SR2¶
The following table lists the issues resolved in this release.
Type |
Key |
Summary |
Resolution |
Fix Version(s) |
|---|---|---|---|---|
|
|
Netty based OpenAPI operates with JAXRS configuration |
Done |
10.0.3, 11.0.0, 8.0.10, 9.0.2 |
|
|
|
Unable to change NETCONF device configuration in clustered toloplogy |
Done |
10.0.3, 11.0.0, 8.0.10, 9.0.2 |
|
|
|
RestconfSchemaService returns 500 for all accept types |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
ServerPublicKeyVerifier relies on key implementation |
Done |
10.0.1, 8.0.10, 9.0.2 |
|
|
|
Stop-time is not removed from datastore during modifySubscription |
Done |
10.0.0, 9.0.2 |
|
|
|
Improving Path Validation for RFC7950 Notifications |
Done |
10.0.0, 9.0.2 |
|
|
|
Use device-advertised schema after mount instead of default base schema |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
OpenApi over Netty memory consumption |
Done |
10.0.0, 9.0.2 |
|
|
|
Few devices fail to reconnect after device restart |
Done |
10.0.3, 11.0.0, 8.0.10, 9.0.2 |
|
|
|
RestconfSchemaService returns 500 for device model |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Add support for HTTP/2 prior-knowledge to Netty server |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Split out KeyPairWithCertificate |
Done |
10.0.1, 9.0.2 |
|
|
|
Make topology SSH transport configuration effective immediately |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Document SSH transport configuration |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Do not use stax-utils in databind |
Done |
10.0.0, 9.0.2 |
|
|
|
Unify transport-{http,ssh,tls} ietf-crypto-types handling |
Done |
10.0.1, 9.0.2 |
|
|
|
Apply user specified request time-out to all RPCs request to device |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
netconf-testtool: Advertise ietf-netconf to enable model-driven parsing of base NETCONF RPCs |
Done |
10.0.0, 9.0.2 |
|
|
|
Solve creating of chunks for FiniteResponse streaming |
Done |
10.0.0, 9.0.2 |
|
|
|
Deal with error during generating FiniteResponse |
Done |
10.0.0, 9.0.2 |
|
|
|
Create E2E test for HTTP2 stream listening |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Enable HTTP2 streaming for RFC 8040 streams |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Enable HTTP2 streaming for subscribed notifications |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Implement Netty HTTP2 streaming |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Implement HTTP1 pipelining |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Create logic to suspend and to resume subscriptions |
Done |
10.0.0, 9.0.2 |
|
|
|
Move EffectiveModelContext to AbstractRegistry |
Done |
10.0.0, 9.0.2 |
|
|
|
Finish implementation of HTTP2 StreamSender |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Bump exificient to latest 1.0.7 version |
Done |
10.0.3, 11.0.0, 8.0.10, 9.0.2 |
|
|
|
Document exposing used SSH transport |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Show used SSH transport option for device connection |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Test Netty HTTP2 streaming |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Make chunk size configurable |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Implement backpressure for chunked response |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Bump mina-sshd to 2.16.0 |
Done |
10.0.1, 11.0.0, 9.0.2 |
|
|
|
Make SSH transport configurable |
Done |
10.0.1, 11.0.0, 9.0.2 |
|
|
|
Separate out HTTP/1 and HTTP/2 request dispatch |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Extract Encoding from RPC |
Done |
10.0.0, 9.0.2 |
|
|
|
SSE streaming HTTP2 support |
Done |
10.0.3, 11.0.0, 9.0.2 |
|
|
|
Plug EffectiveModelContext into AbstractRestconfStreamRegistry |
Done |
10.0.1, 11.0.0, 9.0.2 |
Known Issues in SR2¶
The following table lists the known issues that exist in this release.
Type |
Key |
Summary |
Status |
Affected Version(s) |
Fix Version(s) |
|---|---|---|---|---|---|
|
|
CMSCertificateParser does not handle multiple encoded entities |
Confirmed |
10.0.1, 8.0.10, 9.0.2 |
10.0.4, 11.0.0, 9.0.3 |