NETCONF Design and Implementation of a Prototype

Size: px
Start display at page:

Download "NETCONF Design and Implementation of a Prototype"

Transcription

1 International University Bremen Electrical Engineering and Computer Science Faculty NETCONF Design and Implementation of a Prototype Author: Catalin Ciocov Supervisor: Jürgen Schönwälder 13 th May 2004

2 ABSTRACT Due to the continuous grow of the Internet, network management has become an important task. For some networks this task is becoming very difficult as the number of devices is very large. Every network device has at least some configuration options and due to the large variety of such devices there is a need for a standardized way of working with configuration information. This paper gives an overview of NETCONF, a new network management protocol that tries to solve some of the problems that are currently faced in the field, and describes a prototype implementation. TABLE OF CONTENTS ABSTRACT INTRODUCTION NETCONF DESCRIPTION PROTOCOL OVERVIEW COMMUNICATION CAPABILITIES CONFIGURATION DATASTORES NETCONF OPERATIONS <get-config> Operation <edit-config> Operation <copy-config> Operation <delete-config> Operation <lock>, <unlock> Operations <get-all> Operation <kill-session> Operation RUNNIG NETCONF OVER SSH PROTOTYPE PROTOTYPE OVERVIEW RESOURCES PLUG-IN COLLECTION AGENT IMPLEMENTATION RELATED WORK YENCA CONCLUSIONS

3 1 Introduction The Internet is expanding at a fast pace and along with it the IP networks grow both in dimensions and in complexity. Because a lot of organizations rely on the Internet and also the local Intranet to conduct their daily business, network management has become a very important task. Due to large network sizes, there is a clear need for automated management solutions that can configure entire systems, using a standardized protocol, which is not limited to the current state of development and can be extended along the way, as new things are invented. As a protocol still under design phase, NETCONF [1] tries to address some of the problems in network management. It uses XML [8] technologies to give a hierarchical structure to configuration data, also allowing it to be easily readable by other software packages. Using other XML technologies like XSLT [2], configurations can be transformed from a default (or initial) state to a specific (vendor - dependent) format, which can be used for new devices. In order to test if such a protocol will work in practice, and to see where the practical problems arise, a prototype has been implemented. The development of a prototype allows us to test different approaches and see which fits better into practice. Also, during implementation new ideas might pop-up, which could change the design of the protocol. This paper is continued with an introduction about NETCONF, including its basic features and operations. Section 3 describes the prototype implementation and Section 4 presents some related work. In Section 5 I conclude with a discussion about possible further work and improvements. 2 NETCONF Description NETCONF is a network management protocol which allows a client to configure a remote system over the network. Both configuration data and state information can be retrieved or manipulated. The protocol is currently in its design phase. The work is done by the NETCONF Working Group [7] within the Internet Engineering Task Force (IETF) organization. The communication between a client (also called a manager) and a server (also called an agent) is done via a simple request - response mechanism, where each message 3

4 exchanged is encoded in XML. The contents of both the request and the reply are described using XML schemas. The protocol allows a client to discover the set of protocol extensions that might be supported by the server. Using these capabilities, the client can adapt its behavior to take advantage of special features of certain devices. NETCONF is designed as a multi-channel protocol, having separate channels for session management, protocol operations and notifications. Because configuration data is in most cases of sensitive nature, security issues must be addressed. For message security NETCONF relies on the underlying transport. Access control is not yet considered, but some sort of security at this level can be achieved using again the underlying transport. For example, in case SSH is used, only users that are allowed to login into the system will be allowed to access NETCONF. 2.1 Protocol Overview NETCONF uses a request - response mechanism to facilitate the communication between the client and the server. The server is an application installed on the target system (the one that is being configured) and the client is usually part of a network management system. Layer Content Example Configuration Data Operations <get-config>, <edit-config> RPC <rpc>, <rpc-reply> Transport Protocol BEEP, SSH Figure 1: NETCONF protocol layers. [1] The protocol is conceptually organized into four different layers: 1. The Transport Protocol layer provides the communication mechanism between the client and the server. Since NETCONF is connection - oriented, the transport must 4

5 provide a persistent connection between peers. NETCONF can be mapped onto transport protocols such as Blocks Extensible Exchange Protocol (BEEP) [3], SOAP over HTTP [4] or Secure Shell (SSH) [5]. This layer is also responsible for the message security, so choosing a secure protocol has its advantages. 2. The RPC layer provides a transport independent framing mechanism for encoding messages. 3. The Operations layer defines a set of basic operations used to retrieve or set configuration and state information on/to the device. 4. The Content layer defines the configuration data that is manipulated, which is specific for each particular device that is configured. 2.2 Communication The communication between client and server is done via the underlying transport which is responsible for the connection management. Once the connection is established, both the client and the server send a greeting message in form of a <hello> element. <hello> Client Server <hello> <rpc> <rpc-reply> Figure 2: Time diagram. The <rpc> element is used to transmit a NETCONF request to the server. Each <rpc> element has a unique message-id attribute which will be copied into the corresponding reply message. This allows a manager to send multiple requests before processing the responses from the agent. 5

6 An <rpc-reply> element is used as a response to a <rpc> element and contains the same message-id attribute. In case some error occurred, the <rpc-reply> element will contain a <rpc-error> element describing the error. 2.3 Capabilities A capability is defined as a set of additional functionalities that is supported by a manager or agent. These capabilities are an extension of the base set of NETCONF operations and are advertised in the <hello> message at the start of communication. Each capability is identified by an Uniform Resource Identifier (URI) and is fully described using XML schemas. Using capabilities, a NETCONF client can adapt its behavior to take advantage of features provided by the device being configured. For example, if a device supports the validation of configuration data, a client might use this capability to validate a new set of configuration parameters before actually setting them on the device. 2.4 Configuration Datastores A configuration datastore is defined as the complete set of configuration data that is required to get a device from its initial default state into a desired operational state. The configuration datastore does not include state data of the device. At any single moment, there is just one configuration datastore that is active on the device, which is defined as the <running/> configuration datastore. Based on the declared capabilities of the agent, additional datastores with special semantics like <startup/> or <candidate/> could be used. The candidate configuration is a full configuration data set that is used as a work space for modifying the settings of the device. Changes made to this datastore do not actually affect the device until they are committed to the <running/> datastore. 2.5 NETCONF Operations A small set of basic operations are defined to get, edit and delete device configurations or retrieve state information. Additional operations might be supported by certain devices, and in this case they are advertised during capabilities exchange. 6

7 The following basic operations are defined: - get-config - edit-config - copy-config - delete-config - lock - unlock - get-all - kill-session For each of these operations the agent will respond with a <rpc-reply> element containing either an <ok/> element if everything worked fine, or a <rpc-error> element if some error occurred. For operations that retrieve data from the device, the reply contains that information as well <get-config> Operation This operation will retrieve all or a part of the device configuration. It takes two parameters: - source: the name of the configuration datastore - config: the configuration subtree that needs to be retrieved <edit-config> Operation This operation will modify a configuration on the device in a specified datastore. If the device supports additional features such as a validate operation, then the agent can take advantage of this and validate the data. - target: the name of the configuration datastore being updated - config: the configuration subtree that needs to be modified - operation: specifies the way in which the configurations is being updated - test-option: specifies whether the configuration must be tested/validated before installing it - error-option: specifies whether the agent should stop when some error occurs The config element has an operation attribute which specifies how the update will be carried out. Its possible values are merge, replace and delete. In case of merge, the new configuration is being merged with the existing one, so fields that are not present in the request will remain with their old value. By using replace as the value of this 7

8 attribute, the new configuration totally replaces the old one. In case of delete, the configuration is deleted from the device <copy-config> Operation This operation will copy the configuration data from a source datastore to a target datastore. The source parameter could either be an entire configuration datastore or just parts of it, in which case a <config> element is used, like in <get-config> or <editconfig> operations <delete-config> Operation This operation will delete a datastore. The <running/> datastore cannot be deleted, so this operation is useful to implementations that support multiple datastores. If only certain parts of the configuration data need to be deleted <edit-config> operation should be used <lock>, <unlock> Operations The <lock> operation performs a lock on all or parts of a configuration. This lock holds until an <unlock> operation is issued or until the session is terminated. Requesting a lock on a resource that is already locked, will cause the lock to fail, and the session id which currently holds the lock will be returned. This can be used to force the release of a lock, using the <kill-session> operation. A lock operation should prevent any kind of modification on the data being locked, requested either by another NETCONF agent or any other network management system <get-all> Operation This operation is used to retrieve the full configuration data from the system. In case multiple datastores are supported the source can be any of those, otherwise it has to be the <running/> datastore <kill-session> Operation The operation takes as parameter a session id and forces the termination of that NETCONF session. In case the current session id is passed, the operation will fail. If the session was terminated, the agent will send an <ok/> element to the manager. The use of 8

9 this command should be accompanied by an access control system, otherwise every user could kill the session of every other user. 2.6 Running NETCONF over SSH Using NETCONF with SSH [5] as an underlying transport protocol, ensures that messages sent between the client and server are encrypted. This is useful because configuration data might include usernames, passwords and other sensitive information. The SSH protocol allows a client and a server to exchange messages securely over the network. Currently there are two versions: SSH version 1 and 2. The SSH version 2 [6] architecture is composed of three layers: - the transport layer provides algorithm negotiation and key exchange - the user authentification layer provides several mechanisms for user authentification - the connection layer multiplexes many different concurrent channels over a single secure connection The proposed way of using NETCONF over SSH is to invoke the agent as a SSH subsystem. A SSH subsystem is a command (or process) that is executed by the SSH daemon once the user has successfully authenticated to the server. Using this approach, only users that are allowed to connect to the server via SSH will be allowed to use NETCONF. 9

10 3 Prototype This section describes the design and implementation of a NETCONF prototype, which uses SSH as the transport protocol. The prototype was developed in Perl for Linux environments. It uses the Perl wrapper for the gnome libxml library [8] for parsing and manipulating the XML data. Because NETCONF can be used to configure both devices (like network cards, printers,...) and software applications or system settings (like users, web servers,...) it is clear that a modular approach is the best. This will allow plug-ins to be added on the fly, supporting new devices. 3.1 Prototype Overview Figure 3 shows the architecture of the prototype: PLUG-IN COLLECTION NETCONF MANAGER OPERATIONS NETCONF RPC Layer NETCONF AGENT OPERATIONS NETCONF RPC Layer SSH SSH NETCONF MANAGER NETCONF AGENT Figure 3: NETCONF prototype architecture The RPC Layer is responsible for framing the messages exchanged between manager and agent. The manager uses a <rpc> element to encode its request to which the agent will respond with a <rpc-reply> element. At the Operations Layer (on the agent side) the content of the <rpc> element is parsed and the agent decides which plug-in or set of plug-ins need to be called in order to carry 10

11 out the request. Once every task is finished, the agent will construct a reply message and send it back to the manager. Plug-ins are called by the agent to carry out the actual configuration work. Each plug-in consists of a set of programs that perform NETCONF operations specifically for a certain device, like retrieve, edit or validate the configuration. 3.2 Resources A resource is defined as either a device or a software application. To properly configure a system, all resources must be uniquely identified. In order to identify every managed resource on a system, URIs will be attached to each instance of a resource. Using this URI, the agent will be able to determine the correct plug-in that needs to be called to carry out the request. 3.3 Plug-in Collection The actual configuration work (get-config, edit-config, etc...) is done via plug-ins. Each plug-in will be responsible for just one resource of the system and must be registered before it can be used. The registration process is very simple: a plug-in will invoke the netconf-register utility by specifying the resource under its control. It is assumed that all plug-ins know where the configuration files are located on the system and how to convert data from and to those files. The basic operations that need to be supported by plug-ins are: - get-config, reads the configuration data and returns it in a NETCONF message (a XML document) - edit-config, reads a NETCONF message and transforms it to the proper format of the configuration file - validate-config, checks if a given configuration document is at least syntactically correct Plug-ins work directly with the resource they are bound to, therefore they are working on the <running/> datastore. The agent will forward all the relevant information received from the manager, so that a plug-in can reply with an appropriate message. 11

12 3.4 Agent Implementation The following figure presents a complete request-response sequence: Manager sends a request (XML document). Agent receives the request, and based on the root element determines the NETCONF operation that needs to be performed. Send error back to manager. NO Valid operation? YES Construct a reply message for the manager with all responses received from the plugins. For each resource specified in the request, call the right plug-in and perform the requested operation with the data provided. Figure 4: request - response cycle. The agent is either a running process (a daemon) on the target machine or, in case SSH is used as a transport protocol, the agent is invoked as a SSH subsystem. Once started, the agent will send a hello message to the manager in which capabilities are advertised, for example, the agent might announce the validate capability (saying that all registered plugins are able to test a given configuration and determine if it s valid or not). The agent will then start reading messages from standard input. Each message must be terminated with the <?eom?> string, which is the end-of-message marker. The message is represented as a XML document and contains only one valid NETCONF operation (get-config, edit-config, etc...). After the operation is determined, the agent will call the appropriate plug-in for each of the resources specified in the request. The plug-in will receive any additional data that is passed from the manager (for example, result filters) and will return the result in XML format, ready to be integrated in the response message (rpc-reply). 12

13 Using all data collected from the plugins the agent will construct a response message and send it back to the manager. In case some errors occur these are reported to the manager and the process stops, unless otherwise specified (see edit-config operation). 4 Related Work In this section I will give a brief overview of another implementation of NETCONF, discussing about similarities or differences from my implementation. Another implementation is called XCMS, which stands for XML-based configuration management system and is developed by a Korean team. The implementation was done in C/C++ and uses SOAP over HTTP as a transport protocol. Due to lack of information about this prototype I am unable to provide further details. 4.1 Yenca Yenca [10] is developed in Java and has Linux environments as a target. Like the prototype implementation presented in this paper, Yenca has a modular structure. Each module has device specific code and is responsible for a certain element in the XML configuration tree. A module is identified by looking at the element name from the configuration tree that was passed to the agent (for example: <users/> element will be handled by a module called users ). Modules can only have responsibility for one global subtree and no additional sub-delegation is possible. This means that, for example, if you have two network interfaces (Cisco and Intel) you have to have just one module responsible for both of them. Like in my prototype, the agent passes to each module the corresponding XML subtree, which must be parsed by the module. Yenca team focused on the locking mechanism, trying to achieve configuration locking with respect to other netconf sessions and also with respect to other management systems. 5 Conclusions This paper has given an overview of NETCONF, a network management protocol currently being standardized. Using XML technologies this protocol attempts to solve some major problems of network management, like the hierarchical and structured representation of configuration and state information of resources present on a system. 13

14 The implementation of the prototype was so far mostly straight forward. However a lot of features still need to be implemented and optimizations are possible. The current state of the prototype allows working only with the <running/> configuration datastore and only <get-config> and <edit-config> operations were implemented. Because a data model is not yet defined in the official protocol specifications this was not taken into consideration, and currently, data is modeled after the examples in [1]. Some optimization work could be done at the agent side, on the communication with the plug-ins. In case multiple operations are performed on the same resource during one session, the agent can be optimized to buffer the configuration data for that resource. This could significantly increase the speed in case a lot of small operations are performed on a resource that has a lot of configuration data, because in most cases, plug-ins have sequential access to configuration information. References [1] R. Enns, NETCONF Configuration Protocol, draft-ietf-netconf-prot-02 (work in progress), Feb [2] Clark, J., "XSL Transformations (XSLT) Version 1.0", W3C REC REC-xslt , November [3] E. Lear, K.Crozier, BEEP Application Protocol Mapping for NETCONF, draft-ietf-netconf-beep-00 (work in progress), Oct [4] T. Goddard, NETCONF over SOAP, draft-ietf-netconf-soap-01 (work in progress),feb [5] M. Wasserman, T. Goddard, Using the NETCONF Configuration Protocol over Secure Shell (SSH), draft-ietf-netconf-ssh-00 (work in progress), Oct [6] Ylonen, T., Kivinen, T., Saarinen, M., Rinne, T. and S. Lehtinen, "SSH Protocol Architecture", draft-ietf-secsh-architecture-14 (work in progress), July [7] IETF, Network Configuration (Netconf), [8] The XML C Parser and toolkit of GNOME, [9] World Wide Web Consortium. Extensible Markup Language (XML) 1.0. W3C Recommendation, [10] Yenca, 14

Expires: February 25, 2004 August 27, Using the NETCONF Configuration Protocol over Secure Shell (SSH) draft-wasserman-netconf-over-ssh-00.

Expires: February 25, 2004 August 27, Using the NETCONF Configuration Protocol over Secure Shell (SSH) draft-wasserman-netconf-over-ssh-00. Network Working Group M. Wasserman Internet-Draft Wind River Expires: February 25, 2004 August 27, 2003 Using the NETCONF Configuration Protocol over Secure Shell (SSH) draft-wasserman-netconf-over-ssh-00.txt

More information

NETCONF Interoperability Testing

NETCONF Interoperability Testing NETCONF Interoperability Testing Ha Manh Tran Iyad Tumar Jürgen Schönwälder Jacobs University Bremen July 1, 2009 Ha Manh Tran, Iyad Tumar, Jürgen Schönwälder NETCONF Interoperability Testing 1 NETCONF

More information

A Python Module for NETCONF Clients

A Python Module for NETCONF Clients A Python Module for NETCONF Clients Shikhar Bhushan Computer Science Jacobs University Bremen Campus Ring 1 28759 Bremen Germany Type: Guided Research Proposal Date: March 8, 2009 Supervisor: Prof. J.

More information

NETCONF Interoperability Testing

NETCONF Interoperability Testing NETCONF Interoperability Testing Ha Manh Tran, Iyad Tumar, and Jürgen Schönwälder Computer Science, Jacobs University Bremen, Germany {h.tran,i.tumar,j.schoenwaelder}@jacobs-university.de Abstract. The

More information

Network Configuration Protocol

Network Configuration Protocol The (NETCONF) defines a simple mechanism through which a network device can be managed, configuration data can be retrieved, and new configuration data can be uploaded and manipulated. NETCONF uses Extensible

More information

XML-based Configuration Management for IP Network Devices

XML-based Configuration Management for IP Network Devices XML-based Configuration Management for IP Network Devices Mi-Jung Choi*, Hyoun-Mi Choi*, Hong-Taek Ju** and James W. Hong* *Dept. of Computer Science and Engineering, POSTECH, Korea ** Dept. of Computer

More information

Category: Standards Track December 2006

Category: Standards Track December 2006 Network Working Group R. Enns, Ed. Request for Comments: 4741 Juniper Networks Category: Standards Track December 2006 Status of This Memo NETCONF Configuration Protocol This document specifies an Internet

More information

Components to Use Data Models

Components to Use Data Models The process of automating configurations in a network involves the use of these core components: Client application: manages and monitors the configuration of the devices in the network. Router: acts as

More information

Implementing Network Configuration Protocol

Implementing Network Configuration Protocol This module provides details of the Network Configuration Protocol. For relevant commands, see Cisco ASR 9000 Series Aggregation Services Router System Security Command Reference. Release Modification

More information

NETCONF Protocol. Restrictions for the NETCONF Protocol. Information About the NETCONF Protocol

NETCONF Protocol. Restrictions for the NETCONF Protocol. Information About the NETCONF Protocol Restrictions for the, on page 1 Information About the, on page 1 How to Configure the, on page 4 Verifying the Configuration, on page 7 Additional References for, on page 9 Feature Information for, on

More information

Design and Implementation of XML-based Configuration Management System for Distributed Systems

Design and Implementation of XML-based Configuration Management System for Distributed Systems Design and Implementation of XML-based Configuration Management System for Distributed Systems Hyoun-Mi Choi, Mi-Jung Choi and James W. Hong Dept. of Computer Science and Engineering, POSTECH, Pohang,

More information

Web Services Based Configuration Management for IP Network Devices *

Web Services Based Configuration Management for IP Network Devices * Web Services Based Configuration Management for IP Network Devices * Sun-Mi Yoo 1, Hong-Taek Ju 2, and James Won-Ki Hong 1 1 Dept. of Computer Science and Engineering, POSTECH {sunny81, jwkhong}@postech.ac.kr

More information

NCClient: A Python library for NETCONF clients

NCClient: A Python library for NETCONF clients NCClient: A Python library for NETCONF clients Shikhar Bhushan Guided Research Final Report, Spring 2009 Department of Computer Science Jacobs University Bremen May 15, 2009 Supervisor: Prof. Dr. J. Schönwälder

More information

Internet Engineering Task Force (IETF) Obsoletes: 4742 June 2011 Category: Standards Track ISSN:

Internet Engineering Task Force (IETF) Obsoletes: 4742 June 2011 Category: Standards Track ISSN: Internet Engineering Task Force (IETF) M. Wasserman Request for Comments: 6242 Painless Security, LLC Obsoletes: 4742 June 2011 Category: Standards Track ISSN: 2070-1721 Abstract Using the NETCONF Protocol

More information

Internet Engineering Task Force (IETF) Juniper Networks K. Watsen Watsen Networks R. Wilton Cisco Systems March 2019

Internet Engineering Task Force (IETF) Juniper Networks K. Watsen Watsen Networks R. Wilton Cisco Systems March 2019 Internet Engineering Task Force (IETF) Request for Comments: 8526 Updates: 6241, 7950 Category: Standards Track ISSN: 2070-1721 M. Bjorklund Tail-f Systems J. Schoenwaelder Jacobs University P. Shafer

More information

XML Management Interface

XML Management Interface , page 1 This chapter describes how to use the XML management interface to configure devices. Feature History for This table lists the release history for this feature. Table 1: Feature History Feature

More information

XML Management Interface

XML Management Interface , page 1 Feature History for, page 1 About the, page 2 Licensing Requirements for the, page 3 Prerequisites to Using the, page 4 Using the, page 4 Example XML Instances, page 16 Additional References,

More information

NETCONF Access Control

NETCONF Access Control NETCONF Access Control draft-bierman-netconf-access-control-01 IETF 77, March 2010 Andy Bierman andyb@iwl.com Agenda Why does NETCONF need a standard access control model (ACM)? What are the functional

More information

Implementing the Network Configuration Protocol

Implementing the Network Configuration Protocol Implementing the Network Configuration Protocol This module provides details of the Network Configuration Protocol. For relevant commands, see Cisco ASR 9000 Series Aggregation Services Router System Security

More information

Internet Engineering Task Force (IETF) Request for Comments: 6470 Category: Standards Track February 2012 ISSN:

Internet Engineering Task Force (IETF) Request for Comments: 6470 Category: Standards Track February 2012 ISSN: Internet Engineering Task Force (IETF) A. Bierman Request for Comments: 6470 Brocade Category: Standards Track February 2012 ISSN: 2070-1721 Abstract Network Configuration Protocol (NETCONF) Base Notifications

More information

Components to Use Data Models

Components to Use Data Models The process of automating configurations in a network involves the use of these core components: Client application: manages and monitors the configuration of the devices in the network. Router: acts as

More information

Cisco IOS XR Programmability for Cloud-Scale Networking

Cisco IOS XR Programmability for Cloud-Scale Networking Cisco IOS XR Programmability for Cloud-Scale Networking LABRST-2332 Santiago Álvarez, Distinguished Technical Marketing Engineer @111pontes Level of Expertise With Network Programmability 1. Can t spell

More information

NETCONF Client GUI. Client Application Files APPENDIX

NETCONF Client GUI. Client Application Files APPENDIX APPENDIX B The NETCONF client is a simple GUI client application that can be used to understand the implementation of the NETCONF protocol in Cisco E-DI. This appendix includes the following information:

More information

NETCONF Interoperability Testing

NETCONF Interoperability Testing NETCONF Interoperability Testing Iyad Tumar, Ha Manh Tran, Jürgen Schönwälder Computer Science, Jacobs University Bremen, Germany {i.tumar, h.tran, j.schoenwaelder@jacobs-university.de Abstract The IETF

More information

Request for Comments: Tail-f Systems December Partial Lock Remote Procedure Call (RPC) for NETCONF

Request for Comments: Tail-f Systems December Partial Lock Remote Procedure Call (RPC) for NETCONF Network Working Group Request for Comments: 5717 Category: Standards Track B. Lengyel Ericsson M. Bjorklund Tail-f Systems December 2009 Partial Lock Remote Procedure Call (RPC) for NETCONF Abstract The

More information

Cisco XML API Overview

Cisco XML API Overview CHAPTER 1 This chapter contains these sections: Introduction, page 1-1 Cisco Management XML Interface, page 1-2 Cisco XML API and Router System Features, page 1-3 Cisco XML API Tags, page 1-3 Introduction

More information

Configuring TACACS+ Finding Feature Information. Prerequisites for TACACS+

Configuring TACACS+ Finding Feature Information. Prerequisites for TACACS+ Finding Feature Information, page 1 Prerequisites for TACACS+, page 1 Information About TACACS+, page 3 How to Configure TACACS+, page 7 Monitoring TACACS+, page 16 Finding Feature Information Your software

More information

Agenda. Summary of Previous Session. XML for Java Developers G Session 6 - Main Theme XML Information Processing (Part II)

Agenda. Summary of Previous Session. XML for Java Developers G Session 6 - Main Theme XML Information Processing (Part II) XML for Java Developers G22.3033-002 Session 6 - Main Theme XML Information Processing (Part II) Dr. Jean-Claude Franchitti New York University Computer Science Department Courant Institute of Mathematical

More information

Lesson 5 Web Service Interface Definition (Part II)

Lesson 5 Web Service Interface Definition (Part II) Lesson 5 Web Service Interface Definition (Part II) Service Oriented Architectures Security Module 1 - Basic technologies Unit 3 WSDL Ernesto Damiani Università di Milano Controlling the style (1) The

More information

A tutorial report for SENG Agent Based Software Engineering. Course Instructor: Dr. Behrouz H. Far. XML Tutorial.

A tutorial report for SENG Agent Based Software Engineering. Course Instructor: Dr. Behrouz H. Far. XML Tutorial. A tutorial report for SENG 609.22 Agent Based Software Engineering Course Instructor: Dr. Behrouz H. Far XML Tutorial Yanan Zhang Department of Electrical and Computer Engineering University of Calgary

More information

I2RS Protocol. I2RS built for High performance. Sue Hares. Not the Pizza box CLI

I2RS Protocol. I2RS built for High performance. Sue Hares. Not the Pizza box CLI I2RS Protocol I2RS built for High performance Not the Pizza box CLI Sue Hares I2RS Protocol Re-use Protocol 5 Drafts draft-ietf-netconf-call-home draft-ietf-netconf-yang-library draft-ietf-netconf-yang-patch

More information

This chapter describes the StarOS NETCONF interface and the ConfD engine. It contains the following sections:

This chapter describes the StarOS NETCONF interface and the ConfD engine. It contains the following sections: This chapter describes the StarOS NETCONF interface and the ConfD engine. It contains the following sections: Overview, page 1 Configuring ConfD, page 2 Verifying the Configuration, page 4 Show Support

More information

RUGGEDCOM NETCONF. Preface. Introducing NETCONF 1. NETCONF Capabilities and Namespaces 2. NETCONF Sessions 3. Getting Data 4

RUGGEDCOM NETCONF. Preface. Introducing NETCONF 1. NETCONF Capabilities and Namespaces 2. NETCONF Sessions 3. Getting Data 4 Preface Introducing NETCONF 1 RUGGEDCOM NETCONF NETCONF Capabilities and Namespaces 2 NETCONF Sessions 3 Getting Data 4 Changing Configuration Data 5 ROXII Actions 6 NETCONF Settings, Logs, and Statistics

More information

XML Transport and Event Notifications

XML Transport and Event Notifications 13 CHAPTER The chapter contains the following sections: TTY-Based Transports, page 13-123 Dedicated Connection Based Transports, page 13-125 SSL Dedicated Connection based Transports, page 13-126 TTY-Based

More information

New Face of z/os Communications Server: V2R1 Configuration Assistant

New Face of z/os Communications Server: V2R1 Configuration Assistant New Face of z/os Communications Server: V2R1 Configuration Assistant Kim Bailey (ktekavec@us.ibm.com) IBM August 14, 2013 Session # 13630 Agenda What is the Configuration Assistant and how can it help

More information

YumaPro Quickstart Guide

YumaPro Quickstart Guide YANG-Based Unified Modular Automation Tools Client/Server Quickstart Guide Version 17.10-14 Table of Contents 1 Preface...4 1.1 Legal Statements...4 1.2 Additional Resources...4 1.2.1 WEB Sites...4 1.2.2

More information

Introduction to Web Services & SOA

Introduction to Web Services & SOA References: Web Services, A Technical Introduction, Deitel & Deitel Building Scalable and High Performance Java Web Applications, Barish Web Service Definition The term "Web Services" can be confusing.

More information

Using the VMware vcenter Orchestrator Client. vrealize Orchestrator 5.5.1

Using the VMware vcenter Orchestrator Client. vrealize Orchestrator 5.5.1 Using the VMware vcenter Orchestrator Client vrealize Orchestrator 5.5.1 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments

More information

XML Transport and Event Notifications

XML Transport and Event Notifications CHAPTER 13 This chapter contains these sections: TTY-Based Transports, page 13-129 Dedicated Connection Based Transports, page 13-131 SSL Dedicated Connection based Transports, page 13-133 TTY-Based Transports

More information

RID IETF Draft Update

RID IETF Draft Update RID IETF Draft Update Kathleen M. Moriarty INCH Working Group 5 August 2004 This work was sponsored by the Air Force under Air Force Contract Number F19628-00-C-0002. "Opinions, interpretations, conclusions,

More information

AUTOMATION AT THE NETWORK LAYER. Rick Shermdog Sherman and Scott Garman Puppet Labs

AUTOMATION AT THE NETWORK LAYER. Rick Shermdog Sherman and Scott Garman Puppet Labs AUTOMATION AT THE NETWORK LAYER Rick Shermdog Sherman and Scott Garman Puppet Labs Brief Intro to Puppet Puppet is a configuration management and application orchestration tool Automate IT deployments

More information

CMPE 151: Network Administration. Servers

CMPE 151: Network Administration. Servers CMPE 151: Network Administration Servers Announcements Unix shell+emacs tutorial. Basic Servers Telnet/Finger FTP Web SSH NNTP Let s look at the underlying protocols. Client-Server Model Request Response

More information

YumaPro Quickstart Guide

YumaPro Quickstart Guide YANG-Based Unified Modular Automation Tools Client/Server Quickstart Guide Version 18.10-6 Table of Contents 1 Preface...4 1.1 Legal Statements...4 1.2 Additional Resources...4 1.2.1 WEB Sites...4 1.2.2

More information

Level of Support for NETCONF Protocol Operations and Features

Level of Support for NETCONF Protocol Operations and Features APPENDIXA Level of Support for NETCONF Operations and Features gives details of each operation and limitations, if any, in the current implementation. te For more details, refer to the NETCONF Configuration

More information

Secure Shell Commands

Secure Shell Commands Secure Shell Commands This module describes the Cisco IOS XR software commands used to configure Secure Shell (SSH). For detailed information about SSH concepts, configuration tasks, and examples, see

More information

Policy Enforced Remote Login

Policy Enforced Remote Login NPS-CS-03-004 February 2003 white paper The Center for INFOSEC Studies and Research Policy Enforced Remote Login Thuy D. Nguyen and Timothy E. Levin Center for Information Systems Security Studies and

More information

Introduction to Web Services & SOA

Introduction to Web Services & SOA References: Web Services, A Technical Introduction, Deitel & Deitel Building Scalable and High Performance Java Web Applications, Barish Service-Oriented Programming (SOP) SOP A programming paradigm that

More information

pure::variants Server Administration Manual

pure::variants Server Administration Manual pure-systems GmbH Version 4.0.14.685 for pure::variants 4.0 Copyright 2003-2018 pure-systems GmbH 2018 Table of Contents 1. Introduction... 1 2. Import Administration Project... 1 3. Manage Users and Roles...

More information

Service Interface Design RSVZ / INASTI 12 July 2006

Service Interface Design RSVZ / INASTI 12 July 2006 Architectural Guidelines Service Interface Design RSVZ / INASTI 12 July 2006 Agenda > Mandatory standards > Web Service Styles and Usages > Service interface design > Service versioning > Securing Web

More information

Cisco Configuration Engine 3.5

Cisco Configuration Engine 3.5 Q&A Cisco Configuration Engine 3.5 Q. What is Cisco Configuration Engine? A. Cisco Configuration Engine is a highly scalable network management software application designed to facilitate rapid configuration

More information

ReST 2000 Roy Fielding W3C

ReST 2000 Roy Fielding W3C Outline What is ReST? Constraints in ReST REST Architecture Components Features of ReST applications Example of requests in REST & SOAP Complex REST request REST Server response Real REST examples REST

More information

Request for Comments: 5573 Category: Experimental June Asynchronous Channels for the Blocks Extensible Exchange Protocol (BEEP)

Request for Comments: 5573 Category: Experimental June Asynchronous Channels for the Blocks Extensible Exchange Protocol (BEEP) Network Working Group M. Thomson Request for Comments: 5573 Andrew Category: Experimental June 2009 Asynchronous Channels for the Blocks Extensible Exchange Protocol (BEEP) Status of This Memo This memo

More information

Cisco Configuration Engine 2.0

Cisco Configuration Engine 2.0 Cisco Configuration Engine 2.0 The Cisco Configuration Engine provides a unified, secure solution for automating the deployment of Cisco customer premises equipment (CPE). This scalable product distributes

More information

Configuring Role-Based Access Control

Configuring Role-Based Access Control Configuring Role-Based Access Control This chapter includes the following sections: Role-Based Access Control, page 1 User Accounts for Cisco UCS Manager, page 1 User Roles, page 4 User Locales, page 7

More information

Tandem-Systems, Ltd. Rhino Terminal. User s Manual

Tandem-Systems, Ltd. Rhino Terminal. User s Manual Tandem-Systems, Ltd. Rhino Terminal User s Manual Tandem Systems, Ltd., 2007-2009 Table of Contents Overview... 4 Features... 5 Getting Started... 6 The Main Window... 6 Establishing a Connection... 6

More information

Supplemental Offer and Acceptance Program (SOAP ): Monitoring a Preference List

Supplemental Offer and Acceptance Program (SOAP ): Monitoring a Preference List Supplemental Offer and Acceptance Program (SOAP ): Monitoring a Preference List Users: Main Residency Match Institutional Officials (IOs) Institutional Administrators (IAs) Program Directors (PDs) Program

More information

FIPA-OS Feature Overview. Agent Technology Group Nortel Networks February 2000

FIPA-OS Feature Overview. Agent Technology Group Nortel Networks February 2000 FIPA-OS Feature Overview Agent Technology Group Nortel Networks February 2000 FIPA-OS - Aims FIPA-OS is a Open Source implementation of FIPA and is available for free. http://www.nort elnetworks.com/ fipa-os

More information

CCNA Exploration Network Fundamentals. Chapter 03 Application Functionality and Protocols

CCNA Exploration Network Fundamentals. Chapter 03 Application Functionality and Protocols CCNA Exploration Network Fundamentals Chapter 03 Application Functionality and Protocols Updated: 27/04/2008 1 3.1 Applications: The Interface Between Human and Networks Applications provide the means

More information

Configuring Security for the ML-Series Card

Configuring Security for the ML-Series Card 19 CHAPTER Configuring Security for the ML-Series Card This chapter describes the security features of the ML-Series card. This chapter includes the following major sections: Understanding Security, page

More information

Reference Manual for the Student and Exchange Visitor Information System Batch Interface

Reference Manual for the Student and Exchange Visitor Information System Batch Interface U.S. Immigration & Naturalization Service Reference Manual for the Student and Exchange Visitor Information System Batch Interface September 20, 2002 DRAFT TABLE OF CONTENTS 1. INTRODUCTION... 1 1.1 Purpose...1

More information

Cisco IOS Cisco Networking Services Command Reference

Cisco IOS Cisco Networking Services Command Reference Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION

More information

Incorporating applications to a Service Oriented Architecture

Incorporating applications to a Service Oriented Architecture Proceedings of the 5th WSEAS Int. Conf. on System Science and Simulation in Engineering, Tenerife, Canary Islands, Spain, December 16-18, 2006 401 Incorporating applications to a Service Oriented Architecture

More information

Using the YANG Development Kit (YDK) with Cisco IOS XE

Using the YANG Development Kit (YDK) with Cisco IOS XE Using the YANG Development Kit (YDK) with Cisco IOS XE 1. Overview The YANG Development Kit (YDK) is a software development kit that provides APIs that are generated from YANG data models. These APIs,

More information

ISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University

ISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University Identity Management and Federated ID (Liberty Alliance) ISA 767, Secure Electronic Commerce Xinwen Zhang, xzhang6@gmu.edu George Mason University Identity Identity is the fundamental concept of uniquely

More information

Web Service Elements. Element Specifications for Cisco Unified CVP VXML Server and Cisco Unified Call Studio Release 10.0(1) 1

Web Service Elements. Element Specifications for Cisco Unified CVP VXML Server and Cisco Unified Call Studio Release 10.0(1) 1 Along with Action and Decision elements, another way to perform backend interactions and obtain real-time data is via the Web Service element. This element leverages industry standards, such as the Web

More information

Role-Based Access Configuration

Role-Based Access Configuration Role-Based Access Control Overview, page 1 User Accounts for Cisco UCS, page 1 User Roles, page 3 Locales, page 9 Locally Authenticated User Accounts, page 11 Monitoring User Sessions, page 19 Role-Based

More information

Configuring Switch-Based Authentication

Configuring Switch-Based Authentication CHAPTER 7 This chapter describes how to configure switch-based authentication on the switch. Unless otherwise noted, the term switch refers to a standalone switch and to a switch stack. This chapter consists

More information

Notes. Submit homework on Blackboard The first homework deadline is the end of Sunday, Feb 11 th. Final slides have 'Spring 2018' in chapter title

Notes. Submit homework on Blackboard The first homework deadline is the end of Sunday, Feb 11 th. Final slides have 'Spring 2018' in chapter title Notes Ask course content questions on Slack (is651-spring-2018.slack.com) Contact me by email to add you to Slack Make sure you checked Additional Links at homework page before you ask In-class discussion

More information

Introducing Cisco License Manager

Introducing Cisco License Manager CHAPTER 1 Cisco License rapidly acquires and deploys a large number of software licenses and tracks license status for an entire network. Tip If you are using Cisco License for the first time, see the

More information

Web services. In plain words, they provide a good mechanism to connect heterogeneous systems with WSDL, XML, SOAP etc.

Web services. In plain words, they provide a good mechanism to connect heterogeneous systems with WSDL, XML, SOAP etc. Web Services Web Services A Web service is a software system designed to support interoperable machine-to-machine interaction over a network. It has an interface described in a machine-processable format

More information

Comprehensive Structured Context Profiles (CSCP): Design and Experiences

Comprehensive Structured Context Profiles (CSCP): Design and Experiences Comprehensive Structured Context Profiles (CSCP): Design and Experiences Sven Buchholz, Thomas Hamann, and Gerald Hübsch Department of Computer Science, Dresden University of Technology {buchholz, hamann,

More information

Prerequisites for Controlling Switch Access with Terminal Access Controller Access Control System Plus (TACACS+)

Prerequisites for Controlling Switch Access with Terminal Access Controller Access Control System Plus (TACACS+) Finding Feature Information, page 1 Prerequisites for Controlling Switch Access with Terminal Access Controller Access Control System Plus (TACACS+), page 1 Information About TACACS+, page 3 How to Configure

More information

QuickStart Guide for Managing Computers. Version

QuickStart Guide for Managing Computers. Version QuickStart Guide for Managing Computers Version 10.6.0 copyright 2002-2018 Jamf. All rights reserved. Jamf has made all efforts to ensure that this guide is accurate. Jamf 100 Washington Ave S Suite 1100

More information

Single Sign On for Local Devices. Application Programmer Interface (API) Guide

Single Sign On for Local Devices. Application Programmer Interface (API) Guide Single Sign On for Local Devices Application Programmer Interface (API) Guide Issue 1 June 2013 ABSTRACT This document provides the API for the SSO-LD (Single Sign-On for Local Devices) capability, to

More information

Management Tools. Management Tools. About the Management GUI. About the CLI. This chapter contains the following sections:

Management Tools. Management Tools. About the Management GUI. About the CLI. This chapter contains the following sections: This chapter contains the following sections:, page 1 About the Management GUI, page 1 About the CLI, page 1 User Login Menu Options, page 2 Customizing the GUI and CLI Banners, page 3 REST API, page 3

More information

CCNA Exploration1 Chapter 3: Application Layer Functionality and Protocols

CCNA Exploration1 Chapter 3: Application Layer Functionality and Protocols CCNA Exploration1 Chapter 3: Application Layer Functionality and Protocols LOCAL CISCO ACADEMY ELSYS TU INSTRUCTOR: STELA STEFANOVA 1 Objectives Functions of the three upper OSI model layers, network services

More information

i2b2 Software Architecture Project Management (PM) Cell Document Version: i2b2 Software Version:

i2b2 Software Architecture Project Management (PM) Cell Document Version: i2b2 Software Version: i2b2 Software Architecture Project Management (PM) Cell Document Version: 1.7.08-004 i2b2 Software Version: 1.7.08 TABLE OF CONTENTS TABLE OF CONTENTS... 2 DOCUMENT MANAGEMENT... 3 ABSTRACT... 4 1 OVERVIEW...

More information

JSON Support for Junos OS

JSON Support for Junos OS JSON Support for Junos OS 1 Introduction: Java Script Object Notation alias JSON a light weight data exchange format is being extensively used for data exchange between web application and servers. With

More information

Introduction to OpenConfig

Introduction to OpenConfig DEVNET-1775 Introduction to OpenConfig Santiago Álvarez, TME Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App

More information

A Policy-Based Security Management Architecture Using XML Encryption Mechanism for Improving SNMPv3

A Policy-Based Security Management Architecture Using XML Encryption Mechanism for Improving SNMPv3 A Policy-Based Security Management Architecture Using XML Encryption Mechanism for Improving SNMPv3 Choong Seon Hong and Joon Heo School of Electronics and Information, Kyung Hee University 1 Seocheon,

More information

Implementing Secure Shell

Implementing Secure Shell Secure Shell (SSH) is an application and a protocol that provides a secure replacement to the Berkeley r-tools. The protocol secures sessions using standard cryptographic mechanisms, and the application

More information

Configuring XML Requests

Configuring XML Requests CHAPTER 3 This chapter describes how to configure XML requests and includes the following sections: Prerequisites, page 3-1 Guidelines and Limitations, page 3-1 Starting a Session with the XML Server,

More information

Web Services For Translation

Web Services For Translation [Translating and the Computer 24: proceedings of the International Conference 21-22 November 2002, London (Aslib, 2002)] Web Services For Translation Mike Roche, IBM Software Group, Dublin, MikeRoche@ie.ibm.com

More information

Data Transport. Publisher's Note

Data Transport. Publisher's Note Data Transport Publisher's Note This document should be considered a draft until the message formats have been tested using the latest release of the Apache Foundation's SOAP code. When those tests are

More information

1 Introduction. 2 Web Architecture

1 Introduction. 2 Web Architecture 1 Introduction This document serves two purposes. The first section provides a high level overview of how the different pieces of technology in web applications relate to each other, and how they relate

More information

RESTCONF Protocol. draft-ietf-netconf-restconf-03 NETCONF WG IETF #91 Honolulu, HI, USA

RESTCONF Protocol. draft-ietf-netconf-restconf-03 NETCONF WG IETF #91 Honolulu, HI, USA RESTCONF Protocol draft-ietf-netconf-restconf-03 NETCONF WG IETF #91 Honolulu, HI, USA Andy Bierman Martin Björklund Kent Watsen v0.3 1 Agenda

More information

Semantic Web. Semantic Web Services. Morteza Amini. Sharif University of Technology Spring 90-91

Semantic Web. Semantic Web Services. Morteza Amini. Sharif University of Technology Spring 90-91 بسمه تعالی Semantic Web Semantic Web Services Morteza Amini Sharif University of Technology Spring 90-91 Outline Semantic Web Services Basics Challenges in Web Services Semantics in Web Services Web Service

More information

XML Key Information System for Secure e-trading

XML Key Information System for Secure e-trading XML Key Information System for Secure e-trading Nam-Je Park, Ki-Young Moon, Sung-Won Sohn Informatoion Security Research Division Electronics Telecommunications Research Institute(ETRI) 161 Gajeong-dong,

More information

CPSC 467: Cryptography and Computer Security

CPSC 467: Cryptography and Computer Security CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 24a December 2, 2013 CPSC 467, Lecture 24a 1/20 Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management and Trusted

More information

Interaction Translation Methods for XML/SNMP Gateway 1

Interaction Translation Methods for XML/SNMP Gateway 1 Interaction Translation Methods for XML/SNMP Gateway 1 Yoon-Jung Oh 1, Hong-Taek Ju 2, Mi-Jung Choi 3 and James W. Hong 4 1,3,4 Dept. of Computer Science and Engineering, POSTECH, Korea 2 Dept. of Computer

More information

A short introduction to Web Services

A short introduction to Web Services 1 di 5 17/05/2006 15.40 A short introduction to Web Services Prev Chapter Key Concepts Next A short introduction to Web Services Since Web Services are the basis for Grid Services, understanding the Web

More information

Configuring Communication Services

Configuring Communication Services This chapter includes the following sections: Configuring HTTP, on page 1 Configuring SSH, on page 2 Configuring XML API, on page 3 Enabling Redfish, on page 3 Configuring IPMI, on page 4 Configuring SNMP,

More information

The Atom Project. Tim Bray, Sun Microsystems Paul Hoffman, IMC

The Atom Project. Tim Bray, Sun Microsystems Paul Hoffman, IMC The Atom Project Tim Bray, Sun Microsystems Paul Hoffman, IMC Recent Numbers On June 23, 2004 (according to Technorati.com): There were 2.8 million feeds tracked 14,000 new blogs were created 270,000 new

More information

Using the VMware vrealize Orchestrator Client

Using the VMware vrealize Orchestrator Client Using the VMware vrealize Orchestrator Client vrealize Orchestrator 7.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by

More information

QuickStart Guide for Managing Computers. Version

QuickStart Guide for Managing Computers. Version QuickStart Guide for Managing Computers Version 10.2.0 copyright 2002-2018 Jamf. All rights reserved. Jamf has made all efforts to ensure that this guide is accurate. Jamf 100 Washington Ave S Suite 1100

More information

1. Launch your web browser. 2. Go to < Enter your address and Password as requested. Click on login.

1. Launch your web browser. 2. Go to <  Enter your  address and Password as requested. Click on login. 1. Launch your web browser. 2. Go to Enter your Email address and Password as requested. Click on login. 1. Enter your complete email address; i.e. johnsmith@

More information

Semantic Web. Semantic Web Services. Morteza Amini. Sharif University of Technology Fall 94-95

Semantic Web. Semantic Web Services. Morteza Amini. Sharif University of Technology Fall 94-95 ه عا ی Semantic Web Semantic Web Services Morteza Amini Sharif University of Technology Fall 94-95 Outline Semantic Web Services Basics Challenges in Web Services Semantics in Web Services Web Service

More information

Configuring Role-Based Access Control

Configuring Role-Based Access Control Configuring Role-Based Access Control This chapter includes the following sections: Role-Based Access Control, page 1 User Accounts for Cisco UCS Manager, page 1 User Roles, page 3 Privileges, page 4 User

More information

Data Querying, Extraction and Integration II: Applications. Recuperación de Información 2007 Lecture 5.

Data Querying, Extraction and Integration II: Applications. Recuperación de Información 2007 Lecture 5. Data Querying, Extraction and Integration II: Applications Recuperación de Información 2007 Lecture 5. Goal today: Provide examples for useful XML based applications Motivation: Integrating Legacy Databases,

More information

Monitoring tools and techniques for ICT4D systems. Stephen Okay

Monitoring tools and techniques for ICT4D systems. Stephen Okay Monitoring tools and techniques for ICT4D systems Stephen Okay Effective Monitoring Why do monitoring? Monitoring tools and Applications Monitoring:What,Where, Why,How, etc. Alerting Off-the-shelf vs.

More information