Posted on April 30, 2019 5:17 pm
 |  Asked by Rajesh Reddy N
 |  141 views
Tags:
0
0
Print Friendly, PDF & Email

Netconf through pyeapi or ncclient is not working

Device has following configuration:

management api netconf
transport ssh def
!
management api restconf
transport https def1
!

can you please guide us, how to communicate with arista eos devices with netconf and also is there any way we can directly try out netconf operations like junos or cisco.

Your help is much appreciated..Thanks in advance.

Regards,
Rajesh Reddy

0
Posted by Tamas Plugor
Answered on May 1, 2019 2:17 am

First of all pyeapi, netconf and restconf are using different APIs.
Pyeapi uses eAPI, which based on your output is disabled (management api http-commands)

You can enable eAPI with ‘no shut’

management api http-commands
no shutdown

For netconf you can use ncclient with no problem. See example below that prints you the config for Ethernet1(you might need to change the ssh port):

or you can get the running-config for example the following way:

However note, that our main focus is on openconfig/gnmi, our latest EOSC article might be helpful: https://eos.arista.com/eos-4-21-3f/support-for-new-openconfig-paths/

Thanks,
Tamas

0
Posted by Rajesh Reddy N
Answered on May 2, 2019 6:57 am

Thanks Thamas.

Port 22 worked to get the response from device, why is it working with 22 but not 830.. however, non of other custom port number is working.. though 830 is shown as operating port number.

Thanks,
Rajesh

0
Posted by Rajesh Reddy N
Answered on May 2, 2019 6:57 am

Thanks Thamas.

Port 22 worked to get the response from device, why is it working with 22 but not 830.. however, none of other custom port number is working.. though 830 is shown as operating port number.

Thanks,
Rajesh

that might be because your custom ports are not allowed on the control-plane ACL, so you’ll need to create a new ACL and apply it on the control-plane. The defaul control-plane ACL cannot be modified, so you can copy the rules from that, create a new one, add your extra rules and apply it. This article should be helpful: https://eos.arista.com/restricting-access-to-the-switch/

Thanks,
Tamas

(Tamas Plugor at May 2, 2019 8:47 pm)
0
Posted by edmund
Answered on May 3, 2019 2:01 pm

Port 830 was added to the default control plane ACL in 4.20.11 and later
https://www.arista.com/en/support/software-bug-portal/bugdetail?bug_id=286421

You can either upgrade or create a customer control plane acl.

Post your Answer

You must be logged in to post an answer.