NETCONF operations and capabilities

Each RPC request can only contain one operation. Table: Summary of operations and capabilities summarizes the protocol operations and capabilities supported on the 7450 ESS, 7750 SR, and 7950 XRS.

Table: Summary of operations and capabilities
Support Capabilities Operations

Base Protocol Operations

RFC 62411

writable-running capability

candidate configuration capability

confirmed commit

<cancel-commit>

validate

<validate>

startup

URL

rollback-on-error

RFC 6243

with-defaults

RFC 5277

notification

<create-subscription>

interleave

RFC 6022

ietf-network-monitoring

<get-schema>

RFC 8525

ietf-yang-library

RFC 8526

<get data>

RFC 7950

<action>2

The following table lists the supported NETCONF operations and arguments.

Table: Supported standard NETCONF operations and arguments
Operation Arguments

get-config

source/[configuration-region]

[filter]

[format]

edit-config

target/[configuration-region]

[default-operation]

[test-option]

[error-option]

config

copy-config

target/[configuration-region]

source/[configuration-region]

delete-config

target

lock

target/[configuration-region]

unlock

target/[configuration-region]

get

[filter]

[configuration-region]

[format]

close-session

kill-session

session-id

discard-changes

[configuration-region]

validate

source/[configuration-region]

commit

[confirmed]

[confirm-timeout]

[persist]

[persist-id]

[configuration-region]

cancel-commit

[persist-id]

create-subscription

[stream]

[startTime]

[stopTime]

get-schema

identifier

[version]

[format]

get-data

datastore

[subtree-filter]

[max-depth]

[with-defaults]

[configuration-region]

[format]

action

(2)

Note: Bracketed arguments are optional. The X/[configuration-group] means that the [configuration-group] can only be used as a child of X.

Table: Protocol operations and level of support in Nokia SR OS NETCONF servers lists protocol operations and level of support in SR OS NETCONF servers, and limitations, if any, in the current implementation.

Table: Protocol operations and level of support in Nokia SR OS NETCONF servers
Protocol operation Example Supported Notes

get-config

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
   <get-config>
      <source>
        <running/>
      </source>
   </get-config>
</rpc>
]]>]]>

Yes

To use the get-config operation, the user must belong to a NETCONF system security profile with get-config enabled for the base-op-authorization.

If present, configuration annotations are encoded with the nokia-attr:comment attribute.

<source>
  <startup/>
</source>

No

<source>
  <candidate/>
</source>

Yes

<source>
  <config/>
</source>

No

<source>
  <url/>
</source>

No

<?xml version="1.0" encoding="UTF-8"?>
<rpc messageid="
101"xmlns="urn:ietf:params:xml:ns:ne
tconf:base:1.0">
  <get-config>
    <source><running/></source>
    <filter type="subtree">
    </filter>
  </get-config>
</rpc>
]]>]]>

Yes

A <filter> is an optional argument.

All subtree filters are supported in SR OS except for ‟attribute match expressions”.

<filter type="xpath">
</filter>

No

<source>
  <configuration-region>...</
configuration-region
</source>

Yes

Optional.

Specify "li", "bof" or "configure". The default, if not specified, is "configure".

Can only be used with the Nokia SR OS modules.

A datastore must be specified inside the <source> if the <configuration-region> is used.

get

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
  <get/>
</rpc>
]]>]]>

Yes

Retrieves both configuration and state data if in XML content layer.

To use the get operation, the user must belong to a NETCONF system security profile with get enabled for the base-op-authorization.

If present, configuration annotations are encoded with the nokia-attr:comment attribute.

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
<get>
  <filter type="subtree">
  </filter>
</get>
</rpc>
]]>]]>

Yes

A <filter> is an optional argument.

Subtree filters are supported except for "attribute match expressions".

<filter type="xpath">
</filter>

No

<configuration-region>...</
configuration-region>

Yes

Optional.

Specify "li", "bof" or "configure". The default, if not specified, is "configure".

Can only be used with the Nokia SR OS modules.

edit-config

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
  <edit-config>
   <target/>
   <default-operation/>
   <test-option/>
   <error-option/>
   <config/>
  </edit-config>
</rpc>
]]>]]>

Yes

<default-operation>, <test-option>, and <error-option> are optional arguments.

To use the edit-config operation, the user must belong to a NETCONF system security profile with edit-config enabled for the base-op-authorization.

Configuration annotations may be encoded with the nokia-attr:comment attribute to add, change, or delete the annotations.

<target>
  <url/>
</target>

No

<target>
  <startup/>
</target>

No

<target>
  <candidate>
</target>

Yes

<default-operation>merge</default-
operation>

Yes

Default

<default-operation>none</default-
operation>

Yes

With the Nokia SR OS YANG modules, an operation of "none" (inherited or direct) on a leaf node that does not exist in the data model causes SR OS to return an error with an <error-tag> value of ‟data-missing”.

<default-operation>replace</default-
operation>

Yes

<test-option>test-then-set</test-
option>

Yes

<test-option>set</test-
option>

Yes

<test-option>test-only</test-
option>

Yes

<error-option>continue-on-error</error-
option>

No

<error-option>rollback-on-error</error-
option>

Yes

<error-option>stop-on-error</error-
option>

Yes

Default.

This can be specified but, starting in Release 20.2.R1, behaves the same as a rollback-on-error.

<target> 
  <configuration-region>...</
configuration-region>
</target>

Yes

Optional.

Specify "li", "bof" or "configure".

Default, if not specified, is "configure".

Can only be used with the Nokia SR OS modules.

close-session

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
   <close-session/>
</rpc>
]]>]]>

Yes

When a session is closed, any locks held are released and the session is terminated. Any pending RPC requests are discarded.

To use the close-session operation, the user must belong to a NETCONF system security profile with close-session enabled for the base-op-authorization.

commit

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
  <commit/>
</rpc>
]]>]]>

Yes

When commit is issued, any configuration stored in the <candidate> datastore is written to the running configuration unless the device is locked by a NETCONF client or <running> datastore is locked by any other NETCONF session. The startup configuration is also written if system management-interface netconf auto-config-save is configured.

To use the commit operation, the user must belong to a NETCONF system security profile with commit enabled for the base-op-authorization.

<commit><comment>Comment entered 
over NETCONF.</comment></commit>

Yes

Optional.

Specifies a comment in the commit history.

<commit><confirmed/></commit>

Yes

Optional.

Can only be used with non-li configurations.

<commit>
<confirmed/>
<confirm-timeout/>
</commit>

Yes

Optional.

Can only be used with non-li configurations.

<commit>
<confirmed/>
<confirm-timeout/>
<persist/>
</commit>

Yes

Optional.

Can only be used with non-li configurations.

<commit>
<confirmed/>
<confirm-timeout/>
<persist/>
<persist-id/>
</commit>

Yes

Optional.

Can only be used with non-li configurations.

<commit>
  <configuration-region>...</
configuration-region>
</commit>

Yes

Optional.

Specify "li", "bof" or "configure".

Default, if not specified, is "configure".

Can only be used with the Nokia SR OS modules.

cancel-commit

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
  <cancel-commit/>
</rpc>

Yes

Can only be used with non-li configurations.

To use the cancel commit operation, the user must belong to a NETCONF system security profile with cancel-commit enabled for the base-op-authorization.

<cancel-commit>
<persist-id/></cancel-commit>

Yes

Optional.

When a <commit> <persist> is used, the value of a <cancel-commit> <persist-id> must be equal to the value used in the <commit> <persist>.

copy-config

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns:nc="urn:ietf:params:xml:ns:netconf:
base:1.0">
  <copy-config>
   <target/>
   <source/>
  </copy-config>
</rpc>
]]>]]>

Yes

The <copy-config> operation is supported for specific combinations of source and target datastores.

To use the copy-config operation, the user must belong to a NETCONF system security profile with copy-config enabled for the base-op-authorization.

When the specified <configuration-region> is "li", the <source><running/> to <target><startup/> becomes the only valid <copy-config> combination.

<target><running/></target>

No

The running datastore cannot be a <target> for a <copy-config>.

<target><candidate/></target>
<source><running/></source>

No

Use <discard-changes>.

<target><startup/></target>
<source><running/></source>

Yes

Equivalent to admin save.

An index file is also saved in classic management-interface configuration-mode if persist on is configured in the BOF.

<target><url/></target>
<source><running/></source>

Yes

Equivalent to admin save file-url.

An index file is also saved in classic management-interface configuration-mode if persist on is configured in the BOF.

<target><candidate/></target>
<source><startup/></source>

Yes

<target><url/></target>
<source><startup/></source>

Yes

Supported if both source and target are not remote URLs.

Only configuration changes are saved; for example, an index file is not saved in classic management-interface configuration-mode even if persist on is configured in the BOF.

<target><running/></target>
<source><startup/></source>

No

<target><startup/></target>
<source><candidate/></source>

Yes

<target><url/></target>
<source><candidate/></source>

Yes

<target><running/></target>
<source><candidate/></source

No

Use <commit> instead.

<target><running/></target>
<source><url/></source>

No

<target><candidate/></target>
<source><url/></source>

Yes

Supported in model-driven configuration mode only.

<target><startup/></target>
<source><url/></source>

Yes

Supported if both source and target are not remote URLs.

Only configuration changes are saved; for example, an index file is not saved in classic management-interface configuration-mode even if persist on is configured in the BOF.

<target><url/></target>
<source><url/></source>

Yes

Supported if both source and target are not remote URLs.

<target><config/></target>

No

<target><candidate/></target>
<source><config/></source>

Yes

<target><startup/></target>
<source><config/></source>

Yes

<target><url/></target>
<source><config/></source>

Yes

<target>
  <configuration-region>...</
configuration-region>
</target>

Yes

Optional.

Specify "li", "bof" or "configure".

Default, if not specified, is "configure”.

Can only be used with the Nokia SR OS modules.

Not supported in mixed mode.

<source>
  <configuration-region>...</
configuration-region>
</source>

Yes

Optional.

Specify "li", "bof" or "configure".

Default, if not specified, is "configure".

Can only be used with the Nokia SR OS modules.

Not supported in mixed mode.

kill-session

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
  <kill-session>
   <session-id/>
  </kill-session>
</rpc>
]]>]]>

Yes

A NETCONF session cannot kill itself.

A NETCONF session cannot kill a non-NETCONF session.

When a session is killed, any operations pending in that session are discarded. Any locks held by that session are released.

Only a NETCONF user that belongs to a profile with base-op-authorization/kill-session enabled, can kill a NETCONF session.

lock

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
 <lock>
  <target/>
 </lock>
</rpc>
]]>]]>

Yes

Only a NETCONF user that belongs to a profile with base-op-authorization/lock enabled, can lock a datastore.

<target><candidate/></target>

Yes

Locking the <candidate> datastore implicitly locks both the <running> and <candidate> datastores.

<target><running/></target>

Yes

Locking the <running> datastore locks both the <running> and <candidate> datastores.

<target><startup/></target>

No

<target><url/></target>

No

<target>
  <configuration-region>...</
configuration-region>
</target>

Yes

Optional.

Specify "li", "bof" or "configure".

Default, if not specified, is "configure".

Can only be used with the Nokia SR OS modules.

unlock

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
 <unlock>
  <target/>
 </unlock>
</rpc>
]]>]]>

Yes

Only a NETCONF user that belongs to a profile with base-op-authorization/lock enabled, can unlock a datastore.

A datastore lock is unlocked when:
  • using <unlock>

  • disconnecting a NETCONF session (from CLI using the admin disconnect command, by using Ctrl-c, by performing <kill-session>, or by performing <close-session>)

Upon unlocking/disconnecting a NETCONF session that had acquired a datastore lock, SR OS:
  • releases the lock

  • discards any ‟uncommitted” changes

<target><candidate/></target>

Yes

<target><running/></target>

Yes

<target><startup/></target>

No

<target><url/></target>

No

<target>
  <configuration-region>...</
configuration-region>
</target>

Yes

Optional.

Specify "li", "bof" or "configure".

Default, if not specified, is "configure".

Can only be used with the Nokia SR OS modules.

validate

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns:nc="urn:ietf:params:xml:ns:netconf:
base:1.0">
  <validate>
   <source/>
  </validate>
</rpc>
]]>]]>

Yes

XML content layer only.

Only syntax validation is performed.

If more than one error exists, SR OS returns multiple errors.

No semantic validation is performed.

To use the validate operation, the user must belong to a NETCONF system security profile with validate enabled for the base-op-authorization.

<source><candidate/></source>

Yes

<source><running/></source>

Yes

<source><startup/></source>

No

<source><url/></source>

No

<source><config/></source>

No

<source> <configuration-region>...</
configuration-region></source>

Yes

Optional.

Specify "li", "bof" or "configure".

Default, if not specified, is "configure".

Can only be used with the Nokia SR OS modules.

delete-config

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns:nc="urn:ietf:params:xml:ns:netconf:
base:1.0">
  <delete-config>
   <target/>
  </delete-config>
</rpc>
]]>]]>

Yes

To use the delete-config operation, the user must belong to a NETCONF system security profile with delete-config enabled for the base-op-authorization.

<target><startup/></target>

Yes

<target><url/></target>

Yes

<target><running/></target>

No

<target><candidate/></target>

No

discard-changes

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns:nc="urn:ietf:params:xml:ns:netconf:
base:1.0">
  <discard-changes/>
</rpc>
]]>]]>

Yes

To use the discard-changes operation, the user must belong to a NETCONF system security profile with discard-changes enabled for the base-op-authorization.

<discard-changes>
  <configuration-region>...</
configuration-region>
</discard-changes>

Yes

Optional.

Specify "li", "bof" or "configure".

Default, if not specified, is "configure".

Can only be used with the Nokia SR OS modules.

create-subscription

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns:nc="urn:ietf:params:xml:ns:netconf:
base:1.0">
  <create-subscription/>
</rpc>
]]>]]>

Yes

To use the create-subscription operation, the user must belong to a NETCONF system security profile with create-subscription enabled for the base-op-authorization.

The configuration of base-op-authorization create-subscription is not pre-emptive, which means it is checked only at the time of the initial subscription. Configuration changes to the base-op-authorization do not cancel any in-progress subscriptions and operators who successfully subscribed continue to receive messages.

<create-subscription><stream/></create-
subscription>

Yes

Optional

<create-subscription><startTime/></
create-subscription>

Yes

Optional

<create-subscription><stopTime/></
create-subscription>

Yes

Optional

<create-subscription><filter/></create-
subscription>

No

Optional

get-schema

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
<get-schema
xmlns="urn:ietf:params:xml:ns:yang:ietfnetconf-
monitoring">
  </get-schema>
</rpc>
]]>]]>

Yes

To use the get-schema operation, the user must belong to a NETCONF system security profile with get-schema enabled for the base-op-authorization.

<get-schema><identifier/></get-
schema>

Yes

Mandatory

<get-schema><version/></get-schema>

Yes

Optional

<get-schema><format/></get-schema>

Yes

Optional

get-data

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:ba
se:1.0">
<get-data>
 </get-data>
 </rpc>
]]>]]>

Yes

To use the get-data operation, the user must belong to a NETCONF system security profile with get-data enabled for the base-op-authorization.

<get-data><datastore/></get-data>

Yes

Mandatory.

The ‟startup” cannot be used.

<get-data><subtree-filter/></get-data>

Yes

Optional

<get-data><max-depth/></get-data>

Yes

Optional

<get-data><config-filter/></get-data>

No

Optional

<get-data><origin-filters/></get-data>

No

Optional

<get-data><with-origin/></get-data>

No

Optional

<get-data><with-defaults/></get-data>

Yes

Optional

<get-data><xpath-filter/></get-data>

No

Optional

<get-data>
<configuration-region>
</configuration-region>
</get-data>

Yes

Optional.

Default if not specified is "configure".

Can be "li" or "configure".

Can only be used with the Nokia SR OS modules.

action

(3)

1 Optional capabilities defined in RFC 6241 are supported.
2 YANG 1.1 defines an <action> element. See section Individually modeled YANG-based operations for details of SR OS support of actions.
3 YANG 1.1 defines an <action> element. See section Individually modeled YANG-based operations for details of SR OS support for actions.