Search code examples
pythoncisco-iosietf-netconf

Python Yang on Cisco Routers

I have a Cisco CSR Router with Cisco XE installed.

I want to display the YANG capabilities of my router.

My code is as follows:

main.py

from ncclient import manager
import xml.etree.ElementTree as ET

router = {
    "host": "10.0.0.1",
    "port": "830",
    "username": "admin",
    "password": "******",
}

with manager.connect(
    host=router["host"],
    port=router["port"],
    username=router["username"],
    password=router["password"],
    hostkey_verify=False,
    allow_agent=False,
    look_for_keys=False,
) as m:
    ip_schema = m.get_schema("ietf-ip")
    root = ET.fromstring(ip_schema.xml)
    yang_tree = list(root)[0].text
    f = open("ietf-ip.yang", "w")
    f.write(yang_tree)
    f.close()

Also, please find my show run on the router:

MyRouter#show run
Building configuration...

Current configuration : 1725 bytes
!
! Last configuration change at 10:17:15 UTC March Oct 6 2021
!
version 16.8
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
platform console serial
!
hostname MyRouter
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$tK3F$2WEFfM8JZcyP7YPgzRZbH1
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
!
!
!
!
!
!
!
ip domain name myrouter.com
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
!
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
license udi pid CSR1000V sn 96YNK5Y0HUS
no license smart enable
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
netconf-yang
!
!
username admin privilege 15 secret 5 $1$h/2L$vvzIggHKLFlS1KJlYOqkA1
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet1
ip address 10.0.0.1 255.255.255.0
ip nat outside
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet2
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet3
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet4
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.0.0.3
!
ip ssh version 2
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
line con 0
stopbits 1
line vty 0 4
transport input ssh
!
netconf ssh
wsma agent exec
!
wsma agent config
!
wsma agent filesys
!
wsma agent notify
!
!
end

When i run the code, it gives an error `ncclient.transport.errors.SSHError: Could not open socket to 10.0.0.1:830

Any idea what might be causing that?

Solution

  • First you need to determine if netconf has been enabled on your router.

    You can do so by just issue an SSH command telnet 10.0.0.1 830 from your machine.

    If the telnet connects successfully, then it means that you lack SSH modules in python.

    You can fix this by installing Paramiko using the command pip install paramiko

    If the telnet fails, then just enable netconf on your Cisco Router with the command netconf-yang and try again.