OcNOS-RON : OpenConfig Command Reference : LDP Openconfig Translation
LDP Openconfig Translation
Release
This configuration was introduced in OcNOS version 4.2.
OpenConfig NetConf Payload
<network-instances xmlns="http://openconfig.net/yang/network-instance">
<network-instance>
<name>default</name>
<mpls>
<signaling-protocols>
<ldp>
<global>
<config>
<lsr-id>1.1.1.1</lsr-id>
</config>
<graceful-restart>
<config>
<helper-enable>true</helper-enable>
<reconnect-time>120</reconnect-time>
<recovery-time>120</recovery-time>
</config>
</graceful-restart>
<authentication>
<config>
<authentication-key>IPInfusion</authentication-key>
</config>
</authentication>
</global>
<interface-attributes>
<config>
<hello-interval>20</hello-interval>
<hello-holdtime>60</hello-holdtime>
</config>
<interfaces>
<interface>
<interface-id>xe1</interface-id>
<config>
<interface-id>xe1</interface-id>
<hello-interval>21845</hello-interval>
<hello-holdtime>65535</hello-holdtime>
</config>
<interface-ref>
<config>
<interface>xe1</interface>
</config>
</interface-ref>
<address-families>
<address-family>
<afi-name>IPV4</afi-name>
<config>
<afi-name>IPV4</afi-name>
<enabled>true</enabled>
</config>
</address-family>
</address-families>
</interface>
<interface>
<interface-id>xe2.1</interface-id>
<config>
<interface-id>xe2.1</interface-id>
<hello-interval>1</hello-interval>
<hello-holdtime>3</hello-holdtime>
</config>
<interface-ref>
<config>
<interface>xe2</interface>
<subinterface>1</subinterface>
</config>
</interface-ref>
<address-families>
<address-family>
<afi-name>IPV4</afi-name>
<config>
<afi-name>IPV4</afi-name>
<enabled>true</enabled>
</config>
</address-family>
</address-families>
</interface>
</interfaces>
</interface-attributes>
<targeted>
<address-families>
<address-family>
<afi-name>IPV4</afi-name>
<targets>
<target>
<remote-address>10.10.10.2</remote-address>
<config>
<local-address>1.1.1.1</local-address>
<remote-address>10.10.10.2</remote-address>
</config>
</target>
<target>
<remote-address>2.2.2.2</remote-address>
<config>
<remote-address>2.2.2.2</remote-address>
</config>
</target>
<target>
<remote-address>20.20.20.2</remote-address>
<config>
<remote-address>20.20.20.2</remote-address>
</config>
</target>
<target>
<remote-address>3.3.3.3</remote-address>
<config>
<remote-address>3.3.3.3</remote-address>
</config>
</target>
</targets>
<config>
<afi-name>IPV4</afi-name>
</config>
</address-family>
</address-families>
<config>
<hello-interval>21845</hello-interval>
<hello-holdtime>65535</hello-holdtime>
</config>
</targeted>
<neighbors>
<neighbor>
<lsr-id>7.7.7.7</lsr-id>
<label-space-id>0</label-space-id>
<authentication>
<config>
<authentication-key>VenkoNetworks</authentication-key>
</config>
</authentication>
<config>
<lsr-id>7.7.7.7</lsr-id>
<label-space-id>0</label-space-id>
</config>
</neighbor>
<neighbor>
<lsr-id>9.9.9.9</lsr-id>
<label-space-id>0</label-space-id>
<authentication>
<config>
<authentication-key>IPIVenko</authentication-key>
</config>
</authentication>
<config>
<lsr-id>9.9.9.9</lsr-id>
<label-space-id>0</label-space-id>
</config>
</neighbor>
</neighbors>
</ldp>
</signaling-protocols>
</mpls>
</network-instance>
</network-instances>
OcNOS CLI Command
!
router ldp
router-id 1.1.1.1
graceful-restart helper-only
graceful-restart timers neighbor-liveness 120
graceful-restart timers max-recovery 120
targeted-peer ipv4 2.2.2.2
exit-targeted-peer-mode
targeted-peer ipv4 3.3.3.3
exit-targeted-peer-mode
targeted-peer ipv4 10.10.10.2
exit-targeted-peer-mode
targeted-peer ipv4 20.20.20.2
exit-targeted-peer-mode
transport-address ipv4 1.1.1.1
neighbor all auth md5 password plain-text IPInfusion
neighbor 7.7.7.7 auth md5 password plain-text VenkoNetworks
neighbor 9.9.9.9 auth md5 password plain-text IPIVenko
hold-time 60
hello-interval 20
targeted-peer-hold-time 65535
targeted-peer-hello-interval 21845
!
interface xe1
enable-ldp ipv4
ldp hold-time 65535
ldp hello-interval 21845
!
interface xe2.1
enable-ldp ipv4
ldp hold-time 3
ldp hello-interval 1
!
OcNOS NetConf Payload
<ldp xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ldp">
<global>
<config>
<ldp-instance>ldp</ldp-instance>
<router-identifier>1.1.1.1</router-identifier>
</config>
<timers>
<config>
<hello-interval>20</hello-interval>
<hello-holdtime>60</hello-holdtime>
</config>
</timers>
</global>
<graceful-restart>
<config>
<enable>helper-only</enable>
<neighbor-liveness-time>120</neighbor-liveness-time>
<max-recovery-time>120</max-recovery-time>
</config>
</graceful-restart>
<transport-addresses>
<transport-address>
<label-space-identifier>0</label-space-identifier>
<config>
<label-space-identifier>0</label-space-identifier>
<transport-address-ipv4>1.1.1.1</transport-address-ipv4>
</config>
</transport-address>
</transport-addresses>
<peer-authentication>
<peer-authentication-lists>
<peer-authentication-list>
<peer-address>all</peer-address>
<config>
<peer-address>all</peer-address>
<password-type>plain-text</password-type>
<password>IPInfusion</password>
</config>
</peer-authentication-list>
<peer-authentication-list>
<peer-address>7.7.7.7</peer-address>
<config>
<peer-address>7.7.7.7</peer-address>
<password-type>plain-text</password-type>
<password>VenkoNetworks</password>
</config>
</peer-authentication-list>
<peer-authentication-list>
<peer-address>9.9.9.9</peer-address>
<config>
<peer-address>9.9.9.9</peer-address>
<password-type>plain-text</password-type>
<password>IPIVenko</password>
</config>
</peer-authentication-list>
</peer-authentication-lists>
</peer-authentication>
<interfaces>
<interface>
<name>xe1</name>
<config>
<name>xe1</name>
<enable-ldp-ipv4></enable-ldp-ipv4>
</config>
<hello-timers>
<config>
<hello-interval>21845</hello-interval>
<hello-holdtime>65535</hello-holdtime>
</config>
</hello-timers>
</interface>
<interface>
<name>xe2.1</name>
<config>
<name>xe2.1</name>
<enable-ldp-ipv4></enable-ldp-ipv4>
</config>
<hello-timers>
<config>
<hello-interval>1</hello-interval>
<hello-holdtime>3</hello-holdtime>
</config>
</hello-timers>
</interface>
</interfaces>
<targeted-peers>
<global-timers>
<config>
<targeted-global-hello-interval>21845</targeted-global-hello-interval>
<targeted-global-hello-holdtime>65535</targeted-global-hello-holdtime>
</config>
</global-timers>
<targeted-peer>
<target-address>10.10.10.2</target-address>
<config>
<target-address>10.10.10.2</target-address>
</config>
</targeted-peer>
<targeted-peer>
<target-address>2.2.2.2</target-address>
<config>
<target-address>2.2.2.2</target-address>
</config>
</targeted-peer>
<targeted-peer>
<target-address>20.20.20.2</target-address>
<config>
<target-address>20.20.20.2</target-address>
</config>
</targeted-peer>
<targeted-peer>
<target-address>3.3.3.3</target-address>
<config>
<target-address>3.3.3.3</target-address>
</config>
</targeted-peer>
</targeted-peers>
</ldp>
Validation with NetConf get
<network-instances xmlns="http://openconfig.net/yang/network-instance">
<network-instance>
<name>default</name>
<mpls>
<signaling-protocols>
<ldp>
<global>
<config>
<lsr-id>1.1.1.1</lsr-id>
</config>
<state>
<lsr-id>1.1.1.1</lsr-id>
</state>
<graceful-restart>
<config>
<helper-enable>true</helper-enable>
<reconnect-time>120</reconnect-time>
<recovery-time>120</recovery-time>
</config>
<state>
<helper-enable>true</helper-enable>
<reconnect-time>120</reconnect-time>
<recovery-time>120</recovery-time>
</state>
</graceful-restart>
<authentication>
<config>
<authentication-key>IPInfusion</authentication-key>
</config>
<state>
<authentication-key>IPInfusion</authentication-key>
</state>
</authentication>
</global>
<interface-attributes>
<config>
<hello-interval>20</hello-interval>
<hello-holdtime>60</hello-holdtime>
</config>
<state>
<hello-interval>20</hello-interval>
<hello-holdtime>60</hello-holdtime>
</state>
<interfaces>
<interface>
<interface-id>xe1</interface-id>
<config>
<interface-id>xe1</interface-id>
<hello-interval>21845</hello-interval>
<hello-holdtime>65535</hello-holdtime>
</config>
<interface-ref>
<config>
<interface>xe1</interface>
</config>
<state>
<interface>xe1</interface>
</state>
</interface-ref>
<address-families>
<address-family>
<afi-name>IPV4</afi-name>
<config>
<afi-name>IPV4</afi-name>
<enabled>true</enabled>
</config>
<state>
<afi-name>IPV4</afi-name>
<enabled>true</enabled>
</state>
</address-family>
</address-families>
<state>
<interface-id>xe1</interface-id>
<hello-interval>21845</hello-interval>
<hello-holdtime>65535</hello-holdtime>
</state>
</interface>
<interface>
<interface-id>xe2.1</interface-id>
<config>
<interface-id>xe2.1</interface-id>
<hello-interval>1</hello-interval>
<hello-holdtime>3</hello-holdtime>
</config>
<interface-ref>
<config>
<interface>xe2</interface>
<subinterface>1</subinterface>
</config>
<state>
<interface>xe2</interface>
<subinterface>1</subinterface>
</state>
</interface-ref>
<address-families>
<address-family>
<afi-name>IPV4</afi-name>
<config>
<afi-name>IPV4</afi-name>
<enabled>true</enabled>
</config>
<state>
<afi-name>IPV4</afi-name>
<enabled>true</enabled>
</state>
</address-family>
</address-families>
<state>
<interface-id>xe2.1</interface-id>
<hello-interval>1</hello-interval>
<hello-holdtime>3</hello-holdtime>
</state>
</interface>
</interfaces>
</interface-attributes>
<targeted>
<address-families>
<address-family>
<afi-name>IPV4</afi-name>
<targets>
<target>
<remote-address>10.10.10.2</remote-address>
<config>
<local-address>1.1.1.1</local-address>
<remote-address>10.10.10.2</remote-address>
</config>
<state>
<local-address>1.1.1.1</local-address>
<remote-address>10.10.10.2</remote-address>
</state>
</target>
<target>
<remote-address>2.2.2.2</remote-address>
<config>
<remote-address>2.2.2.2</remote-address>
</config>
<state>
<remote-address>2.2.2.2</remote-address>
</state>
</target>
<target>
<remote-address>20.20.20.2</remote-address>
<config>
<remote-address>20.20.20.2</remote-address>
</config>
<state>
<remote-address>20.20.20.2</remote-address>
</state>
</target>
<target>
<remote-address>3.3.3.3</remote-address>
<config>
<remote-address>3.3.3.3</remote-address>
</config>
<state>
<remote-address>3.3.3.3</remote-address>
</state>
</target>
</targets>
<config>
<afi-name>IPV4</afi-name>
</config>
<state>
<afi-name>IPV4</afi-name>
</state>
</address-family>
</address-families>
<config>
<hello-interval>21845</hello-interval>
<hello-holdtime>65535</hello-holdtime>
</config>
<state>
<hello-interval>21845</hello-interval>
<hello-holdtime>65535</hello-holdtime>
</state>
</targeted>
<neighbors>
<neighbor>
<lsr-id>7.7.7.7</lsr-id>
<label-space-id>0</label-space-id>
<authentication>
<config>
<authentication-key>VenkoNetworks</authentication-key>
</config>
<state>
<authentication-key>VenkoNetworks</authentication-key>
</state>
</authentication>
<config>
<lsr-id>7.7.7.7</lsr-id>
<label-space-id>0</label-space-id>
</config>
<state>
<lsr-id>7.7.7.7</lsr-id>
<label-space-id>0</label-space-id>
</state>
</neighbor>
<neighbor>
<lsr-id>9.9.9.9</lsr-id>
<label-space-id>0</label-space-id>
<authentication>
<config>
<authentication-key>IPIVenko</authentication-key>
</config>
<state>
<authentication-key>IPIVenko</authentication-key>
</state>
</authentication>
<config>
<lsr-id>9.9.9.9</lsr-id>
<label-space-id>0</label-space-id>
</config>
<state>
<lsr-id>9.9.9.9</lsr-id>
<label-space-id>0</label-space-id>
</state>
</neighbor>
</neighbors>
</ldp>
</signaling-protocols>
</mpls>
</network-instance>
</network-instances>
Authentication
Over NETCONF edit-config with OpenConfig namespace it does not matter if authentication-key is encrypted or not, the password will be encrypted, but not double encrypted, and stored as such. The NETCONF get will return the attribute value also encrypted.
Over CLI if auth md5 password is encrypted the password will be stored as such. The NETCONF get, both IPI namespace and Openconfig, will return the attribute value also encrypted.
Over CLI if auth md5 password is plain text the password will be stored as such. The NETCONF get, both IPI namespace and Openconfig, will return the attribute value also as plain text.
OpenConfig NETCONF Payload
<network-instances xmlns="http://openconfig.net/yang/network-instance">
<network-instance>
<name>default</name>
<mpls>
<signaling-protocols>
<ldp>
<config xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-oc-ni-augments">
<enabled>true</enabled>
</config>
<global>
<authentication>
<config>
<authentication-key>0xc30ffb584ad45ddd</authentication-key>
</config>
</authentication>
</global>
</ldp>
</signaling-protocols>
</mpls>
</network-instance>
</network-instances>
OcNOS NETCONF Payload
<ldp xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ldp">
<global>
<config>
<ldp-instance>ldp</ldp-instance>
</config>
</global>
<peer-authentication>
<peer-authentication-lists>
<peer-authentication-list>
<peer-address>all</peer-address>
<config>
<peer-address>all</peer-address>
<password-type>encrypt</password-type>
<password>0xc30ffb584ad45ddd</password>
</config>
</peer-authentication-list>
</peer-authentication-lists>
</peer-authentication>
</ldp>
OcNOS CLI Command
router ldp
neighbor all auth md5 password encrypt 0xc30ffb584ad45ddd
OpenConfig NETCONF get Validation
<network-instances xmlns="http://openconfig.net/yang/network-instance">
<network-instance>
<name>default</name>
<mpls>
<signaling-protocols>
<ldp>
<config xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-oc-ni-augments">
<enabled>true</enabled>
</config>
<global>
<authentication>
<config>
<authentication-key>0xc30ffb584ad45ddd</authentication-key>
</config>
</authentication>
</global>
</ldp>
</signaling-protocols>
</mpls>
</network-instance>
</network-instances>
Ocnos NETCONF get Validation
<ldp xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-ldp">
<global>
<config>
<ldp-instance>ldp</ldp-instance>
</config>
</global>
<peer-authentication>
<peer-authentication-lists>
<peer-authentication-list>
<peer-address>all</peer-address>
<config>
<peer-address>all</peer-address>
<password-type>encrypt</password-type>
<password>0xc30ffb584ad45ddd</password>
</config>
</peer-authentication-list>
</peer-authentication-lists>
</peer-authentication>
</ldp>
Restrictions
The label-space-id leaf is hardcoded to 0.
The local-address leaf inside neighbor container is hardcoded to 0.0.0. for now.
Only IPv4 address family CLIs are supported as of now.