doujinge9648 2015-11-27 15:10
浏览 198
已采纳

使用PHP NETCONF配置Juniper路由器

I'm using the PHP library for NETCONF: https://github.com/Juniper/netconf-php . So far I have managed to get the configuration parts I need for my scripts, but the recent challenge remains loading new configurations into the router. The logs on my router:

Nov 27 14:34:48  router.nl sshd[78164]: subsystem request for netconf by user user
Nov 27 14:34:48  router.nl mgd[78168]: UI_CMDLINE_READ_LINE: User 'x', command 'xml-mode netconf need-trailer '
Nov 27 14:34:48  router.nl file[78167]: UI_LOGIN_EVENT: User 'x' login, class 'j-super-user' [78167], ssh-connection 'x.x.x.x 46796 x.x.x.x 22', client-mode 'netconf'
Nov 27 14:34:48  router.nl file[78167]: UI_NETCONF_CMD: User 'x' used NETCONF client to run command 'lock cannot reconstruct arguments'
Nov 27 14:34:48  router.nl file[78167]: UI_NETCONF_CMD: User 'x' used NETCONF client to run command 'edit-config cannot reconstruct arguments default-operation=merge cannot reconstruct arguments'
Nov 27 14:34:48  router.nl file[78167]: UI_NETCONF_CMD: User 'x' used NETCONF client to run command 'unlock cannot reconstruct arguments'
Nov 27 14:34:48  router.nl file[78167]: UI_NETCONF_CMD: User 'x' used NETCONF client to run command 'close-session'

It keeps complaining about not being able to reconstruct arguments. This is the script I'm trying to get working:

require_once '../app/include/netconf/Device.php';

$deviceParams = [
    'hostname'  => 'x.x.x.x',
    'username'  => 'x',
    'password'  => 'password',
    'port'      => 22
    ];

$this->device = new Device($deviceParams);
$this->connectRouter();

$islocked = $this->device->lock_config();

$command = '<system><services><ftp/></services></system>';

if($islocked) {              
    $this->device->load_xml_configuration($command, 'merge');
}

$this->device->unlock_config();

$this->device->close();

I've set up traceoqptions under the netconf { ssh { tree and this is one of the outputs (everything seems ok):

Nov 30 10:41:57 [86546] Incoming:
<rpc><edit-config><target><candidate/></target><default-operation>merge</default-operation><config><configuration><system><services><ftp></ftp></services></system></configuration></config></edit-config></rpc>]]>]]>


Nov 30 10:41:57 [86546] Outgoing: <rpc-reply     xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:junos="http://xml.juniper.net/junos/12.3R8/junos">
Nov 30 10:41:57 [86546] Outgoing: <ok/>
Nov 30 10:41:57 [86546] Outgoing: </rpc-reply>
Nov 30 10:41:57 [86546] Outgoing: ]]>]]>
Nov 30 10:41:57 [86546] Incoming: <rpc><close-session/></rpc>]]>]]>
  • 写回答

2条回答 默认 最新

  • dpi9530 2015-11-30 12:24
    关注

    The first logs I have shown in my OP do not say anything but telling me that something went wrong. The traceoptions however, did tell me important information after I tried locking/unlocking the configuration:

    Nov 30 12:06:43 [86767] Outgoing: <rpc-error>
Nov 30 12:06:43 [86767] Outgoing: <error-type>protocol</error-type>
Nov 30 12:06:43 [86767] Outgoing: <error-tag>operation-failed</error-tag>
Nov 30 12:06:43 [86767] Outgoing: <error-severity>error</error-severity>
Nov 30 12:06:43 [86767] Outgoing: <error-message>
Nov 30 12:06:43 [86767] Outgoing: configuration database modified
Nov 30 12:06:43 [86767] Outgoing: </error-message>
Nov 30 12:06:43 [86767] Outgoing: </rpc-error>
Nov 30 12:06:43 [86767] Outgoing: </rpc-reply>
Nov 30 12:06:43 [86767] Outgoing: ]]>]]>

    A quick search on 'configuration database modified' implies that there were still some uncommitted changes ( http://www.juniper.net/documentation/en_US/junos13.3/topics/topic-map/junos-script-automation-service-template-automation.html , bottom page ):

    Problem

You see the following message when creating, updating, or deleting a service on a device through a NETCONF session:

<output>
    configuration database modified
</output>

The configuration has previously uncommitted changes, and the service script cannot commit the service configuration changes.

    Simply typing 'commit' in the configuration mode made the error go away. I hope I have helped / will help others in the future.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
  • dongpouda6700 2016-07-14 15:03
    关注

    Not sure about netconf in PHP (still diving in) but in Python you should always preferably use 'configure private':

    junos_dev.open()
with Config(junos_dev, mode='private') as cu:
  cu.load(some_string, format='set')
  #print cu.diff()
  cu.commit()
junos_dev.close()

    And now I also found relevant function here: /** *This method should be called for load operations to happen in 'private' mode. *@param mode * Mode in which to open the configuration. * Permissible mode(s) : "private" */ public function open_configuration($mode)

    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 求苹果推信imessage批量推信技术
  • ¥15 ubuntu 22.04 系统盘空间不足。隐藏的docker空间占用?(相关搜索:移动硬盘|管理系统)
  • ¥15 利用加权最小二乘法求亚马逊各类商品的价格指标?怎么求?
  • ¥15 c++ word自动化,为什么可用接口是空的?
  • ¥15 Matlab计算100000*100000的矩阵运算问题:
  • ¥50 VB6.0如何识别粘连的不规则的数字图片验证码
  • ¥16 需要完整的这份订单所有的代码,可以加钱
  • ¥15 Stata数据分析请教
  • ¥15 请教如何为VS2022搭建 Debug|win32的openCV环境?
  • ¥15 关于#c++#的问题:c++如何使用websocketpp实现websocket接口调用,求示例代码和相关资料