Clixon-backend lacks rfc 6242 <hello> protocol

Question

Clixon-backend lacks rfc 6242 <hello> protocol

Opened this issue 10 months ago · 2 comments

Clixon-backend only listens for NETCONF 1.1 chunked messages. When trying to connect via netconf application such as ncclient the connection is never established because of the lack of proper exchange of capability's aka <hello>.

Example using ncclient to connect to clixon-backend using unix_socket:

ncclient:

>>> from ncclient import manager
>>> clixonTest = manager.connect_UnixSocket('/usr/local/var/run/controller.sock')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/spiffi/clixon-sommar-2024/ncclient_fork/ncclient/ncclient/manager.py", line 171, in connect_UnixSocket
    session.connect(*args, **kwargs)
  File "/home/spiffi/clixon-sommar-2024/ncclient_fork/ncclient/ncclient/transport/unixSocket.py", line 63, in connect
    self._post_connect()
  File "/home/spiffi/clixon-sommar-2024/ncclient_fork/ncclient/ncclient/transport/session.py", line 127, in _post_connect
    raise error[0]
  File "/home/spiffi/clixon-sommar-2024/ncclient_fork/ncclient/ncclient/transport/session.py", line 251, in run
    raise SessionCloseError(self._buffer.getvalue())
ncclient.transport.errors.SessionCloseError: Unexpected session close

clixon-backend in D3 mode:

Jun 17 09:26:50.399365: netconf_input_chunked_framing: 2255: Netconf error: NETCONF framing error chunk-start: expected \n but received < (state:0)
Jun 17 09:26:50.399381: clixon_msg_rcv11:600: Recv [1]: EOF

proper framing protocol: https://datatracker.ietf.org/doc/html/rfc6242#section-4.1

Answer 1 · 2024-06-17T09:34:00.000Z

This is the internal NETCONF protocol . The external NETCONF interface supports this.
The internal protocol was updated from a proprietary framing in 7.0
There is an outdated description here: https://clixon-docs.readthedocs.io/en/latest/netconf.html#internal-netconf
Related to #530

Answer 2 · 2024-06-25T12:56:21.000Z

Further note even when I force ncclient to run on netconf base 1.1, the clixon-backend still fails to send it's server side capabilities to the client and only sends session-id.

ncclient debug log:

DEBUG:ncclient.transport.unix:[session 0x73730ded4a90] starting main loop
DEBUG:ncclient.transport.unix:[session 0x73730ded4a90] selector type = EpollSelector
DEBUG:ncclient.transport.unix:[session 0x73730ded4a90] Sending message
INFO:ncclient.transport.unix:[session 0x73730ded4a90] Sending:
b'\n#1189\n<?xml version="1.0" encoding="UTF-8"?><nc:hello xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><nc:capabilities><nc:capability>urn:ietf:params:netconf:base:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:base:1.1</nc:capability><nc:capability>urn:ietf:params:netconf:capability:writable-running:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:candidate:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:confirmed-commit:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:startup:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file,https,sftp</nc:capability><nc:capability>urn:ietf:params:netconf:capability:validate:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:xpath:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:notification:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:interleave:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:with-defaults:1.0</nc:capability></nc:capabilities></nc:hello>\n##\n'
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: starting
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: working with buffer of 98 bytes
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: matching from 0 bytes from start of buffer
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: regular expression start=0, end=5
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: found chunk delimiter
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: chunk size 89 bytes
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: appending 89 bytes
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: fragment = "<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><session-id>1</session-id></hello>"
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: matching from 94 bytes from start of buffer
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: regular expression start=0, end=4
DEBUG:ncclient.transport.parser:[session 0x73730ded4a90] _parse11: found end of message delimiter
INFO:ncclient.transport.unix:[session 0x73730ded4a90] Received message from host
DEBUG:ncclient.transport.unix:[session 0x73730ded4a90] Received:
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><session-id>1</session-id></hello>

clixon-backen:

Jun 25 13:21:02.441743: clixon_msg_rcv11:606: Recv [1]: <?xml version="1.0" encoding="UTF-8"?><nc:hello xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><nc:capabilities><nc:capability>urn:ietf:params:netconf:base:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:base:1.1</nc:capability><nc:capability>urn:ietf:params:netconf:capability:writable-running:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:candidate:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:confirmed-commit:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:startup:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file,https,sftp</nc:capability><nc:capability>urn:ietf:params:netconf:capability:validate:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:xpath:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:notification:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:interleave:1.0</nc:capability><nc:capability>urn:ietf:params:netconf:capability:with-defaults:1.0</nc:capability></nc:capabilities></nc:hello>
Jun 25 13:21:02.441828: clixon_msg_send:358: Send [1]: 
#89
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><session-id>1</session-id></hello>