# [DevNet Associate Model-Driven Programmability - NETCONF](https://learningnetwork.cisco.com/s/devnet-associate-exam-topics)
## Exam Topics:
### 3.8 Apply concepts of model driven programmability (YANG, RESTCONF, and NETCONF) in a Cisco environment
### 5.1 Describe the value of model driven programmability for infrastructure automation
### 5.10 Interpret the results of a RESTCONF or NETCONF query
### 5.11 Interpret basic YANG models

---

### Tasks:
1. Lab Environment Overview.
2. Explore YANG Models with [**YANG Suite**](https://developer.cisco.com/yangsuite/).
3. Interact with IOS-XE YANG Modules Using Python [**ncclient**](https://developer.cisco.com/codeexchange/github/repo/ncclient/ncclient/).

---

### Task 1 - Lab Environment Overview
The Programmability Foundations Lab has two CSR1000v devices which run IOS-XE 16.2(2s). Access information for these devices is as follows:
1. **Router 1 (R1)** - r1.lab.local (192.168.2.161)
2. **Router 2 (R2)** - r2.lab.local (192.168.2.162)
3. **Username** - wwt
4. **Password** - WWTwwt1!
 
 
The [Programmability Foundations Lab Guide](https://labs.wwtatc.com/lab-guides/programmability_foundations_lab/index.html) has complete lab topology information.

#### Task 1a - Connect to R1 & R2
1. Click the **MTPuTTY** icon in the taskbar.
2. Expand the **PuTTY Sessions** folder.
3. Double-click on each **r1.lab.local** and **r2.lab.local** to establish SSH sessions.
4. When prompted, log on to both routers.

![1_mtputty.png](_images/1_mtputty.png)

#### Task 1b - Disable Session Timeout on R2
SSH sessions to **R1** have no time limit although SSH sessions to **R2** expire after 10 minutes of inactivity.

##### Enter the following CLI commands on **R2** to disable VTY session timeout:
```
configure terminal
!
line vty 0 15
 exec-timeout 0
 end
wr mem
```

#### Task 1c - Review R1 NETCONF Configuration

##### Enter the following CLI command to review information about the NETCONF configuration on **R1**:
```
show run | include netconf
```

* The result of this command shows the single IOS-XE configuration line **netconf-yang** which enables NETCONF on the device.
* The command **no netconf-yang**, in global configuration mode (configure terminal) will disable NETCONF, platform-wide.

##### Next, enter the following commands on **R1**:
```
show netconf-yang datastores
show netconf-yang status
```

The results of these commands show that:
* The NETCONF **running** datastore is available.
* NETCONF is enabled on the default port, 830.
* The NETCONF **candidate** datastore is disabled.

##### Finally, enter the following command on **R1**:
```
show netconf schema
```

This command displays the NETCONF XML RPC schema for the device which allows you to view a hierarchical representation of the available NETCONF RPCs and their paramaters.

#### Task 1d - Review R2 NETCONF Configuration

##### Enter the following CLI command to review information about the NETCONF configuration on **R1**:
```
show run | include netconf
```

* The result of this command shows a line of configuration that is not in the R1 config:

**netconf-yang feature candidate-datastore**.

* As the syntax implies, this command enables the NETCONF **candidate** datastore.

##### Enter the following commands to review the status of the NETCONF **candidate** datastore:
```
show netconf-yang datastores
show netconf-yang status
```

The results of these commands show that:
* The NETCONF **running** and **candidate** datastores are available.
* NETCONF is enabled on the default port, 830.
* The NETCONF **candidate** datastore is enabled.
---

### Task 2 - Explore YANG Models With YANG Suite
YANG Suite allows you to:
* Explore the YANG models of compatible devices.
* Create NETCONF payloads and filters.
* Send and receive NETCONF RPCs.

#### Task 2a - Log on to YANG Suite

* The lab setup process opens a Chrome browser tab for YANG Suite.
  * If you do not see the YANG suite browser tab, double-click the **YANG Suite** desktop shortcut icon to open a new tab to YANG Suite or manually browse to [https://localhost](https://localhost).

To log on to YANG Suite:
1. Set the **Username** to **admin**.
2. Set the **Password** to **WWTwwt1!**.
3. Click the **Login** button.

![2_yang_suite_login.png](_images/2_yang_suite_login.png)

---

#### Task 2b - Review YANG Suite Menu Options

* The **Setup** menu allows you to:
  * Import YANG models from files, Git repository, and network devices.
  * Create **YANG Module Sets** to browse or use with NETCONF operations on network devices.
  * Add network device connection parameters for remote connectivity and NETCONF operations.


* The **Explore > YANG** menu selection allows you to browse YANG modules from a **YANG Module Set**.

* The **Protocols > NETCONF** menu selection allows you to interact with network devices via NETCONF operations.

![3_yang_suite_setup_menu.png](_images/3_yang_suite_setup_menu.png)

---

#### Task 2c - Test Connectivity to Preconfigured Lab Network Devices

* The **Device Profiles** menu selection has the connection parameters for the two CSR1000v lab routers preconfigured for you.
* Choose the radio button for a Device Profile (e.g. **R1**) and click the **Check selected device's reachability** button to validate connectivity.

![4_yang_suite_device_profiles.png](_images/4_yang_suite_device_profiles.png)

---

#### Task 2d - Review Preconfigured YANG Module Repository Configuration

* The **YANG files and repositories** menu selection has a **YANG Module Repository** named **IOS-XE** preconfigured for you.
  * The **YANG modules in repository** window shows the YANG modules which have been pre-loaded into YANG Suite from the CSR1000v **R1** for you.
  * The pre-loaded modules include the IETF and IOS-XE Native YANG modules which support network device interface configuration.

![5_yang_suite_yang_module_repos.png](_images/5_yang_suite_yang_module_repos.png)

---

#### Task 2e - Review Preconfigured YANG Module Set Configuration

* The **YANG module sets** menu selection has a **YANG Set** named **IOS-XE** preconfigured for you.
  * The **YANG modules in this set** window shows the YANG modules and their dependencies which have been pre-loaded into YANG Suite from the CSR1000v **R1** for you.

![6_yang_suite_yang_module_sets.png](_images/6_yang_suite_yang_module_sets.png)

---

#### Task 2f - Explore the Preconfigured YANG Module Set Browser

* The **Explore > YANG** menu selection allows you to:
  * Choose **YANG Set** to select **YANG Modules** from.
  * Search for and choose a single or multiple **YANG Modules** to browse.
  * Navigate the YANG tree for a module.
  * Select a YANG object from the module tree.
  * View YANG properties for any object.


* The image below shows the YANG properties for the **interfaces container** in the **ietf-interfaces** YANG module.
  * Take note of the **XPath** property as it is useful to quickly search for and locate objects across several YANG modules at once.
  * The **Access** and **Operations** properties are also useful when you want to perform NETCONF operations using a given YANG module.

![7_yang_module_exploration.png](_images/7_yang_module_exploration.png)

---

#### Task 2g - Manage a Network Device Using NETCONF

* The **Protocols > NETCONF** menu selection allows you to interact with network devices using NETCONF.
* Interacting with a network device via NETCONF requires that you build XML RPC messages which specify the data you want to:
  * Retreive from a network device.
  * Send to a network device, in the form of configuration or commands.


* To build the first NETCONF RPC message with YANG Suite:
  1. Select **IOS-XE** from the **YANG Set** drop-down menu.
  2. Type **ietf-interfaces** in the **Module(s)** text area.
  3. Click the **Load Modules** button.
  4. Expand the **ietf-interfaces** module in YANG tree explorer.

![8_yang_suite_netconf_setup.png](_images/8_yang_suite_netconf_setup.png)

---

#### Task 2h - Build and Send a NETCONF RPC to R1

* Now that the relevant YANG modules loaded into the NETCONF RPC tool, we will retreive interface configuration information from **R1** with a NETCONF RPC:
  1. Choose **get-config** from the **NETCONF Operation** drop-down menu and choose **R1** from the **Device** drop-down menu.
  2. Expand the YANG tree explorer objects **ietf-interfaces > interfaces > interface > ip:ipv4**.
    * Click the blank space to the right of the **ip:address** container (in the **Value** column) to choose this container for the RPC.
  3. Click the **Build RPC** button.
  4. Observe the XML RPC payload display in the area on the right side of the browser.
  5. Click the **Run RPC(s)** button to send the RPC to **R1**.


* A new browser tab will open with the RPC response from **R1**. 

![9_yang_suite_netconf_rpc_setup.png](_images/9_yang_suite_netconf_rpc_setup.png)

---

#### Task 2i - Review the RPC Response from R1

* Scroll up slightly in the browser tab and locate the **\<rpc-reply\>** message with the interface configuration details for **R1**.
  * You will be able to see the IP address for each configured interface.
  * The interfaces have no other non-default configuration applied at this time or more configuration details would be visible in the RPC response.

![10_yang_suite_netconf_rpc_response.png](_images/10_yang_suite_netconf_rpc_response.png)

---

#### Task 2j - Review Other Options and Features of the NETCONF Explorer

Switch back to the browser tab with the NETCONF explorer to review some additional details.

* The **NETCONF Operations** menu allows you to choose from different operations that a given YANG object supports.

![11_yang_suite_netconf_ops.png](_images/11_yang_suite_netconf_ops.png)

---

* The **YANG Tree** menu allows you to:
  * Clear any checkbox selections, drop-down selections, or string input from the YANG tree.
  * Search for objects within the YANG tree using free text which matches YANG object **XPath** data.

![12_yang_suite_yang_tree_options.png](_images/12_yang_suite_yang_tree_options.png)

![13_yang_suite_xpath_search.png](_images/13_yang_suite_xpath_search.png)

---

* The **RPC Options** menu allows you to select the target **datastore** for NETCONF operations (**running** is the default datastore target).

![14_yang_suite_rpc_options.png](_images/14_yang_suite_rpc_options.png)

---

* The **Device** menu allows you to switch between devices to target with NETCONF operations.
* The **Clear RPC(s)** button removes all RPC information from the area on the right side of the browser tab.
  * This allows you to construct new RPCs.

![15_yang_suite_device_options.png](_images/15_yang_suite_device_options.png)

---

* The **Replays** menu allows you to generate Python files for download which perform NETCONF operations via a Python interpreter.
* To generate and download a file with a Python code representation of your current NETCONF RPC:
  1. Click the **Replays** menu and choose **Generate Python script**.


![16_yang_suite_generate_python.png](_images/16_yang_suite_generate_python.png)


  2. When prompted, click the **Keep** button at the bottom of the browser tab, to grant Chrome permission to download Python files.

![17_yang_suite_python_download_1.png](_images/17_yang_suite_python_download_1.png)


  3. When the download completes, double-click the name of the file (**script1.py** is the file in the screenshot) and, if prompted, choose the application **Visual Studio Code** to open the file.

![18_yang_suite_python_download_2.png](_images/18_yang_suite_python_download_2.png)


  4. Take note of the multi-line string with the NETCONF XML RPC payload.  Subsequent lab tasks require these exact sorts of XML strings.

![19_yang_suite_python_vs_code.png](_images/19_yang_suite_python_vs_code.png)

---

### Task 3 - Interact with IOS-XE YANG Modules Using Python ncclient.
**ncclient** is a Python NETCONF manager (client) module available on [PyPI](https://pypi.org/project/ncclient/) and is pre-installed in this environment.  **ncclient** allows you to write Python code which can interact with network devices using the NETCONF protocol.  The [**manager**](https://ncclient.readthedocs.io/en/latest/manager.html) class in the **ncclient** module contains the core methods that we will use for NETCONF interactions with network devices.

The following tasks walk you through:
* Creating NETCONF sessions to R1 & R2.
* Using YANG Suite to build RPC payloads.
* Sending **\<rpc\>** messages to R1 & R2.
* Displaying data from **\<rpc\>** reply messages.

The tasks rely heavily on the use of the **xmltodict** Python module, also pre-installed in this environment and available on [PyPi](https://pypi.org/project/xmltodict/).  **xmltodict** allows you to convert data between the XML and Python Dictionary encoding formats and you will see example conversions in both directions.

---
#### Task 3a - Import Modules

Import the following Python modules:
* **ncclient** - NETCONF manager (client) to connect to NETCONF agents (network devices).
* **pprint.pprint** - Method to print output in a more friendly format than the standard Python print() function.
* **xmltodict** - Module to convert between XML and Python Dictionary encoding formats, bidirectionally.

In [1]:
from ncclient import manager
from pprint import pprint
import xmltodict

---
#### Task 3b - Create Dictionaries for Device Connection Properties

* Create dictionary objects for **R1** and **R2** which contain the connection paramaters specified by the **manager** class of the **ncclient** module.
  * We will use these dictionaries to connect to and authenticate with both **R1** and **R2**.
* Verify the dictionary data by Pretty Printing the contents of each dictionary.

In [2]:
r1 = {
    'host': 'r1.lab.local',
    'username': 'wwt',
    'password': 'WWTwwt1!',
    'hostkey_verify': False,
    'device_params': {
        'name':'csr'
    }
}
pprint(r1)

{'device_params': {'name': 'csr'},
 'host': 'r1.lab.local',
 'hostkey_verify': False,
 'password': 'WWTwwt1!',
 'username': 'wwt'}


In [3]:
r2 = {
    'host': 'r2.lab.local',
    'username': 'wwt',
    'password': 'WWTwwt1!',
    'hostkey_verify': False,
    'device_params': {
        'name':'csr'
    }
}
pprint(r2)

{'device_params': {'name': 'csr'},
 'host': 'r2.lab.local',
 'hostkey_verify': False,
 'password': 'WWTwwt1!',
 'username': 'wwt'}


---
#### Task 3c - Retreive NETCONF Agent Capabilities from R1

* Use the **with** keyword in order to allow the Python *Context Manager* to automatically close the NETCONF session, after the code runs.
  * The alternative is to manually close a NETCONF session.
* Use the **connect** method of the **ncclient manager** class to initiate a connection to **R1**.
  * Pass the **r1** dictionary as an argument to the **connect** method with the syntax **\*\*r1**.
    * This technique is caled *Dictionary Unpacking* and converts each dictionary key to a keyword argument, with their corresponding values.
* Assign the result of the **connect** method to the variable **conn** (short for 'connection').
* Assign the value of the **conn.server_capabilities** attribute to the variable **caps** (short for 'capabilities')
* Use the **len** function to determine the total number of NETCONF capabilities that **R1** reports.

In [4]:
# Use a Context Manager with the "manager" class to handle session cleanup.
with manager.connect(**r1) as conn:
    caps = conn.server_capabilities

print(f'** {len(caps)} Total NETCONF Capabilities **')

** 480 Total NETCONF Capabilities **


---
#### Task 3d - Display the First 25 Capabilities

* To view a sample of **R1's** NETCONF capabilities, use a **for** loop to print the first 25 capabilities in the **caps** object.
  * Observe the types of capabilities that **R1** reports.

In [5]:
for i in range(25):
    print(f'{i + 1}. {list(caps)[i]}')

1. urn:ietf:params:netconf:base:1.0
2. urn:ietf:params:netconf:base:1.1
3. urn:ietf:params:netconf:capability:writable-running:1.0
4. urn:ietf:params:netconf:capability:xpath:1.0
5. urn:ietf:params:netconf:capability:validate:1.0
6. urn:ietf:params:netconf:capability:validate:1.1
7. urn:ietf:params:netconf:capability:rollback-on-error:1.0
8. urn:ietf:params:netconf:capability:notification:1.0
9. urn:ietf:params:netconf:capability:interleave:1.0
10. urn:ietf:params:netconf:capability:with-defaults:1.0?basic-mode=explicit&also-supported=report-all-tagged
11. urn:ietf:params:netconf:capability:yang-library:1.0?revision=2016-06-21&module-set-id=17215ced51adcf878cd3b5af2bbb6a8c
12. http://tail-f.com/ns/netconf/actions/1.0
13. http://tail-f.com/ns/netconf/extensions
14. http://cisco.com/ns/cisco-xe-ietf-ip-deviation?module=cisco-xe-ietf-ip-deviation&revision=2016-08-10
15. http://cisco.com/ns/cisco-xe-ietf-ipv4-unicast-routing-deviation?module=cisco-xe-ietf-ipv4-unicast-routing-deviation&rev

---
#### Task 3e - Get Interface Operational Data

*Operational data* is information about the *state* of a device.  In this case, we will look at state data for one of the interfaces on **R1**.

* NETCONF managers (clients) require an RPC payload to declare the type of NETCONF request (get, get-config, edit-config, etc.), the target datastore (running, candidate, etc.) plus a *filter* to specify the scope of the request.
* **ncclient** uses a combination of **methods** and **arguments** to create a full, XML-encoded RPC.
  * The **method** (get, get-config, edit-config, etc.) creates the XML payload for the RPC.
  * The **filter** keyword argument requires a properly-formatted XML payload to target the required object.


* Use YANG Suite to build an RPC filter as follows:
  * YANG Model - **Cisco-IOS-XE-interfaces-oper**
  * XPath - **/interfaces/interface/v4-protocol-stats**
    * Optional - filter on interface **GigabitEthernet1**
  * Copy and paste the data in the **\<filter\>** tag from YANG Suite to the **payload** variable (multiline string) below.

In [16]:
# Create a multi-line string with an XML payload from YANG Suite
payload = '''
<filter>
 <interfaces xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-interfaces-oper">
  <interface>
    <v4-protocol-stats/>
    <name/>
  </interface>
 </interfaces>
</filter>
'''

In [17]:
# Create a <get> RPC message with ncclient
with manager.connect(**r1) as conn:
    # Use the "get" method and set the "filter" keyword argument to add the XML payload to the RPC
    response = conn.get(filter=payload)

In [18]:
# Display the type for the response object
print(type(response))

<class 'ncclient.operations.retrieve.GetReply'>


In [19]:
# Display the attributes and methods in the response object
properties = [prop for prop in dir(response) if prop[0] != '_' ]
print(properties)

['ERROR_CLS', 'data', 'data_ele', 'data_xml', 'error', 'errors', 'ok', 'parse', 'xml']


In [20]:
# Display the raw XML response, in the 'xml' attribute of the "response" object
print(response.xml)

<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:8179bf18-dbab-4d69-a323-80b775bae524" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><data><interfaces xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-interfaces-oper"><interface><name xmlns:nc='urn:ietf:params:xml:ns:netconf:base:1.0'>GigabitEthernet1</name><v4-protocol-stats><in-pkts>11594</in-pkts><in-octets>1964255</in-octets><in-error-pkts>0</in-error-pkts><in-forwarded-pkts>0</in-forwarded-pkts><in-forwarded-octets>0</in-forwarded-octets><in-discarded-pkts>0</in-discarded-pkts><out-pkts>1369</out-pkts><out-octets>1316244</out-octets><out-error-pkts>0</out-error-pkts><out-forwarded-pkts>1368</out-forwarded-pkts><out-forwarded-octets>0</out-forwarded-octets><out-discarded-pkts>0</out-discarded-pkts></v4-protocol-stats></interface></interfaces></data></rpc-reply>


In [21]:
# Display the 'data_xml' attribute of the "response" object
print(response.data_xml)

<?xml version="1.0" encoding="UTF-8"?><data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><interfaces xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-interfaces-oper"><interface><name xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">GigabitEthernet1</name><v4-protocol-stats><in-pkts>11594</in-pkts><in-octets>1964255</in-octets><in-error-pkts>0</in-error-pkts><in-forwarded-pkts>0</in-forwarded-pkts><in-forwarded-octets>0</in-forwarded-octets><in-discarded-pkts>0</in-discarded-pkts><out-pkts>1369</out-pkts><out-octets>1316244</out-octets><out-error-pkts>0</out-error-pkts><out-forwarded-pkts>1368</out-forwarded-pkts><out-forwarded-octets>0</out-forwarded-octets><out-discarded-pkts>0</out-discarded-pkts></v4-protocol-stats></interface></interfaces></data>


In [22]:
# Convert the 'response.data_xml' attribute to a Python dictionary
py_response = xmltodict.parse(
    response.data_xml,
    dict_constructor=dict
)

pprint(py_response)

{'data': {'@xmlns': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          '@xmlns:nc': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          'interfaces': {'@xmlns': 'http://cisco.com/ns/yang/Cisco-IOS-XE-interfaces-oper',
                         'interface': {'name': {'#text': 'GigabitEthernet1',
                                                '@xmlns:nc': 'urn:ietf:params:xml:ns:netconf:base:1.0'},
                                       'v4-protocol-stats': {'in-discarded-pkts': '0',
                                                             'in-error-pkts': '0',
                                                             'in-forwarded-octets': '0',
                                                             'in-forwarded-pkts': '0',
                                                             'in-octets': '1964255',
                                                             'in-pkts': '11594',
                                                             'out-discarded-pkts': '0

In [23]:
# Display state information in a more readable format
interface_data = py_response['data']['interfaces']['interface']

# Data for multiple interfaces returns as a list of dictionaries
if type(interface_data) is list:
    # Loop over the list and display data for each interface
    for inter in interface_data:
        print(f'Interface: {inter["name"]}')
        print(f'\tPackets in: {inter["v4-protocol-stats"]["in-pkts"]}')
        print(f'\tPackets out: {inter["v4-protocol-stats"]["out-pkts"]}\n')

# Data for a single interface returns as a dictionary
else:
    # Display the data for the single interface
    print(f'Interface: {interface_data["name"]["#text"]}')
    print(f'\tPackets in: {interface_data["v4-protocol-stats"]["in-pkts"]}')
    print(f'\tPackets out: {interface_data["v4-protocol-stats"]["out-pkts"]}\n')

Interface: GigabitEthernet1
	Packets in: 11594
	Packets out: 1369



---
#### Task 3f - Get Interface Configuration Data

*Configuration data* is information about the *configuration* of a device.  In this case, we will look at configuration data for one of the interfaces on **R1**.

* This NETCONF request will use the **get-config** RPC operation which, in addition to specifying a **filter** keyword argument, requires a **source** keyword argument in order to specify the NETCONF **datastore** the RPC targets.
  * Since **R1** only has one operational datastore (**running**), we will target that datastore.


* Use YANG Suite to build an RPC filter as follows:
  * YANG Model - **ietf-interfaces**
  * XPath - **/interfaces/interface/ip:ipv4**
    * Optional - filter on interface **GigabitEthernet1**
  * Copy and paste the data in the **\<filter\>** tag from YANG Suite to the **payload** variable (multiline string) below.

In [24]:
# Create a multi-line string with an XML payload from YANG Suite
payload = '''
<filter>
 <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces">
  <interface>
    <ipv4 xmlns="urn:ietf:params:xml:ns:yang:ietf-ip"/>
    <name/>
  </interface>
 </interfaces>
</filter>
'''

In [25]:
# Create a <get-config> RPC message with ncclient
with manager.connect(**r1) as conn:
    # Use the "get_config" method, set the "source" keyword argument to "running", and set the "filter" keyword argument to add the XML payload to the RPC
    response = conn.get_config(source='running', filter=payload)

In [26]:
# Display the type for the response object
print(type(response))

<class 'ncclient.operations.retrieve.GetReply'>


In [27]:
# Display the 'data_xml' attribute of the "response" object
print(response.data_xml)

<?xml version="1.0" encoding="UTF-8"?><data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"><interface><name>GigabitEthernet1</name><ipv4 xmlns="urn:ietf:params:xml:ns:yang:ietf-ip"><address><ip>192.168.2.161</ip><netmask>255.255.255.0</netmask></address></ipv4></interface><interface><name>GigabitEthernet2</name><ipv4 xmlns="urn:ietf:params:xml:ns:yang:ietf-ip"><address><ip>172.31.12.161</ip><netmask>255.255.255.0</netmask></address></ipv4></interface></interfaces></data>


In [28]:
# Convert the 'response.data_xml' attribute to a Python dictionary
py_response = xmltodict.parse(
    response.data_xml,
    dict_constructor=dict
)

pprint(py_response)

{'data': {'@xmlns': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          '@xmlns:nc': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          'interfaces': {'@xmlns': 'urn:ietf:params:xml:ns:yang:ietf-interfaces',
                         'interface': [{'ipv4': {'@xmlns': 'urn:ietf:params:xml:ns:yang:ietf-ip',
                                                 'address': {'ip': '192.168.2.161',
                                                             'netmask': '255.255.255.0'}},
                                        'name': 'GigabitEthernet1'},
                                       {'ipv4': {'@xmlns': 'urn:ietf:params:xml:ns:yang:ietf-ip',
                                                 'address': {'ip': '172.31.12.161',
                                                             'netmask': '255.255.255.0'}},
                                        'name': 'GigabitEthernet2'}]}}}


In [29]:
# Display configuration information in a more readable format
header_msg = '** Interface List **'
print(f'\n{"-" * len(header_msg)}')
print(header_msg)
print(f'{"-" * len(header_msg)}\n')

interface_config = py_response['data']['interfaces']['interface']

# Data for multiple interfaces returns as a list of dictionaries
if type(interface_config) is list:
    # Loop over the list and display data for each interface
    for inter in interface_config:
        print(f'Interface: {inter["name"]}')
        if inter["ipv4"].get("address"):
            print(f'\tIP Address: {inter["ipv4"]["address"]["ip"]}')
            print(f'\tSubnet Mask: {inter["ipv4"]["address"]["netmask"]}\n')
        else:
            print('\tIP Address: Not Assigned')

# Data for a single interface returns as a dictionary
else:
    # Display the data for the single interface
    print(f'Interface: {interface_config["name"]["#text"]}')
    if interface_config["ipv4"].get("address"):
        print(f'\tIP Address: {interface_config["ipv4"]["address"]["ip"]}')
        print(f'\tSubnet Mask: {interface_config["ipv4"]["address"]["netmask"]}\n')
    else:
        print('\tIP Address: Not Assigned')


--------------------
** Interface List **
--------------------

Interface: GigabitEthernet1
	IP Address: 192.168.2.161
	Subnet Mask: 255.255.255.0

Interface: GigabitEthernet2
	IP Address: 172.31.12.161
	Subnet Mask: 255.255.255.0



---
#### Task 3g - Create a New Interface

* This NETCONF request will use the **edit-config** RPC operation which, like the **get-config** RPC operation, requires both the **filter** and **source** keyword arguments.
  * Since **R1** only has one operational datastore (**running**), we will target that datastore.


* Use YANG Suite to build an RPC configuration for a new Loopback interface (Loopback 0) as follows:
  * YANG Model - **Cisco-IOS-XE-native**
  * XPath - **/native/interface/Loopback/name**
  * Interface Name - **0**
  * Copy and paste the data in the **\<config\>** tag from YANG Suite to the **payload** variable (multiline string) below. 

In [30]:
# Create a multi-line string with an XML payload from YANG Suite
payload = '''
<config>
 <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
  <interface>
    <Loopback>
      <name>0</name>
    </Loopback>
  </interface>
 </native>
</config>
'''

In [31]:
# Create an <edit-config> RPC message with ncclient
with manager.connect(**r1) as conn:
    # Use the "edit_config" method, set the "target" keyword argument to "running", and set the "config" keyword argument to add the XML payload to the RPC
    response = conn.edit_config(target='running', config=payload)

In [32]:
# Display the attributes and methods in the response object
properties = [prop for prop in dir(response) if prop[0] != '_' ]
print(properties)

['ERROR_CLS', 'error', 'errors', 'ok', 'parse', 'xml']


In [33]:
# Display the 'xml' attribute of the "response" object and notice the "<ok/>" tag in the RPC response
pprint(response.xml)

('<?xml version="1.0" encoding="UTF-8"?>\n'
 '<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" '
 'message-id="urn:uuid:5f2efb83-80d2-46a2-9890-87c4af095322" '
 'xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><ok/></rpc-reply>')


---
#### Task 3h - Verify Configuration Change

This NETCONF request will use the **get-config** RPC to determine whether or not the previous operation added the **Loopback 0** interface to **R1**.

* Use YANG Suite to build a build an RPC which gets configuration data for the **R1** interfaces:
  * YANG Model - **Cisco-IOS-XE-native**
  * XPath - **/native/interface**
  * Copy and paste the data in the **\<filter\>** tag from YANG Suite to the **payload** variable (multiline string) below. 

In [34]:
# Create a multi-line string with an XML payload from YANG Suite
payload = '''
<filter>
 <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
  <interface/>
 </native>
</filter>
'''

In [35]:
# Create a <get-config> RPC message with ncclient
with manager.connect(**r1) as conn:
    # Use the "get_config" method, set the "source" keyword argument to "running", and set the "filter" keyword argument to add the XML payload to the RPC
    response = conn.get_config(source='running', filter=payload)

In [37]:
# Convert the 'response.data_xml' attribute to a Python dictionary
py_response = xmltodict.parse(
    response.data_xml,
    dict_constructor=dict
)

pprint(py_response)

{'data': {'@xmlns': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          '@xmlns:nc': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          'native': {'@xmlns': 'http://cisco.com/ns/yang/Cisco-IOS-XE-native',
                     'interface': {'GigabitEthernet': [{'ip': {'address': {'primary': {'address': '192.168.2.161',
                                                                                       'mask': '255.255.255.0'}}},
                                                        'mop': {'enabled': 'false',
                                                                'sysid': 'false'},
                                                        'name': '1',
                                                        'negotiation': {'@xmlns': 'http://cisco.com/ns/yang/Cisco-IOS-XE-ethernet',
                                                                        'auto': 'true'}},
                                                       {'ip': {'address': {'primary': {'address': '172.3

In [40]:
# Display configuration information in a more readable format
header_msg = '** Interface List **'
print(f'\n{"-" * len(header_msg)}')
print(header_msg)
print(f'{"-" * len(header_msg)}\n')

interface_config = py_response['data']['native']['interface']

for key, value in interface_config.items():
    # Data for multiple interfaces returns as a list of dictionaries
    if type(value) is list:
        for v in value:
            print(f'Interface: {key}{v["name"]}')
            if v.get('ip'):
                print(f'\tIP Address: {v["ip"]["address"]["primary"]["address"]}')
                print(f'\tIP Address: {v["ip"]["address"]["primary"]["mask"]}\n')
            else:
                print('\tIP Address: Not assigned')
            
    # Data for a single interface returns as a dictionary
    else:
        print(f'Interface: {key}{value["name"]}')
        if value.get('ip'):
            print(f'\tIP Address: {value["ip"]["address"]["primary"]["address"]}')
            print(f'\tIP Address: {value["ip"]["address"]["primary"]["mask"]}\n')
        else:
            print('\tIP Address: Not assigned')


--------------------
** Interface List **
--------------------

Interface: GigabitEthernet1
	IP Address: 192.168.2.161
	IP Address: 255.255.255.0

Interface: GigabitEthernet2
	IP Address: 172.31.12.161
	IP Address: 255.255.255.0

Interface: Loopback0
	IP Address: Not assigned


---
#### Task 3i - Update Interface Configuration Details

This NETCONF request will use the **edit-config** RPC to add more configuration detail to the new **Loopback 0** interface on **R1**.

* Use YANG Suite to build an RPC which configures a new **IP address**, **description,** and **load interval** to the new **Loopback 0** interface:
  * YANG Model - **Cisco-IOS-XE-native**
  * XPaths:
    * **/native/interface/Loopback/name**
    * **/native/interface/Loopback/description**
    * **/native/interface/Loopback/ip/address/primary**
    * **/native/interface/Loopback/load-interval**
  * Description - Added by NETCONF
  * IPv4 Address - **172.16.10.10**
  * Subnet Mask - **255.255.255.255**
  * Load Interval - **30**
  * Copy and paste the data in the **\<config\>** tag from YANG Suite to the **payload** variable (multiline string) below. 

In [41]:
# Create a multi-line string with an XML payload from YANG Suite
payload = '''
<config>
 <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
  <interface>
    <Loopback>
     <name>0</name>
     <description>Added by NETCONF</description>
     <load-interval>30</load-interval>
     <ip>
      <address>
        <primary>
          <address>172.16.10.10</address>
          <mask>255.255.255.255</mask>
        </primary>
      </address>
     </ip>
    </Loopback>
  </interface>
 </native>
</config>
'''

In [42]:
# Create an <edit-config> RPC message with ncclient
with manager.connect(**r1) as conn:
    # Use the "edit_config" method, set the "target" keyword argument to "running", and set the "config" keyword argument to add the XML payload to the RPC
    response = conn.edit_config(target='running', config=payload)

In [43]:
# Display the 'xml' attribute of the "response" object and notice the "<ok/>" tag in the RPC response
pprint(response.xml)

('<?xml version="1.0" encoding="UTF-8"?>\n'
 '<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" '
 'message-id="urn:uuid:322222dc-3251-487f-9d47-d02509b1c3e5" '
 'xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><ok/></rpc-reply>')


---
#### Task 3j - Verify Configuration Change

This NETCONF request will use the **get-config** RPC to determine whether or not the previous operation added configuration elements to the **Loopback 0** interface on **R1**.

* Use YANG Suite to build a build an RPC which gets configuration data for the **R1** interfaces:
  * YANG Model - **Cisco-IOS-XE-native**
  * XPath - **/native/interface**
  * Copy and paste the data in the **\<filter\>** tag from YANG Suite to the **payload** variable (multiline string) below. 

In [44]:
# Create a multi-line string with an XML payload from YANG Suite
payload = '''
<filter>
 <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
  <interface/>
 </native>
</filter>
'''

In [45]:
# Create a <get-config> RPC message with ncclient
with manager.connect(**r1) as conn:
    # Use the "get_config" method, set the "source" keyword argument to "running", and set the "filter" keyword argument to add the XML payload to the RPC
    response = conn.get_config(source='running', filter=payload)

In [46]:
# Convert the 'response.data_xml' attribute to a Python dictionary
py_response = xmltodict.parse(
    response.data_xml,
    dict_constructor=dict
)

pprint(py_response)

{'data': {'@xmlns': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          '@xmlns:nc': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          'native': {'@xmlns': 'http://cisco.com/ns/yang/Cisco-IOS-XE-native',
                     'interface': {'GigabitEthernet': [{'ip': {'address': {'primary': {'address': '192.168.2.161',
                                                                                       'mask': '255.255.255.0'}}},
                                                        'mop': {'enabled': 'false',
                                                                'sysid': 'false'},
                                                        'name': '1',
                                                        'negotiation': {'@xmlns': 'http://cisco.com/ns/yang/Cisco-IOS-XE-ethernet',
                                                                        'auto': 'true'}},
                                                       {'ip': {'address': {'primary': {'address': '172.3

In [50]:
# Display configuration information in a more readable format
header_msg = '** Interface List **'
print(f'\n{"-" * len(header_msg)}')
print(header_msg)
print(f'{"-" * len(header_msg)}\n')

interface_config = py_response['data']['native']['interface']

for key, value in interface_config.items():
    # Data for multiple interfaces returns as a list of dictionaries
    if type(value) is list:
        for v in value:
            print(f'Interface: {key}{v["name"]}')
            print(f'\tDescription: {v.get("description", "None")}')
            if v.get('load-interval'):
                print(f'\tLoad Interval: {key}{value[0]["load-interval"]}')
            if v.get('ip'):
                print(f'\tIP Address: {v["ip"]["address"]["primary"]["address"]}')
                print(f'\tIP Address: {v["ip"]["address"]["primary"]["mask"]}\n')
            else:
                print('\tIP Address: Not assigned')
            
    # Data for a single interface returns as a dictionary
    else:
        print(f'Interface: {key}{value.get("name")}')
        print(f'\tDescription: {value.get("description", "None")}')
        if value.get('load-interval'):
            print(f'\tLoad Interval: {value["load-interval"]}')
        if value.get('ip'):
            print(f'\tIP Address: {value["ip"]["address"]["primary"]["address"]}')
            print(f'\tIP Address: {value["ip"]["address"]["primary"]["mask"]}\n')
        else:
            print('\tIP Address: Not assigned')


--------------------
** Interface List **
--------------------

Interface: GigabitEthernet1
	Description: None
	IP Address: 192.168.2.161
	IP Address: 255.255.255.0

Interface: GigabitEthernet2
	Description: None
	IP Address: 172.31.12.161
	IP Address: 255.255.255.0

Interface: Loopback0
	Description: Added by NETCONF
	Load Interval: 30
	IP Address: 172.16.10.10
	IP Address: 255.255.255.255



---
#### Task 3k - Delete the New Interface

This NETCONF request will use the **edit-config** RPC with the **delete operation** to remove the new **Loopback 0** interface from **R1**.

* Use YANG Suite to build an RPC which deletes interface **Loopback 0**:
  * YANG Model - **Cisco-IOS-XE-native**
  * XPath - **/native/interface/Loopback**
  * Loopback Operation - **delete**
  * Interface Name - **0**
  * Copy and paste the data in the **\<config\>** tag from YANG Suite to the **payload** variable (multiline string) below.

In [51]:
# Create a multi-line string with an XML payload from YANG SUITE
payload = '''
<config>
 <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
  <interface>
    <Loopback operation="delete">
     <name>0</name>
    </Loopback>
  </interface>
 </native>
</config>
'''

In [52]:
# Create an <edit-config> RPC message with ncclient
with manager.connect(**r1) as conn:
    # Use the "edit_config" method, set the "target" keyword argument to "running", and set the "config" keyword argument to add the XML payload to the RPC
    response = conn.edit_config(target='running', config=payload)

In [53]:
# Display the 'xml' attribute of the "response" object and notice the "<ok/>" tag in the RPC response
pprint(response.xml)

('<?xml version="1.0" encoding="UTF-8"?>\n'
 '<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" '
 'message-id="urn:uuid:81fadd8a-e087-4b31-b0b3-47c4c6574a03" '
 'xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><ok/></rpc-reply>')


---
#### Task 3l - Verify Configuration Change

This NETCONF request will use the **get-config** RPC to determine whether or not the previous operation removed the **Loopback 0** interface from **R1**.

* Use YANG Suite to build a build an RPC which gets configuration data for the **R1** interfaces:
  * YANG Model - **Cisco-IOS-XE-native**
  * XPath - **/native/interface**
  * Copy and paste the data in the **\<filter\>** tag from YANG Suite to the **payload** variable (multiline string) below. 

In [54]:
# Create a multi-line string with an XML payload from YANG Suite
payload = '''
<filter>
 <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
  <interface/>
 </native>
</filter>
'''

In [55]:
# Create a <get-config> RPC message with ncclient
with manager.connect(**r1) as conn:
    # Use the "get_config" method, set the "source" keyword argument to "running", and set the "filter" keyword argument to add the XML payload to the RPC
    response = conn.get_config(source='running', filter=payload)

In [56]:
# Convert the 'response.data_xml' attribute to a Python dictionary
py_response = xmltodict.parse(
    response.data_xml,
    dict_constructor=dict
)

pprint(py_response)

{'data': {'@xmlns': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          '@xmlns:nc': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          'native': {'@xmlns': 'http://cisco.com/ns/yang/Cisco-IOS-XE-native',
                     'interface': {'GigabitEthernet': [{'ip': {'address': {'primary': {'address': '192.168.2.161',
                                                                                       'mask': '255.255.255.0'}}},
                                                        'mop': {'enabled': 'false',
                                                                'sysid': 'false'},
                                                        'name': '1',
                                                        'negotiation': {'@xmlns': 'http://cisco.com/ns/yang/Cisco-IOS-XE-ethernet',
                                                                        'auto': 'true'}},
                                                       {'ip': {'address': {'primary': {'address': '172.3

In [59]:
# Display configuration information in a more readable format
header_msg = '** Interface List **'
print(f'\n{"-" * len(header_msg)}')
print(header_msg)
print(f'{"-" * len(header_msg)}\n')

interface_config = py_response['data']['native']['interface']

for key, value in interface_config.items():
    # Data for multiple interfaces returns as a list of dictionaries
    if type(value) is list:
        for v in value:
            print(f'Interface: {key}{v["name"]}')
            print(f'\tDescription: {v.get("description", "None")}')
            if v.get('load-interval'):
                print(f'\tLoad Interval: {key}{value[0]["load-interval"]}')
            if v.get('ip'):
                print(f'\tIP Address: {v["ip"]["address"]["primary"]["address"]}')
                print(f'\tIP Address: {v["ip"]["address"]["primary"]["mask"]}\n')
            else:
                print('\tIP Address: Not assigned')
            
    # Data for a single interface returns as a dictionary
    else:
        print(f'Interface: {key}{value.get("name")}')
        print(f'\tDescription: {value.get("description", "None")}')
        if value.get('load-interval'):
            print(f'\tLoad Interval: {value["load-interval"]}')
        if value.get('ip'):
            print(f'\tIP Address: {value["ip"]["address"]["primary"]["address"]}')
            print(f'\tIP Address: {value["ip"]["address"]["primary"]["mask"]}\n')
        else:
            print('\tIP Address: Not assigned')


--------------------
** Interface List **
--------------------

Interface: GigabitEthernet1
	Description: None
	IP Address: 192.168.2.161
	IP Address: 255.255.255.0

Interface: GigabitEthernet2
	Description: None
	IP Address: 172.31.12.161
	IP Address: 255.255.255.0



---
#### Task 3m - Two-Stage Configuration Changes Using the Candidate Datastore on R2 Incorrectly

**Task 1d** showed that **R2** has the **candidate** datastore enabled.  IOS-XE protects the **running** datastore from direct changes whenever the **candidate** datastore is enabled.  This behavior forces NETCONF managers (clients) to make all changes to the **candidate** datastore and then commit **candidate** datastore changes to the **running** datastore.

* This NETCONF request will attempt to commit a change directly to the **running** datastore on **R2** while the **candidate** datastore is enabled.


* Use YANG Suite to build a configuration for a new Loopback interrface as follows:
  * YANG Model - **Cisco-IOS-XE-native**
  * XPath - **/native/interface/Loopback**
  * Interface Name - **10**
  * Copy and paste the data in the **\<config\>** tag from YANG Suite to the **payload** variable (multiline string) below. 

In [60]:
# Create a multi-line string with an XML payload from YANG Suite
payload = '''
<config>
 <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
  <interface>
    <Loopback>
      <name>10</name>
    </Loopback>
  </interface>
 </native>
</config>
'''

In [61]:
# Import the ncclient 'RPCError' class to catch NETCONF RPC exceptions
from ncclient.operations.rpc import RPCError

# Use a try/except block to create an <edit-config> RPC message with ncclient which directly targets the "running" datastore on R2
with manager.connect(**r2) as conn:
    try:
        # Use the "edit_config" method, set the "target" keyword argument to "running", and set the "config" keyword argument to add the XML payload to the RPC
        response = conn.edit_config(target='running', config=payload)
    except RPCError as e:
        # If an RPCError excaption is caught, display a printable representation of the exception
        # Notice the details of any RPCError message
        print(repr(e))
    

RPCError('Unsupported capability :writable-running')


---
#### Task 3n - Two-Stage Configuration Changes Using the Candidate Datastore on R2 Correctly

This NETCONF request will attempt to commit a two-stage configuration change to **R2** by first targeting the **candidate** datastore.
* The two-stage commit process requires that the NETCONF session remain open throughout the entire configuration process.
* As such, the code to support the two-stage commit will not use the Python **context manager**, which automatically closes NETCONF sessions.
* We will manually close the NETCONF session in a later task, after the two-stage commit is complete.


* Use YANG Suite to build a configuration for a new Loopback interrface as follows:
  * YANG Model - **Cisco-IOS-XE-native**
  * XPath - **/native/interface/Loopback**
  * Interface Name - **10**
  * Copy and paste the data in the **\<config\>** tag from YANG Suite to the **payload** variable (multiline string) below. 

In [62]:
# Create a multi-line string with an XML payload from YANG Suite
payload = '''
<config>
 <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
  <interface>
    <Loopback>
      <name>10</name>
    </Loopback>
  </interface>
 </native>
</config>
'''

In [63]:
# Try the same <edit-config> RPC message again but target the "candidate" datastore this time
# Do not use the context manager for this exercise, in order to keep the NETCONF session open for multiple operations
conn = manager.connect(**r2)
# Use the "edit_config" method, set the "target" keyword argument to "candidate", and set the "config" keyword argument to add the XML payload to the RPC
response = conn.edit_config(target='candidate', config=payload)  

In [64]:
# Display the attributes and methods in the response object
properties = [prop for prop in dir(response) if prop[0] != '_' ]
print(properties)

['ERROR_CLS', 'error', 'errors', 'ok', 'parse', 'xml']


In [65]:
# Display the 'xml' attribute of the "response" object and notice the "<ok/>" tag in the RPC response
pprint(response.xml)

('<?xml version="1.0" encoding="UTF-8"?>\n'
 '<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" '
 'message-id="urn:uuid:6bddad6b-00d1-4304-b243-f4c144eea63d" '
 'xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><ok/></rpc-reply>')


---
#### Task 3o - Verify Configuration Change
Confirm the change to the **candidate** datastore does not appear in the **running** datastore, yet.
This NETCONF request will confirm the change to the **candidate** datastore does not appear in the **running** datastore on **R2**, yet.

* Use YANG Suite to build a build an RPC which gets configuration data for the **R2** interfaces:
  * YANG Model - **Cisco-IOS-XE-native**
  * XPath - **/native/interface**
  * Copy and paste the data in the **\<filter\>** tag from YANG Suite to the **payload** variable (multiline string) below. 

In [66]:
# Create a multi-line string with an XML payload from YANG Suite
payload = '''
<filter>
 <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
  <interface/>
 </native>
</filter>
'''

In [67]:
# Create a <get-config> RPC message with ncclient
# Use the already-open NETCONF session in the 'conn' variable
# Once again, do not use the context manager for this exercise, in order to keep the NETCONF session open for multiple operations
# Use the "get_config" method, set the "source" keyword argument to "running", and set the "filter" keyword argument to add the XML payload to the RPC
response = conn.get_config(source='running', filter=payload)

In [68]:
# Convert the 'response.data_xml' attribute to a Python dictionary
py_response = xmltodict.parse(
    response.data_xml,
    dict_constructor=dict
)

pprint(py_response)

{'data': {'@xmlns': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          '@xmlns:nc': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          'native': {'@xmlns': 'http://cisco.com/ns/yang/Cisco-IOS-XE-native',
                     'interface': {'GigabitEthernet': [{'ip': {'address': {'primary': {'address': '192.168.2.162',
                                                                                       'mask': '255.255.255.0'}}},
                                                        'mop': {'enabled': 'false',
                                                                'sysid': 'false'},
                                                        'name': '1',
                                                        'negotiation': {'@xmlns': 'http://cisco.com/ns/yang/Cisco-IOS-XE-ethernet',
                                                                        'auto': 'true'}},
                                                       {'ip': {'address': {'primary': {'address': '172.3

In [71]:
# Display configuration information in a more readable format
header_msg = '** Interface List **'
print(f'\n{"-" * len(header_msg)}')
print(header_msg)
print(f'{"-" * len(header_msg)}\n')

interface_config = py_response['data']['native']['interface']

for key, value in interface_config.items():
    # Data for multiple interfaces returns as a list of dictionaries
    if type(value) is list:
        for v in value:
            print(f'Interface: {key}{v["name"]}')
            print(f'\tDescription: {v.get("description", "None")}')
            if v.get('load-interval'):
                print(f'\tLoad Interval: {key}{value[0]["load-interval"]}')
            if v.get('ip'):
                print(f'\tIP Address: {v["ip"]["address"]["primary"]["address"]}')
                print(f'\tIP Address: {v["ip"]["address"]["primary"]["mask"]}\n')
            else:
                print('\tIP Address: Not assigned')
            
    # Data for a single interface returns as a dictionary
    else:
        print(f'Interface: {key}{value.get("name")}')
        print(f'\tDescription: {value.get("description", "None")}')
        if value.get('load-interval'):
            print(f'\tLoad Interval: {value["load-interval"]}')
        if value.get('ip'):
            print(f'\tIP Address: {value["ip"]["address"]["primary"]["address"]}')
            print(f'\tIP Address: {value["ip"]["address"]["primary"]["mask"]}\n')
        else:
            print('\tIP Address: Not assigned')


--------------------
** Interface List **
--------------------

Interface: GigabitEthernet1
	Description: None
	IP Address: 192.168.2.162
	IP Address: 255.255.255.0

Interface: GigabitEthernet2
	Description: None
	IP Address: 172.31.12.162
	IP Address: 255.255.255.0

Interface: Loopback10
	Description: None
	IP Address: Not assigned


---
#### Task 3p - Copy the Candidate Datastore on R2 to the Running Datastore

On order to commit the changes in the **candidate** datastore to the **running** datastore, it is necessary to use the NETCONF **commit** RPC.

* **ncclient** has a **method** available named **commit** which sends a NETCONF **commit** RPC.
* No other XML data is necessary to send the **commit** RPC.

In [72]:
# Create a <commit> RPC message with ncclient, to commit "candidate" datastore changes to the "running" datastore
# Use the already-open NETCONF session in the 'conn' variable
# Once again, do not use the context manager for this exercise, in order to keep the NETCONF session open for multiple operations
# Use the "commit" method
response = conn.commit()

In [73]:
# Display the attributes and methods in the response object
properties = [prop for prop in dir(response) if prop[0] != '_' ]
print(properties)

['ERROR_CLS', 'error', 'errors', 'ok', 'parse', 'xml']


In [74]:
# Display the 'xml' attribute of the "response" object and notice the "<ok/>" tag in the RPC response
pprint(response.xml)

('<?xml version="1.0" encoding="UTF-8"?>\n'
 '<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" '
 'message-id="urn:uuid:2876c51c-42b8-472f-8082-5f4214f77d5c" '
 'xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><ok/></rpc-reply>')


---
#### Task 3q - Verify Configuration Change

This NETCONF request will confirm the change to the **candidate** datastore now *does* appear in the **running** datastore on **R2**.

* Use YANG Suite to build a build an RPC which gets configuration data for the **R2** interfaces:
  * YANG Model - **Cisco-IOS-XE-native**
  * XPath - **/native/interface**
  * Copy and paste the data in the **\<filter\>** tag from YANG Suite to the **payload** variable (multiline string) below. 

In [75]:
# Create a multi-line string with an XML payload from YANG Suite
payload = '''
<filter>
 <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
  <interface/>
 </native>
</filter>
'''

In [76]:
# Create a <get-config> RPC message with ncclient
# Use the already-open NETCONF session in the 'conn' variable
# Once again, do not use the context manager for this exercise, in order to keep the NETCONF session open for multiple operations
# Use the "get_config" method, set the "source" keyword argument to "running", and set the "filter" keyword argument to add the XML payload to the RPC
response = conn.get_config(source='running', filter=payload)

In [77]:
# Convert the 'response.data_xml' attribute to a Python dictionary
py_response = xmltodict.parse(
    response.data_xml,
    dict_constructor=dict
)

pprint(py_response)

{'data': {'@xmlns': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          '@xmlns:nc': 'urn:ietf:params:xml:ns:netconf:base:1.0',
          'native': {'@xmlns': 'http://cisco.com/ns/yang/Cisco-IOS-XE-native',
                     'interface': {'GigabitEthernet': [{'ip': {'address': {'primary': {'address': '192.168.2.162',
                                                                                       'mask': '255.255.255.0'}}},
                                                        'mop': {'enabled': 'false',
                                                                'sysid': 'false'},
                                                        'name': '1',
                                                        'negotiation': {'@xmlns': 'http://cisco.com/ns/yang/Cisco-IOS-XE-ethernet',
                                                                        'auto': 'true'}},
                                                       {'ip': {'address': {'primary': {'address': '172.3

In [80]:
# Display configuration information in a more readable format
header_msg = '** Interface List **'
print(f'\n{"-" * len(header_msg)}')
print(header_msg)
print(f'{"-" * len(header_msg)}\n')

interface_config = py_response['data']['native']['interface']

for key, value in interface_config.items():
    # Data for multiple interfaces returns as a list of dictionaries
    if type(value) is list:
        for v in value:
            print(f'Interface: {key}{v["name"]}')
            print(f'\tDescription: {v.get("description", "None")}')
            if v.get('load-interval'):
                print(f'\tLoad Interval: {key}{value[0]["load-interval"]}')
            if v.get('ip'):
                print(f'\tIP Address: {v["ip"]["address"]["primary"]["address"]}')
                print(f'\tIP Address: {v["ip"]["address"]["primary"]["mask"]}\n')
            else:
                print('\tIP Address: Not assigned')
            
    # Data for a single interface returns as a dictionary
    else:
        print(f'Interface: {key}{value.get("name")}')
        print(f'\tDescription: {value.get("description", "None")}')
        if value.get('load-interval'):
            print(f'\tLoad Interval: {value["load-interval"]}')
        if value.get('ip'):
            print(f'\tIP Address: {value["ip"]["address"]["primary"]["address"]}')
            print(f'\tIP Address: {value["ip"]["address"]["primary"]["mask"]}\n')
        else:
            print('\tIP Address: Not assigned')


--------------------
** Interface List **
--------------------

Interface: GigabitEthernet1
	Description: None
	IP Address: 192.168.2.162
	IP Address: 255.255.255.0

Interface: GigabitEthernet2
	Description: None
	IP Address: 172.31.12.162
	IP Address: 255.255.255.0

Interface: Loopback10
	Description: None
	IP Address: Not assigned


---
#### Task 3r - Close the NETCONF Session

Now that the two-stage commit process is complete, we can manually close the NETCONF session to **R2**.
* **ncclient** has a **method** available named **close_session** which sends a NETCONF close session RPC.
* No other XML data is necessary to send the **close_session** RPC.

In [81]:
# Create a <close-session> RPC message with ncclient to gracefully close the NETCONF session to R2
response = conn.close_session()

In [82]:
# Display the attributes and methods in the response object
properties = [prop for prop in dir(response) if prop[0] != '_' ]
print(properties)

['ERROR_CLS', 'error', 'errors', 'ok', 'parse', 'xml']


In [83]:
# Display the 'xml' attribute of the "response" object and notice the "<ok/>" tag in the RPC response
pprint(response.xml)

('<?xml version="1.0" encoding="UTF-8"?>\n'
 '<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" '
 'message-id="urn:uuid:30112032-c0ef-44f9-8812-c90853190c67" '
 'xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><ok/></rpc-reply>')


---
#### Task 3s - Save Running Configurations to Startup Configurations

Now that configuration changes are complete to both **R1** and **R2**, we can copy the contents of the **running** datastore to the **startup** datastore.
* This is equivalent to the IOS-XE CLI command *copy running-config startup-config* and will preserve configuration changes across boot cycles.
* This action requires a proprietary XML RPC payload which Cisco provides in [IOS-XE documentation](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/166/b_166_programmability_cg/configuring_yang_datamodel.html#id_84436).


**IOS-XE Save Configuration RPC Payload:**
```xml
<?xml version="1.0" encoding="utf-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="">
    <cisco-ia:save-config xmlns:cisco-ia="http://cisco.com/yang/cisco-ia"/>
</rpc>
```


* **ncclient** has a **method** named **dispatch** which allows you to send a custom NETCONF RPC message.
* The **dispatch** method requires that the RPC payload be in the format of an XML document (not a raw string).
  * **lxml** is a Python module which can convert XML strings into an XML document.
  * **lxml** is available on [PyPI](https://pypi.org/project/lxml/) and is pre-installed in this environment.
  * The [**fromstring**](https://lxml.de/apidoc/lxml.etree.html?highlight=fromstring#lxml.etree.fromstring) method in the [**lxml.etree**](https://lxml.de/api.html#lxml-etree) class is the specific method we will use to perform the XML string to XML document conversion.


The next series of steps will:
* Create a **string** object with the Cisco IOS-XE-specific RPC to save configurations.
* Import the **fromstring** method from the **lxml.etree** class.
* Convert the **string** object into an **XML document**.
* Use the **ncclient dispatch method** to send the **XML document** to **R1** and **R2** within a NETCONF RPC.

In [84]:
# Create an XML string with the required payload to save the configuration
save_config_string = '<cisco-ia:save-config xmlns:cisco-ia="http://cisco.com/yang/cisco-ia"/>'

In [85]:
# Import the "fromstring" method from the lxml.etree class, to convert the payload string into an XML document
from lxml.etree import fromstring

In [86]:
# Use the "fromstring" method to convert the payload string into an XML document and assign the result to the variable "payload"
payload = fromstring(save_config_string)

In [87]:
# Print the type and contents of the "payload" variable
print(type(payload))
print(payload)

<class 'lxml.etree._Element'>
<Element {http://cisco.com/yang/cisco-ia}save-config at 0x7f8a4cb74040>


In [88]:
# Create <copy-config> RPC messages with ncclient, to copy the "running" datastore contents to the "startup" datastore, for both R1 & R2
with manager.connect(**r1) as conn:
    # Use the "dispatch" method and pass the XML-formatted payload as an argument
    r1_response = conn.dispatch(payload)

with manager.connect(**r2) as conn:
    # Use the "dispatch" method and pass the XML-formatted payload as an argument
    r2_response = conn.dispatch(payload)

In [89]:
# Display the attributes and methods in one of the response objects
properties = [prop for prop in dir(r1_response) if prop[0] != '_' ]
print(properties)

['ERROR_CLS', 'error', 'errors', 'ok', 'parse', 'xml']


In [90]:
# Display the 'xml' attribute of the "r1_response" and "rw_response" objects and notice the message in the <result> tag of each RPC response
print("R1 Response XML:")
print(r1_response.xml)

print("-" * 100)

print("R2 Response XML:")
print(r2_response.xml)

R1 Response XML:
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:89e92499-c243-42a5-bdf0-014a40318d46" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><result xmlns='http://cisco.com/yang/cisco-ia'>Save running-config successful</result>
</rpc-reply>
----------------------------------------------------------------------------------------------------
R2 Response XML:
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:44bd86a8-ce30-4e0b-b853-8d7a68610482" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"><result xmlns='http://cisco.com/yang/cisco-ia'>Save running-config successful</result>
</rpc-reply>


In [91]:
# Convert the 'r1_response.xml' and 'r2_response.xml' attributes to Python dictionaries
py_r1_response = xmltodict.parse(
    r1_response.xml,
    dict_constructor=dict
)

py_r2_response = xmltodict.parse(
    r2_response.xml,
    dict_constructor=dict
)

print("R1 Response Dictionary:")
pprint(py_r1_response)

print("-" * 100)

print("R2 Response Dictionary:")
pprint(py_r2_response)

R1 Response Dictionary:
{'rpc-reply': {'@message-id': 'urn:uuid:89e92499-c243-42a5-bdf0-014a40318d46',
               '@xmlns': 'urn:ietf:params:xml:ns:netconf:base:1.0',
               '@xmlns:nc': 'urn:ietf:params:xml:ns:netconf:base:1.0',
               'result': {'#text': 'Save running-config successful',
                          '@xmlns': 'http://cisco.com/yang/cisco-ia'}}}
----------------------------------------------------------------------------------------------------
R2 Response Dictionary:
{'rpc-reply': {'@message-id': 'urn:uuid:44bd86a8-ce30-4e0b-b853-8d7a68610482',
               '@xmlns': 'urn:ietf:params:xml:ns:netconf:base:1.0',
               '@xmlns:nc': 'urn:ietf:params:xml:ns:netconf:base:1.0',
               'result': {'#text': 'Save running-config successful',
                          '@xmlns': 'http://cisco.com/yang/cisco-ia'}}}


In [92]:
# Display the response information in a more readable format
print(f'Response from R1: {py_r1_response["rpc-reply"]["result"]["#text"]}')

print("-" * 50)

print(f'Response from R2: {py_r2_response["rpc-reply"]["result"]["#text"]}')

Response from R1: Save running-config successful
--------------------------------------------------
Response from R2: Save running-config successful


---
#### Lab Excersices Complete