Raguard
This chapter provides examples on how to use Netconf to manage RAGuard configurations on AsterNOS devices.
Get Current RAGuard Configurations
Section titled “Get Current RAGuard Configurations”Request example to get all RAGuard configurations via get-config with subtree filter.
<filter type="subtree"> <top> <raguard/> </top></filter>Response example
<data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <top> <raguard xmlns="http://asterfusion.com/ns/yang/asternos-raguard"> <interfaces> <interface> <name>Ethernet2</name> <role>hybrid</role> </interface> <interface> <name>Ethernet3</name> <role>router</role> </interface> </interfaces> <policies> <policy> <if-name>Vlan100</if-name> <hop-limit-high>200</hop-limit-high> <hop-limit-low>10</hop-limit-low> <managed-flag>true</managed-flag> <other-flag>true</other-flag> <prefix>2001:db8:1::/64</prefix> <prefix>2001:db8:2::/64</prefix> <router-pref-max>high</router-pref-max> <src-ip>2001:db8:1::1</src-ip> <src-ip>2001:db8:1::2</src-ip> <src-mac>00:11:22:33:44:55</src-mac> <src-mac>00:11:22:33:44:56</src-mac> </policy> </policies> </raguard> </top></data>Set RAGuard Configurations
Section titled “Set RAGuard Configurations”Request example to set RAGuard role of interface via edit-config.
<config> <top> <raguard> <interfaces> <interface> <name>Ethernet3</name> <role>router</role> </interface> </interfaces> </raguard> </top></config>Response example
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:78473a87-95cc-4903-ad01-4a1cc83e651d"> <ok/></rpc-reply>Request example to set RAGuard policy of vlan via edit-config.
<config> <top> <raguard> <interfaces> <interface> <name>Ethernet2</name> <role>hybrid</role> </interface> </interfaces> <policies> <policy> <if-name>Vlan100</if-name> <hop-limit-high>200</hop-limit-high> <hop-limit-low>10</hop-limit-low> <managed-flag>true</managed-flag> <other-flag>true</other-flag> <prefix>2001:db8:1::/64</prefix> <prefix>2001:db8:2::/64</prefix> <router-pref-max>high</router-pref-max> <src-ip>2001:db8:1::1</src-ip> <src-ip>2001:db8:1::2</src-ip> <src-mac>00:11:22:33:44:55</src-mac> <src-mac>00:11:22:33:44:56</src-mac> </policy> </policies> </raguard> </top></config>Response example
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:068c16a1-f9db-427c-b71f-99ef7f146123"> <ok/></rpc-reply>Delete RAGuard Configurations
Section titled “Delete RAGuard Configurations”Request example to delete RAGuard role of interface via edit-config.
<config> <top> <raguard> <interfaces> <interface operation="delete"> <name>Ethernet3</name> </interface> </interfaces> </raguard> </top></config>Response example
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:ecbca071-bfae-4004-af7d-b9c21fc3ce49"> <ok/></rpc-reply>Request example to delete RAGuard policy of interface via edit-config.
<config> <top> <raguard> <policies operation="delete"> <policy> <if-name>Vlan100</if-name> </policy> </policies> </raguard> </top></config>Response example
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:fabbb617-2230-43a4-ad41-cd85490f5db2"> <ok/></rpc-reply>