Nsobasic 4.2 LG PDF

NSO
Cisco Network Services

Orchestrator
Lab Guide
Version 4.2
DISCLAIMER WARRANTY: THIS CONTENT IS BEING PROVIDED “AS IS.” CISCO MAKES AND YOU RECEIVE NO WARRANTIES IN
CONNECTION WITH THE CONTENT PROVIDED HEREUNDER, EXPRESS, IMPLIED, STATUTORY OR IN ANY OTHER PROVISION OF
THIS CONTENT OR COMMUNICATION BETWEEN CISCO AND YOU. CISCO SPECIFICALLY DISCLAIMS ALL IMPLIED
WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR
PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. This learning product may contain early release
content, and while Cisco believes it to be accurate, it falls subject to the disclaimer above.
Table of Contents
Lab Guide........................................................................................................................... 1
Overview .................................................................................................................................. 1
Outline ....................................................................................................................................................1
Lab 1-1: Install NSO ................................................................................................................ 2
Activity Objective....................................................................................................................................2
Visual Objective .....................................................................................................................................2
Required Resources ..............................................................................................................................2
Job Aids .................................................................................................................................................2
Task 1: Connect to the Lab ....................................................................................................................3
Task 2: Install NSO Software.................................................................................................................5
Task 3: Install Cisco IOS and Cisco IOS XR NEDs...............................................................................9
Lab 2-1: Manage Devices...................................................................................................... 13
Activity Objective................................................................................................................................. 13
Visual Objective .................................................................................................................................. 13
Required Resources ........................................................................................................................... 13
Job Aids .............................................................................................................................................. 13
Task 1: Add Devices ........................................................................................................................... 14
Task 2: Create Device Groups ........................................................................................................... 17
Task 3: Create Customers .................................................................................................................. 19
Task 4: Create a Device Template ..................................................................................................... 19
Lab 3-1: Create a Service...................................................................................................... 26
Job Aids .............................................................................................................................................. 26
Task 1: Service Requirements and Service Model............................................................................. 27
Task 2: Create Device Templates ...................................................................................................... 34
Task 3: Deploy a Service Instance ..................................................................................................... 43
Lab 3-2: Manage Services .................................................................................................... 46
Job Aids .............................................................................................................................................. 46
Task 1: Manage Service Instances..................................................................................................... 46
Task 2: Assign Service Instances to Customers ................................................................................ 49
Lab 4-1: Use NSO APIs ......................................................................................................... 51
Job Aids .............................................................................................................................................. 51
Task 1: Create a Plug-and-Play Script ............................................................................................... 52
Task 2: Create a Shell Script .............................................................................................................. 55
Lab 4-2: Troubleshoot and Debug NSO ............................................................................... 57
Job Aids .............................................................................................................................................. 57
Task 1: Deploy a New Service............................................................................................................ 58
Task 2: Device Troubleshooting ......................................................................................................... 65
Task 3: System Troubleshooting ........................................................................................................ 65
Appendix 1............................................................................................................................. 66
Task 1: Optimize Service Model (Advanced) ..................................................................................... 66
© 2016 Cisco Systems, Inc. Lab Guide i

ii Cisco Network Services Orchestrator (NSO) v4.2 © 2016 Cisco Systems, Inc.
NSO
Lab Guide
Overview
This guide presents the instructions and other information concerning the lab activities for this course. The
activities follow the topics presented in lessons where you were provided with the necessary information in
order to be able to complete these lab exercises.
Outline
This guide includes these activities and the corresponding lessons:
 Lab 1-1: Install NSO
Module 2 Lesson 1: System Setup
 Lab 2-1: Manage Devices
Module 2 Lesson 2: Device Manager
 Lab 3-1: Create a Service
Module 3 Lesson 3: Service Design
 Lab 3-2: Manage a Service
Module 3 Lesson 4: Service Management
 Lab 4-1: Use NSO APIs
Module 4 Lesson 1: Cisco NSO Integration Options
 Lab 4-2: Troubleshoot and Debug NSO
Module 4 Lesson 2: Cisco NSO System Administration
 Appendix 1: Optimize Service Model
Lab 1-1: Install NSO
Complete this lab activity to practice what you have learned in the related training module.
Activity Objective
In this activity, you will install the NSO system. After completing this activity, you will be able to meet these
objectives:
 Install NSO software
 Perform initial system configuration
Visual Objective
The figure illustrates what you will accomplish in this activity.
Install Cisco
NSO software
Workstation
Cisco NSO DNS
Required Resources
These are the resources and equipment that are required to complete this activity:
 Cisco CCO account to access dCloud
 A personal computer with Cisco AnyConnect software and a browser supporting HTML5, JavaScript,
and Java or ActiveX
 An SSH client application (optional)
Job Aids
These job aids are available to help you complete the lab activity:
 Student guide: System Setup (Module 2 Lesson 1)
 The Workstation in the lab contains three documents on the desktop:
— NSO Getting Started Guide
2 Cisco Network Services Orchestrator (NSO) v4.2 © 2016 Cisco Systems, Inc.
— NSO Installation Guide
— NSO User Guide
Task 1: Connect to the Lab

The first task requires you to connect to the lab environment. Use these steps in case you are using Cisco
dCloud environment. Refer to the separately provided instruction if you are using another lab environment
(note that the topology and content of the lab should be the same).
Activity Procedure
Complete these steps:
Step 1 In the first step, you need to connect to the lab using one of the available mechanisms.
Step 2 Use a web browser to connect to https://dcloud.cisco.com and log in using you CCO account.
When asked, choose the Americas region.
Step 3 Click the My Dashboard link at the top-right corner of the page to access the lab that has been
shared with you.
Step 4 Click the Schedule demo link and select the time range for the lab. Make sure the lab is scheduled
until at least 18:00 (6 P.M.).
Step 5 Once the lab starts, you can click the View Demo link to connect to the lab.
Step 6 Now you need to establish an AnyConnect session. Click the Connect Laptop via AnyConnect link
and follow the steps to complete the establishment of a secure session to the lab. Navigate to
Session Details to get the AnyConnect link and credentials.
Note You need to have the Cisco AnyConnect client installed on your PC.
Your Lab
Cisco AnyConnect SSL VPN

Client Workstation
Internet
Your PC
Cisco NSO DNS
Step 7 Once the session is established, you can start connecting to lab devices:
 Workstation: click the Workstation icon in the Topology view and the click the Remote
Desktop link to open a new browser window with an RDP session to the Windows desktop.
Log in using the username Administrator and password C1sco12345. Alternatively, you can
© 2016 Cisco Systems, Inc. Lab Guide 3

use an arbitrary RDP client (e.g. mstsc.exe) to connect to the Workstation using IP address
198.18.133.253.
 NSO (Tail-F NCS): if you have an SSH client installed on your PC, you can access the server
directly using the IP address of the server (198.18.134.4). Alternatively, you can access the
server from within the RDP session to the Workstation, where you have Putty shortcuts
available on the desktop.
Your Lab
198.18.133.253
RDP Workstation
SSH
Internet
Your PC
198.18.134.4
Cisco NSO DNS
Step 8 Inspect the topology illustrated in the figure below:

 Workstation: the purpose of this Windows desktop is to serve as the desktop for managing the
environment. It contains desktop shortcuts to access NSO via SSH, to open Eclipse for service
creation or to use a browser or SSH client to connect to the NSO Web UI or CLI (once you
will have installed them).
 NSO: this is a Linux server that will host the NSO system.
 DNS: the DNS server is part of the lab but will not be actively used in any of the labs.
Workstation
Cisco NSO DNS
Step 9 Log in to the shell of the NSO system using the username cisco and password cisco. Accept the
public key if this is the first time you are connecting using your own SSH client software.
cisco@ncs:~$
Step 10 You have successfully connected to NSO if you get the prompt similar to what is shown above.
You can now proceed to the next task, where you will install the NSO software.
Task 2: Install NSO Software
In this task, you will install the NSO software.
Activity Procedure
Step 1 Use the SSH connection to the NSO server from the previous task.
Step 2 Start the installation using the information provided in the following table. It lists all the required
information needed to install the NSO software.
Parameter Value Comment
Location of installation /home/cisco Equals environment variable $HOME when

package logged in as user cisco.
NSO installation type local Local installation is recommended for all

purposes except the final production
deployment.
Installation directory $HOME/ncs-VERSION Replace the VERSION with the NSO version
as seen from the installation file.
This directory will be available in the
$NCS_DIR environment variable once you
use the source ncsrc command in the next
step.
Running directory $HOME/ncs-run
Note For practical purposes it is recommended to use the local installation (--local-install argument)
for all cases such as testing, development, training, proof of concept, demonstration, and similar.
Use the system installation (--system-install argument) only for a final pilot or full production
deployment. The flexibility of NSO allows you to easily migrate packages from, for example, a
development environment to a production environment.
Note In case of local installation, you do not need the elevated super user privileges. In case of a
system install, you would need to execute the installation by elevating the installation process to
super user privileges (e.g. using the sudo command).
cisco@NCS:~$ cd $HOME
cisco@NCS:~$ ls *.bin
nso-4.2.linux.x86_64.installer.bin
cisco@NCS:~$ sh nso-4.2.linux.x86_64.installer.bin $HOME/ncs-4.2
INFO Using temporary directory /tmp/ncs_installer.1962 to stage NCS
installation bundle
INFO Unpacked ncs-4.2 in /home/cisco/ncs-4.2
INFO Found and unpacked corresponding DOCUMENTATION_PACKAGE
INFO Found and unpacked corresponding EXAMPLE_PACKAGE
INFO Generating default SSH hostkey (this may take some time)
INFO SSH hostkey generated
INFO Environment set-up generated in /home/cisco/ncs-4.2/ncsrc
INFO NCS installation script finished
INFO Found and unpacked corresponding NETSIM_PACKAGE
INFO NCS installation complete
cisco@NCS:~$ ls -l
total 160424
drwxr-xr-x 2 cisco cisco 4096 Dec 19 2014 Desktop

drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Documents
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Downloads
-rw-r--r-- 1 cisco cisco 8980 Dec 5 2014 examples.desktop
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Music
drwxrwxr-x 17 cisco cisco 4096 Jan 21 21:41 ncs-4.2
-rwxrwxr-x 1 cisco cisco 209885025 May 15 14:35 nso-
4.2.linux.x86_64.installer.bin*
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Pictures
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Public
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Templates
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Videos
drwxrwxr-x 3 cisco cisco 4096 Jan 16 2015 workspace
cisco@NCS:~$
Step 3 The local installation relies on some environment variables that are placed into the ncsrc file
located in the directory where you installed the software. Make those variables available to your
shell session by changing to that directory and then using the source ncsrc command. This allows
NSO to access all the required resources within the sandboxed local installation (i.e. executables,
libraries, python, etc.).
cisco@NCS:~$ source $HOME/ncs-4.2/ncsrc
Step 4 Now you need to create a runtime environment in addition to the installation. Use the ncs-setup
command and place the runtime environment as a subdirectory of the installation location as
required by the table above.
cisco@NCS:~$ ncs-setup --dest $HOME/ncs-run
cisco@NCS:~$ ls -l
total 160424
drwxr-xr-x 2 cisco cisco 4096 Dec 19 2014 Desktop
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Documents
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Downloads
-rw-r--r-- 1 cisco cisco 8980 Dec 5 2014 examples.desktop
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Music
drwxrwxr-x 17 cisco cisco 4096 Jan 21 21:41 ncs-4.2
drwxrwxr-x 7 cisco cisco 4096 Jan 21 21:48 ncs-run
-rwxrwxrwx 1 cisco cisco 209885025 Jan 21 20:38 nso-
4.2.linux.x86_64.installer.bin
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Pictures
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Public
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Templates
drwxr-xr-x 2 cisco cisco 4096 Dec 5 2014 Videos
drwxrwxr-x 3 cisco cisco 4096 Jan 16 2015 workspace
cisco@NCS:~$
Step 5 Inspect the installation and try to determine the locations of the components listed in the table
below. For your own learning purposes and future reference, please record them in the space
provided in the table.
Parameter Value
Installation directory
Running directory
Active configuration directory (e.g. location

of the ncs.conf file)
Logging directory
Note The system installation would default to different directories. Refer to the installation guide and
the user guide for more information regarding the directory structure used in a system
installation.
Step 6 Start NSO by executing ncs in the running directory.

cisco@NCS:~/sw$ cd $HOME/ncs-run
cisco@NCS:~/ncs-run$ ncs
cisco@NCS:~/ncs-run$
Step 7 Once the NSO process is started, you should be able to connect to the server using the web user
interface (Web UI) or command line interface (CLI).
Step 8 Use a web browser to connect to the NSO Web UI. You can do that from Workstation by opening
Internet Explorer or Google Chrome and connecting to http://ncs:8080. Alternatively, you can do
it from your own PC by connecting to http://198.18.134.4:8080. Use username admin and
password admin to authenticate.
Step 9 Now use the preferred SSH client to connect to the NSO CLI. Use the same credentials as with
Web UI (admin/admin).
cisco@NCS:~/ncs-run$ ssh [email protected] -p 2024
The authenticity of host '[198.18.134.4]:2024 ([198.18.134.4]:2024)'
can't be established.
DSA key fingerprint is 53:15:04:86:79:ab:c8:c3:30:b4:bb:25:7f:46:de.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[198.18.134.4]:2024' (DSA) to the list of
known hosts.
[email protected]'s password:
admin connected from 198.18.134.4 using ssh on NCS

admin@ncs> switch cli
admin@ncs#

Step 10 On the desktop of Workstation, you can find Putty, which you can use to connect to NSO on port
2024.
Note Use the switch cli command to switch between the Cisco and Juniper CLI styles.
Activity Verification
You have completed this task when you attain these results:
 Successfully connected to the NSO Web UI:
 Successfully connected to the NSO CLI:
Task 3: Install Cisco IOS and Cisco IOS XR NEDs
In this task, you will install the Cisco IOS and Cisco IOS XR NEDs required to support the lab devices.
Activity Procedure
Step 1 In the shell of the NSO server, change the directory to $NCS_DIR/packages/neds.
cisco@NCS:~$ cd $NCS_DIR/packages/neds
cisco@NCS:~/ncs-4.2/packages/neds$ ls -l
drwxr-xr-x 8 cisco cisco 4096 Nov 26 15:06 a10-acos
drwxr-xr-x 8 cisco cisco 4096 Nov 26 15:06 cisco-ios
drwxr-xr-x 8 cisco cisco 4096 Nov 26 15:06 cisco-iosxr
drwxr-xr-x 8 cisco cisco 4096 Nov 26 15:06 cisco-nx
drwxr-xr-x 8 cisco cisco 4096 Nov 26 15:06 dell-ftos
drwxr-xr-x 6 cisco cisco 4096 Nov 26 15:07 juniper-junos
cisco@NCS:~/ncs-4.2/packages/neds$
Step 2 Which NEDs are available after the installation? For your own learning purposes, write down the
results in the table below.
Package Path to the Package
Note Those NEDs are lab grade NEDs. We will use IOS provided by the installation and the new
version of IOS-XR NED provided in the repository. The repository is located at /opt/repo.
cisco@NCS:~/ncs-4.2/packages/neds$ ls -l /opt/repo
drwxr-xr-x 8 cisco cisco 4096 Jan 24 23:48 cisco-iosxr-4.1
cisco@NCS:/opt/repo$
Step 3 Change the directory to cisco-ios/src. This directory contains the Makefile to compile the Java
parts of the Cisco IOS NED. Compile NED by issuing the make command.
cisco@NCS:~/ncs-4.2/packages/neds$ cd cisco-ios/src
cisco@NCS:~/ncs-4.2/packages/neds/cisco-ios/src$ make
/home/cisco/ncs-4.2/bin/ncsc --java-disable-prefix --exclude-enums --
fail-on-warnings --java-package com.tailf.packages.ned.ios.namespaces --
emit-java java/src/com/tailf/packages/ned/ios/namespaces/CiscoIos.java
ncsc-out/modules/fxs/tailf-ned-cisco-ios.fxs
emit-java
java/src/com/tailf/packages/ned/ios/namespaces/CiscoIosStats.java ncsc-
out/modules/fxs/tailf-ned-cisco-ios-stats.fxs

emit-java java/src/com/tailf/packages/ned/ios/namespaces/CiscoIosId.java
ncsc-out/modules/fxs/tailf-ned-cisco-ios-id.fxs
cd java && ant -q all
BUILD SUCCESSFUL
Total time: 4 seconds
cd ../netsim && make all
make[1]: Entering directory `/home/cisco/ncs-4.2/packages/neds/cisco-
ios/netsim'
make[1]: Nothing to be done for `all'.
make[1]: Leaving directory `/home/cisco/ncs-4.2/packages/neds/cisco-
ios/netsim'
cisco@NCS:~/ncs-4.2/packages/neds/cisco-ios/src$
Step 4 Now change the directory to /opt/repo/cisco-iosxr-4.1/src. Compile the Cisco IOS XR NED
package as well by issuing the make command again.
cisco@NCS:~/ncs-4.2/packages/neds/cisco-ios$ cd /opt/repo/cisco-iosxr-
4.1/src
cisco@NCS:/opt/repo/cisco-iosxr-4.1/src$ make
cd java && ant -q all
[javac] warning: [options] bootstrap class path not set in
conjunction with -source 1.6
[javac] /opt/repo/cisco-iosxr-
4.1/src/java/src/com/tailf/packages/ned/iosxr/IosxrNedCli.java:168:
warning: [deprecation] CONNECT_CONNECTION_REFUSED in NedWorker has been
deprecated
[javac]
worker.connectError(NedWorker.CONNECT_CONNECTION_REFUSED,
[javac] ^
[javac] /opt/repo/cisco-iosxr-
4.1/src/java/src/com/tailf/packages/ned/iosxr/IosxrNedCli.java:168:
warning: [deprecation] connectError(int,String) in NedWorker has been
deprecated
[javac]
worker.connectError(NedWorker.CONNECT_CONNECTION_REFUSED,
[javac] ^
[javac] 3 warnings
BUILD SUCCESSFUL
Total time: 3 seconds
cd ../netsim && make all
make[1]: Entering directory `/opt/repo/cisco-iosxr-4.1/netsim'
/home/cisco/ncs-4.2/netsim/confd/bin/confdc -c --export none -o aaa.fxs
/home/cisco/ncs-4.2/netsim/confd/src/confd/aaa/tailf-aaa.yang
/home/cisco/ncs-4.2/netsim/confd/bin/confdc -c --export none -a
/home/cisco/ncs-4.2/netsim/confd/src/confd/yang/ietf-netconf-acm-
ann.yang\
-o ietf-netconf-acm.fxs /home/cisco/ncs-
4.2/netsim/confd/src/confd/yang/ietf-netconf-acm.yang
make[1]: Leaving directory `/opt/repo/cisco-iosxr-4.1/netsim'
cisco@NCS:/opt/repo/cisco-iosxr-4.1/src$
Step 5 The two NEDs are now compiled and available for use but they are not available to the running
instance of NSO. One of the ways to make them available to the running instance is by linking a
directory in the ncs-run/packages directory to point to the location of the NEDs in the repository.
cisco@NCS:/opt/repo/cisco-iosxr-4.1/src$cd $HOME/ncs-run/packages
cisco@NCS:~/ncs-run/packages$ ln -s /home/cisco/ncs-
4.2/packages/neds/cisco-ios cisco-ios
cisco@NCS:~/ncs-run/packages$ ln -s /opt/repo/cisco-iosxr-4.1 cisco-
iosxr
Step 6 Now connect to the NSO CLI (SSH to 198.18.134.4 on port 2024).
cisco@NCS:~$ ssh [email protected] -p 2024

admin@ncs>
Step 7 Force a reload of the packages in order for Cisco IOS and Cisco IOS XR packages to be available
to the running instance of NSO. Use the packages reload command (if you are using the Cisco
style CLI) or the request packages reload command (if you are using the Juniper style CLI). Use
the switch cli command to use your preferred CLI flavor.
admin@ncs# packages reload
>>> System upgrade is starting.

>>> Sessions in configure mode must exit to operational mode.
>>> No configuration changes can be performed until upgrade has
completed.
>>> System upgrade has completed successfully.
reload-result {
package cisco-ios
result true
}
reload-result {
package cisco-iosxr
result true
}
admin@ncs#
Note The remainder of this document will provide guidelines and printouts using the Cisco style CLI.
The output of show commands will also produce a Cisco style output which may not be the
same if you are using the Juniper style CLI.
You have completed this task when you attain this result:
 Use the NSO CLI show packages or show packages package package-version commands to view the
installed packages.
admin@ncs# show packages
packages package cisco-ios
package-version 3.0
description "NED package for Cisco IOS"
ncs-min-version [ 3.0.2 ]
directory ./state/packages-in-use/1/cisco-ios
component upgrade-ned-id
upgrade java-class-name com.tailf.packages.ned.ios.UpgradeNedId
component cisco-ios
ned cli ned-id cisco-ios
ned cli java-class-name com.tailf.packages.ned.ios.IOSNedCli

ned device vendor Cisco
NAME VALUE
---------------------
show-tag interface
build-info date "2016-05-18 07:25:22"

build-info file ncs-4.2_HEAD-cisco-ios-3.0.tar.gz
build-info arch linux.x86_64
build-info java "compiled Java class data, version 50.0 (Java 1.6)"
build-info package name cisco-ios
build-info package version 3.0
build-info package ref 3.0
build-info package sha1 34698ef
build-info ncs version 4.2_HEAD
build-info ncs sha1 faef6ff
build-info dev-support version 1.0
build-info dev-support branch master
build-info dev-support sha1 78ad9ef
oper-status up
packages package cisco-iosxr
package-version 4.1
description "NED package for Cisco IOS XR"
ncs-min-version [ 3.3.6 3.4.1 4.0 4.1 ]
directory ./state/packages-in-use/1/cisco-iosxr
component cisco-ios-xr
ned cli ned-id cisco-ios-xr
ned cli java-class-name com.tailf.packages.ned.iosxr.IosxrNedCli
ned device vendor Cisco
NAME VALUE
---------------------
show-tag interface
build-info date "2016-01-24 23:47:55"

build-info file ncs-4.1.1-cisco-iosxr-4.1.tar.gz
build-info arch linux.x86_64
build-info java "compiled Java class data, version 50.0 (Java 1.6)"
build-info package name cisco-iosxr
build-info package version 4.1
build-info package ref 4.1
build-info package sha1 70a1d91
build-info ncs version 4.1.1
build-info ncs sha1 ""
build-info dev-support version 1.0
build-info dev-support branch master
build-info dev-support sha1 5ac24af
oper-status up
admin@ncs#
admin@ncs# show packages package package-version
PACKAGE
NAME VERSION
----------------------
cisco-ios 3.0
cisco-iosxr 4.1
Lab 2-1: Manage Devices
Complete this lab activity to practice what you learned in the related training lesson.
Activity Objective
In this activity, you will manage device in NSO using Web UI and CLI. After completing this activity, you
will be able to meet these objectives:
 Add devices to NSO
 Create device groups
 Create device templates
Visual Objective
The figure illustrates what you will accomplish in this activity. The lab consists of a number of emulated
devices that are available in your environment. As the first post-installation steps, you will have to add these
devices to the NSO and then perform some initial tasks (e.g. synchronize configurations, create device
groups, create device templates, and make sure all devices of the same type share the same common
configuration).
192.168.11.0/24
CE11 CE12
PE11 PE12
Cisco NSO
192.168.21.0/24 192.168.31.0/24
IOS XR
CE21 PE21 PE31 CE31
Required Resources
The same requirements as explained in the first lab.
Job Aids
These job aids are available to help you complete the lab activity.
 Student guide: Device Manager (Module 2 Lesson 2)
 The Workstation in the lab contains two documents on the desktop:
— NSO User Guide

Task 1: Add Devices
The first task requires you to add a set of devices to manage. In the lab, we do not use real or virtual devices,
instead we use emulated devices provided by the functionality of the Cisco IOS and Cisco IOS XR NEDs.
The first step requires you to add these devices to the NSO configuration that will be used throughout this
course.
Activity Procedure
Step 1 The lab is already provided with the set of emulated devices, and the files are located in the
/opt/lab directory. You should start the lab.
Note Do not forget to set environment variables if you have just logged in to server.
cisco@NCS:~$ source $HOME/ncs-4.2/ncsrc

cisco@NCS:~$ cd /opt/lab
cisco@NCS:/opt/lab$ ncs-netsim start
DEVICE PE11 OK STARTED
DEVICE CE11 OK STARTED
cisco@ncs:/opt/lab#
Step 2 Now that the devices are available, you can start adding them to the NSO configuration.
Step 3 Using the ncs-netsim command, you can see ports that are used by virtual devices. Also, you can
determine if a virtual device is running or not.
cisco@NCS:/opt/lab$ ncs-netsim list
ncs-netsim list for /opt/lab/netsim
name=PE11 netconf=12101 snmp=11101 ipc=5101 cli=10101

dir=/opt/lab/netsim/c/c0
name=CE11 netconf=12104 snmp=11104 ipc=5104 cli=10104
dir=/opt/lab/netsim/x/x0
cisco@NCS:/opt/lab$ ncs-netsim is-alive PE11
DEVICE PE11 OK
cisco@NCS:/opt/lab$
Name Type IP Address SSH Port
PE11 Cisco IOS 127.0.0.1 10101
PE12 Cisco IOS 127.0.0.1 10102
PE21 Cisco IOS XR 127.0.0.1 10103
PE31 Cisco IOS 127.0.0.1 10104
CE11 Cisco IOS 127.0.0.1 10105
CE12 Cisco IOS 127.0.0.1 10106
CE21 Cisco IOS 127.0.0.1 10107
CE31 Cisco IOS 127.0.0.1 10108
Step 4 Using CLI, manually add the device to NSO.
Step 5 Initially, devices are southbound locked, meaning that no configuration action can be pushed
down to the devices. You should set admin-state to unlocked. Also, in order to enable
communication between NSO and device, SSH keys have to be retrieved.
cisco@NCS:~$ ssh [email protected] -p 2024

admin@ncs# config
Entering configuration mode terminal
admin@ncs(config)# devices device PE11
admin@ncs(config-device-PE11)# address 127.0.0.1 port 10101
admin@ncs(config-device-PE11)# device-type cli ned-id cisco-ios protocol
ssh
admin@ncs(config-device-PE11)# authgroup default
admin@ncs(config-device-PE11)# state admin-state unlocked
admin@ncs(config-device-PE11)# commit
Commit complete.
admin@ncs(config-device-PE11)# top
admin@ncs(config)# exit
admin@ncs# devices fetch-ssh-host-keys device [ PE11 ]
fetch-result {
device PE11
result updated
fingerprint {
algorithm ssh-dss
value b5:69:f4:05:15:18:ae:1f:77:b7:ea:d0:42:26:d0:23
}
}
admin@ncs#
Note The emulated devices use local authentication, so we do not need to perform any additional
configuration steps for authentication. In a real environment, you would have to modify the
authentication group default (i.e. authgroup default) or create a new authentication group where
you would specify the credentials for NSO to use when connecting to devices.
Step 6 There are better and faster ways of importing devices to NSO. In the lab, we are using netsim
simulated devices and we can export all of those using the ncs-netsim program.
cisco@NCS:/opt/lab$ ncs-netsim ncs-xml-init > devices.xml

Step 7 NSO provides other mechanisms that can be used for bulk importing of devices. Use the ncs_load
program to load the set of devices using a pre-built list of devices. Import the file that was created
in the previous step.
cisco@ncs:/opt/lab$ ncs_load -l -m devices.xml
cisco@ncs:/opt/lab$
Note The –l argument is used to trigger a load operation. The –m argument is used to merge with
possible existing data. Use man ncs_load or ncs_load --help to get more information about this
tool.
Step 8 You should now have all eight devices in the NSO configuration and ready to be used.
admin@ncs# show devices brief
NAME ADDRESS DESCRIPTION NED ID
------------------------------------------
CE11 127.0.0.1 - cisco-ios
CE12 127.0.0.1 - cisco-ios
CE21 127.0.0.1 - cisco-ios
CE31 127.0.0.1 - cisco-ios
PE11 127.0.0.1 - cisco-ios
PE12 127.0.0.1 - cisco-ios
PE21 127.0.0.1 - cisco-ios-xr
PE31 127.0.0.1 - cisco-ios
admin@ncs#
Step 9 Use the NSO CLI to retrieve the initial configurations from devices and store them in NSO's
configuration database (CDB).
admin@ncs# devices sync-from
sync-result {
device CE11
result true
}
sync-result {
device CE12
result true
}
sync-result {
device CE21
result true
}
sync-result {
device CE31
result true
}
sync-result {
device PE11
result true
}
sync-result {
device PE12
result true
}
sync-result {
device PE21
result true
}
sync-result {
device PE31
result true
}
admin@ncs#
Note There are also other ways of adding devices to NSO. Some of the tools that could also be used
for that will be discussed in a later lab.
 You see all the devices added to NSO.
 All devices were successfully synced.
Task 2: Create Device Groups

In this task, you will create three device groups, one for PE routers, another for CE routers and a third one for
all routers. This will allow us to execute some actions not only on a device-by-device basis but also on an
entire group of devices.
Activity Procedure
Step 1 First add the group “PE routers”. You can always use the Tab key or question mark as a command
auto-completion and help.
admin@ncs# config
admin@ncs(config)# devices ?
Possible completions:
authgroups - Authentication for managed devices
check-sync - Check if the NCS config is in sync with the
device
check-yang-modules - Check if NCS and the devices have compatible
YANG modules
clear-trace - Clear all trace files
commit-queue - List of queued commits
connect - Set up sessions to all unlocked devices
device - The list of managed devices
device-group - Groups of devices
disconnect - Close all sessions to all devices
fetch-ssh-host-keys - Retrieve SSH host keys from all devices
global-settings - Global settings for all managed devices.
mib-group - A list of named groups of MIBs
profiles - Device profile parameters
session-pool - List of pooled NED sessions
sync - DEPRECATED - use sync-to or sync-from instead
sync-from - Synchronize the config by pulling from the
devices
sync-to - Synchronize the config by pushing to the devices
template - Named configuration templates for devices
admin@ncs(config)# devices device-group "PE Routers"
Step 2 Add devices in group. Tab or question mark also reveal possible command completion options or
possible variable values.
admin@ncs(config-device-group-PE Routers)# device-name ?
CE11 CE12 CE21 CE31 PE11 PE12 PE21 PE31 [
admin@ncs(config-device-group-PE Routers)# device-name [ PE11 PE12 PE21
PE31 ]
Step 3 Now repeat the previous step to create the group “CE Routers”.
admin@ncs(config-device-group-PE Routers)# top
admin@ncs(config)# devices device-group "CE Routers"
admin@ncs(config-device-group-CE Routers)# device-name [ CE11 CE12 CE21
CE31 ]
Step 4 Create a third group, which will consist of the two previously created groups:
admin@ncs(config-device-group-CE Routers)# top
admin@ncs(config)# devices device-group "All Routers"
admin@ncs(config-device-group-All Routers)# device-group [ "PE Routers"
"CE Routers" ]
Step 5 The last step in configuring those device groups is to commit the configuration. Current
configuration that is not yet committed can be seen using the show configuration command. You
always have an option to cancel the current configuration using the abort command and to
commit the configuration using the commit command.
admin@ncs(config-device-group-All Routers)# top
admin@ncs(config)# show configuration
devices device-group "All Routers"
!
devices device-group "PE Routers"
device-name [ PE11 PE12 PE21 PE31 ]
!
devices device-group "CE Routers"
device-name [ CE11 CE12 CE21 CE31 ]
!
devices device-group "All Routers"
device-group [ "CE Routers" "PE Routers" ]
!
admin@ncs(config)# commit
Commit complete.
 All groups were successfully created.
admin@ncs# show devices device-group member
NAME MEMBER
----------------------------------------------------------
All Routers [ CE11 CE12 CE21 CE31 PE11 PE12 PE21 PE31 ]
CE Routers [ CE11 CE12 CE21 CE31 ]
PE Routers [ PE11 PE12 PE21 PE31 ]
admin@ncs#
Task 3: Create Customers
Create one or more customers in NSO.
Activity Procedure
Step 1 Using Tab or question mark, determine the proper command syntax.
admin@ncs# conf
admin@ncs(config)# customers customer ACME
admin@ncs(config-customer-ACME)#
Step 2 Give the customer a short name and set the status of active.
admin@ncs(config-customer-ACME)# rank 1
admin@ncs(config-customer-ACME)# status active
admin@ncs(config-customer-ACME)# top
Commit complete.
Step 3 Repeat the above steps to configure as many customers as you wish.
 At least one customer was created.
admin@ncs# show running-config customers
customers customer ACME
rank 1
status active
!
admin@ncs#
Task 4: Create a Device Template

Create a device template that will be used for setting common parameters on all routers.
Activity Procedure
Step 1 Log in to NSO CLI either using SSH or the ncs_cli command.
Step 2 Using Cisco style CLI, switch into ‘config’ mode.
Note With these templates, we are providing device-specific commands to ensure that all devices of
the same type will have the same common configuration.

Tip In order to find a configuration command, it helps to know the device-type-specific command.
For example, in Cisco IOS XR, the domain name is configured using the domain command. In
Cisco IOS, the domain is configured using the ip domain command. In order to find and put
together the correct command, you can navigate through the device YANG model using the
Tab key. Create the following common configuration options for the two device types used in
the lab (Cisco IOS and Cisco IOS XR).
Parameter Value
NTP Server 10.0.0.1
Domain Name cisco.com
DNS Server 198.18.133.1
Use the following native configuration examples to help you perform this step:
Cisco IOS
ntp server 10.0.0.1
ip domain name cisco.com
ip name-server 198.18.133.1
Cisco IOS XR
ntp server 10.0.0.1
domain name cisco.com
domain name-server 198.18.133.1
Step 3 Create a new device configuration template called ‘Common’ and enter the template configuration
mode through the devices template config command.
admin@ncs# config
admin@ncs(config)# devices template "Common Device Parameters" config
admin@ncs(config-config)#
Step 4 Add Cisco IOS related configuration by using the ‘ios:’ tag, e.g.
admin@ncs(config-config)# ios:ip domain name cisco.com
admin@ncs(config-config)# ios:ip name-server [ 198.18.133.1 ]
admin@ncs(config-config)# ios:ntp server server-list 10.0.0.1
admin@ncs(config-server-list-10.0.0.1)# exit
admin@ncs(config-config)#
Step 5 Add Cisco IOS XR related configuration by using the ‘cisco-ios-xr:’ tag, e.g.
admin@ncs(config-config)# cisco-ios-xr:domain name cisco.com
admin@ncs(config-config)# cisco-ios-xr:domain name-server 198.18.133.1
admin@ncs(config-name-server-198.18.133.1)# exit
admin@ncs(config-config)# cisco-ios-xr:ntp server server-list 10.0.0.1
admin@ncs(config-server-10.0.0.1)# top
Commit complete.
admin@ncs(config)#
Step 6 Check the template configuration.

admin@ncs(config)# show full-configuration devices template "Common
Device Parameters"
devices template "Common Device Parameters"
config
cisco-ios-xr:domain name cisco.com
cisco-ios-xr:domain name-server 198.18.133.1
!
cisco-ios-xr:ntp server server-list 10.0.0.1
!
ios:ip domain name cisco.com
ios:ip name-server [ 198.18.133.1 ]
ios:ntp server server-list 10.0.0.1
!
!
Step 7 Apply the template to the “All Routers” device group by using the devices device-group apply-
template template-name command.
admin@ncs(config)# devices device-group "All Routers" apply-template
template-name "Common Device Parameters"
apply-template-result {
device CE11
result ok
}
device CE12
result ok
}
device CE21
result ok
}
device CE31
result ok
}
device PE11
result ok
}
device PE12
result ok
}
device PE21
result ok
}
device PE31
result ok
Step 8 Issue the commit dry-run command and check the configuration changes.
A
admin@ncs(config)# commit dry-run
device CE11
config {
ios:ip {
domain {
+ name cisco.com;
}
+ name-server 198.18.133.1;

}
ios:ntp {
server {
+ server-list 10.0.0.1 {
+ }
}
}
}
device CE12
config {
ios:ip {
domain {
+ name cisco.com;
}
+ name-server 198.18.133.1;
}
ios:ntp {
server {
+ }
}
}
}
device CE21
config {
ios:ip {
domain {
+ name cisco.com;
}
+ name-server 198.18.133.1;
}
ios:ntp {
server {
+ }
}
}
}
device CE31
config {
ios:ip {
domain {
+ name cisco.com;
}
+ name-server 198.18.133.1;
}
ios:ntp {
server {
+ }
}
}
}
device PE11
config {
ios:ip {
domain {
+ name cisco.com;
}
+ name-server 198.18.133.1;
}
ios:ntp {
server {
+ }
}
}
}
device PE12
config {
ios:ip {
domain {
+ name cisco.com;
}
+ name-server 198.18.133.1;
}
ios:ntp {
server {
+ }
}
}
}
device PE21
config {
cisco-ios-xr:domain {
+ name cisco.com;
+ # first
+ name-server 198.18.133.1;
}
cisco-ios-xr:ntp {
+ server 10.0.0.1 {
+ }
}
}
device PE31
config {
ios:ip {
domain {
+ name cisco.com;
}
+ name-server 198.18.133.1;
}
ios:ntp {
server {
+ }
}
}
}
admin@ncs(config)
Step 9 Finally, commit this configuration by using commit.

Commit complete.
admin@ncs(config)#

 You should see Cisco IOS (ios:) and Cisco IOS XR (cisco-ios-cr:) items in the template for all the
required configuration parameters.
admin@ncs# show running-config devices template config
devices template "Common Device Parameters"
config
cisco-ios-xr:domain name cisco.com
cisco-ios-xr:domain name-server 198.18.133.1
!
cisco-ios-xr:ntp server server-list 10.0.0.1
!
ios:ip name-server [ 198.18.133.1 ]
ios:ntp server server-list 10.0.0.1
!
!
!
admin@ncs#
 When checking device configuration, you should see the new configuration commands on the device.
admin@ncs(config)# admin@ncs(config)# show full-configuration devices device
PE11
devices device PE11
address 127.0.0.1
port 10022
ssh host-key ssh-dss
key-data
"AAAAB3NzaC1kc3MAAACBAIMPA3H7rORCErOMUaWnSStEZqgonmRDPN0qbroiVHNS6rX8Nd12\n/7Vkg
j9VuXzngETfPo0goFIq5y6B+hMKjQhLnc29JxH7jYpRdLO5qAvFgEsMixOWNTVbxT5a\nD6in54HBtzh
2tiKYPd57aKHAW1uP0DE2bDShK3yZpc9dJRtXAAAAFQCMQ5jr0rm/7DHrE2P3\nAGHA4UYWWwAAAIBmx
ChndAobkkmFcyisEXacW84ICc7fVgBfDHF8oayxB8c2CSVrBBiaR/je\nb2cF6/1evwr+0NES0HF/O+K
IvxFFuPWGaMLOrZM/2FeFvWtf/qVJWO6vMRZa88wR3gsvqB5/\nTPM13iU3VmOiJxyLEK2NKaMnrFNbT
D17pJ6wCXwKxgAAAIBi7MoRpYWhjWeURPz6+LM6FY6q\nxMmh9LYleL38lod8hZzA0zvdaiZIY6GLgNg
bwG4V7FXnAqfCROy0CF2Tvq2N3F7eTnRFhXdH\nnWWxQdcfbERNL35UN78WozKzMyHmdy3FbkwtMsR2l
L+ylCJWOGEU5ZP4VIK3ng3h5qOB63si\nvQ=="
!
authgroup default
device-type cli ned-id cisco-ios
device-type cli protocol ssh
state admin-state unlocked
config
no ios:service pad
ios:hostname PE11
no ios:ip domain-lookup
no ios:ip http secure-server
ios:ip name-server 198.18.133.1
ios:ip source-route
ios:interface GigabitEthernet0/1
exit
…
…
output ommitted
…
…
exit
ios:interface Loopback0
exit
ios:ntp server 10.0.0.1
!
!
admin@ncs(config)#

Lab 3-1: Create a Service
Complete this lab activity to practice what you have learned in the related training lesson.
Activity Objective
In this activity, you will create a simple point-to-point Layer-2 MPLS VPN service. After completing this
activity, you will be able to meet these objectives:
 Design service requirements
 Create device templates
 Create a YANG service model
 Deploy a service
Visual Objective
The figure illustrates what you will accomplish in this activity. In this lab, we will provide a service to enable
customers to interconnect their sites using Layer-2 connectivity in order to support high availability for the
services where Layer-2 connectivity is required.
Provider Network Data Center

Layer- 2 Connectivity
DRC
Required Resources
Job Aids
 Student guide: Service Design (Module 3 Lesson 3)
 The Workstation in the lab contains two documents on the desktop:
— NSO User Guide
Task 1: Service Requirements and Service Model
The first task requires you to design a service model based on the provided high-level service requirements.
The following figure illustrates the topology of the sample Layer-2 MPLS VPN implementation.
192.168.11.0/24
CE11 CE12
Gi0/ 9
NSO
PE11 PE12
L2 MPLS VPN
Gi0/ 0/ 0/ 9
192.168.21.0/24 192.168.31.0/24
IOS XR
CE21 PE21 PE31 CE31
The following table describes the service characteristics and requirements. Use this information as a starting
point for creating a service model.
Parameter Description
VPN Instance Name This is a unique identifier describing an instance of a deployed point-to-point Layer-
2 MPLS VPN.
It is used to provide a descriptive name for the service instance.
Pseudowire Identifier This is a unique number that is used to identify the pseudowire connection across
MPLS between two PE routers.
Device1 Each attachment circuit is connected to a device (PE router).

Currently, there are two device types used for PE routers:
Cisco IOS routers
Cisco IOS XR routers
Interface1 Attachment circuit contains an interface.

Currently, only GigabitEthernet interfaces are used for the service.
Remote IP1 Each attachment circuit is connected to a remote end identified by the loopback
address of the other PE router.
All PE routers in the network have Loopback0 addresses in the 10.0.0.X/24
network.
Device2 Each attachment circuit is connected to a device (PE router).

Currently, there are two device types used for PE routers:
- Cisco IOS routers
- Cisco IOS XR routers
Interface2 Attachment circuit contains an interface.

Currently, only GigabitEthernet interfaces are used for the service.
Remote IP2 Each attachment circuit is connected to a remote end identified by the loopback
address of the other PE router.
All PE routers in the network have Loopback0 addresses in the 10.0.0.X/24
network.

Activity Procedure
Step 1 Connect to the NSO shell.
Step 2 Change to directory $HOME/ncs-run/packages.
Step 3 Create a template-based service skeleton using the ncs-make-package command. Use ncs-make-
package --help or man ncs-make-package to learn how to create template-based packages. Use
“l2vpn” as the name of the new service.
cisco@NCS:~$ cd $HOME/ncs-run/packages
cisco@NCS:~/ncs-run/packages$ ls
cisco-ios cisco-iosxr
cisco@NCS:~/ncs-run/packages$ ncs-make-package --service-skeleton
template l2vpn
cisco-ios cisco-iosxr l2vpn
cisco@NCS:~/ncs-run/packages$
Step 4 Edit the service model YANG file using your favorite text editor. You may also use the
Notepad++ text editor on Workstation, which will provide you with syntax highlighting for
YANG (the N: drive is mapped to NSO, so you can easily access the files on NSO).
cisco@NCS:~/ncs-run/packages$ cd l2vpn/src/yang
cisco@NCS:~/ncs-run/packages/l2vpn/src/yang$ vim l2vpn.yang
Step 5 Use the table below to fine-tune the service characteristics based on YANG functionality. Extra
space is provided in case you will use any additional YANG statements.
Statement Name Data Type Restriction Other
Service name l2vpn list n/a n/a
VPN Instance Name name string key for list l2vpn
VPN Identifier
Device1
Interface1
RemoteIP1
Device2
Interface2
RemoteIP2
Step 6 Create the formal YANG service model based on your informal service design and the
characteristics defined in the previous step. The figure above illustrates one possible approach and
the sample service instance data:
 A list used to support multiple instances of the service. The list is identified by a unique name
(key).
 The L2 MPLS VPN uses the pw-id as the pseudowire identifier, which should also be unique.
list l2vpn {
key name;
unique pw-id;
leaf name {
type string;
}
leaf pw-id {
mandatory true;
type uint32;
}
 Each link resides on a provider edge (PE) router, so we need to assign a PE router to both
links. A leafref statement is used to link into the NSO's device list.
leaf device1 {
tailf:info “PE Router1”;
mandatory true;
type leafref {
path "/ncs:devices/ncs:device/ncs:name";
}
}
 Each link is assigned a customer-facing interface, which is identified by the interface number
(intf-number). At this time, we will only assign physical GigabitEthernet interfaces.
leaf intf-number1 {
tailf:info “GigabitEthernet Interface ID”;
mandatory true;
type string {
pattern "[0-9]{1,2}(/[0-9]{1,2}){1,3}";

}
}
 Each attachment circuit must also be connected via MPLS (signaling via LDP)
to the other PE router. Therefore, we must specify the IP address (remote-ip) of
the Loopback0 interface on the other PE router (i.e. on the other link instance).
leaf remote-ip1 {
tailf:info "Loopback0 IP Address of Remote PE (10.0.0.X)";
mandatory true;
type inet:ipv4-address {
pattern "10\.0\.0\.[0-9]+";
}
}
 Next, repeat the statements for the second device and its elements.
leaf device2 {
tailf:info "PE Router2";
mandatory true;
type leafref {
}
}
leaf intf-number2 {
tailf:info "GigabitEthernet Interface ID";
mandatory true;
type string {
pattern "[0-9]{1,2}(/[0-9]{1,2}){1,4}";
}
}
leaf remote-ip2 {
mandatory true;
pattern "10\.0\.0\.[0-9]+";
}
}
Step 7 Save the file when you are done writing your YANG module.
module l2vpn {
namespace "http://com/example/l2vpn";
prefix l2vpn;
import ietf-inet-types {
prefix inet;
}
import tailf-ncs {
prefix ncs;
}
import tailf-common {
prefix tailf;
}
augment /ncs:services {
list l2vpn {
key name;
unique pw-id;
uses ncs:service-data;
ncs:servicepoint "l2vpn";
leaf name {
tailf:info "Service Instance Name";
type string;
}
leaf pw-id {
tailf:info "Unique Pseudowire ID";
mandatory true;
type uint32 {
range "1..4294967295";
}
}
leaf device1 {
mandatory true;
type leafref {
}
}
leaf intf-number1 {
mandatory true;
type string {
pattern "[0-9]{1,2}(/[0-9]{1,2}){1,4}";
}
}
leaf remote-ip1 {
mandatory true;
pattern "10\.0\.0\.[0-9]+";
}
}
leaf device2 {
mandatory true;
type leafref {
}
}
leaf intf-number2 {
mandatory true;
type string {
pattern "[0-9]{1,2}(/[0-9]{1,2}){1,4}";
}
}
leaf remote-ip2 {
mandatory true;

pattern "10\.0\.0\.[0-9]+";
}
}
}
}
}
Step 8 You may validate your YANG file using pyang. Keep making corrections to your YANG file
until pyang no longer produces any output (i.e. no errors).
cisco@NCS:~/ncs-run/packages/l2vpn/src/yang$ pyang l2vpn.yang
cisco@NCS:~/ncs-run/packages/l2vpn/src/yang$
Step 9 Change the directory to the parent directory where there is a Makefile. Use the make command to
compile the package.
cisco@NCS:~/ncs-run/packages/l2vpn/src/yang$ cd ..
cisco@NCS:~/ncs-run/packages/l2vpn/src$ make
/home/cisco/ncs-4.2/bin/ncsc `ls l2vpn-ann.yang > /dev/null 2>&1 &&
echo "-a l2vpn-ann.yang"` \
--yangpath yang -c -o ../load-dir/l2vpn.fxs yang/l2vpn.yang
cisco@NCS:~/ncs-run/packages/l2vpn/src$
Step 10 If you placed your packages into $HOME/ncs-run/packages, you can proceed and issue the
reload packages command in NSO CLI. If not, you need to copy the entire directory containing
your service to that directory or create a symbolic link to it.
>>> System upgrade is starting.

>>> Sessions in configure mode must exit to operational mode.
>>> No configuration changes can be performed until upgrade has
completed.
>>> System upgrade has completed successfully.
reload-result {
package cisco-ios
result true
}
reload-result {
package cisco-iosxr
result true
}
reload-result {
package l2vpn
result true
}
admin@ncs#
Step 11 Check the availability of CLI commands to manage the service. For example, use the services
l2vpn command followed by a question mark to investigate the new CLI options available for the
provisioning of service instances.
admin@ncs# config
admin@ncs(config)# services l2vpn ?
Service Instance Name range
admin@ncs(config)# services l2vpn
 You have a directory structure and file templates for a new service.
cisco-ios cisco-iosxr l2vpn
cisco@NCS:~/ncs-run/packages$ ls -l l2vpn
total 20
drwxr-xr-x 2 cisco cisco 4096 Nov 26 15:09 load-dir
-rw-rw-r-- 1 cisco cisco 375 Jan 27 12:39 package-meta-data.xml
drwxr-xr-x 4 cisco cisco 4096 Jan 27 12:39 src
drwxr-xr-x 2 cisco cisco 4096 Jan 27 12:39 templates
drwxr-xr-x 3 cisco cisco 4096 Nov 26 15:09 test
cisco@NCS:~/ncs-run/packages$ ls -l l2vpn/src/yang
total 4
-rw-rw-r-- 1 cisco cisco 633 Jan 27 12:39 l2vpn.yang
cisco@NCS:~/ncs-run/packages$ ls -l l2vpn/templates
total 4
-rw-rw-r-- 1 cisco cisco 733 Jan 27 12:39 l2vpn-template.xml
cisco@NCS:~/ncs-run/packages$
 You should have your service available in NSO even though there is no mapping to actual device types
yet. Use the NSO Web UI to inspect the results of the design and installation of your service. Once NSO
Web UI is available, click the Toggle Navigation button in the upper left corner and examine the l2vpn
service page.
Note You still cannot start provisioning services. A service template is missing and it will be created in the next
task.

Task 2: Create Device Templates
In this task, you will configure the sample point-to-point Layer-2 MPLS VPN service through NSO CLI in
order to obtain the device-specific configuration in XML format. This will allow you to create a device
template for Cisco IOS and Cisco IOS XR.
Below is an illustration that should help you identify the parameters for this manual sample service
implementation.
192.168.11.0/24
CE11 CE12
Gi0/ 9
NSO Lo0:10.0.0.11
PE11 PE12
L2 MPLS VPN
VPN- ID: 1001121
Lo0: 10.0.0.21
Gi0/ 0/ 0/ 9
192.168.21.0/24 192.168.31.0/24
IOS XR
CE21 PE21 PE31 CE31
Activity Procedure
Step 1 Connect to the NSO CLI.
Step 2 A network engineer has provided you with the actual configuration for the new service, one for
each device type.
Cisco IOS: PE11
interface GigabitEthernet0/9
xconnect 10.0.0.21 1001121 encapsulation mpls
!
Cisco IOS XR: PE21

l2vpn
xconnect group ACME
p2p CE11-to-CE21
interface GigabitEthernet0/0/0/9
neighbor 10.0.0.11 pw-id 1001121
!
!
!
interface GigabitEthernet0/0/0/9
l2transport
!
Step 3 Configure the above examples using the NSO CLI.
 Use the devices device PE11 configuration command as a starting point to configure the
Cisco IOS sample.
 Use the devices device PE21 configuration command as a starting point to configure the
Cisco IOS XR sample.
admin@ncs# config
admin@ncs(config)# devices device PE11 config ios:interface
GigabitEthernet 0/9
admin@ncs(config-if)# xconnect 10.0.0.21 1001121 encapsulation mpls
admin@ncs(config-if)# top
admin@ncs(config)# devices device PE21 config cisco-ios-xr:l2vpn
admin@ncs(config-l2vpn)# xconnect group GROUP
admin@ncs(config-l2vpn-xc)# p2p CE11-to-CE21
admin@ncs(config-l2vpn-xc-p2p)# interface GigabitEthernet0/0/0/9
admin@ncs(config-l2vpn-xc-p2p)# neighbor 10.0.0.11 pw-id 1001121
admin@ncs(config-l2vpn-xc-p2p-pw)# exit
admin@ncs(config-l2vpn-xc-p2p)# exit
admin@ncs(config-l2vpn-xc)# exit
admin@ncs(config-l2vpn)# exit
admin@ncs(config-config)# cisco-ios-xr:interface GigabitEthernet 0/0/0/9
admin@ncs(config-if)# l2transport
admin@ncs(config-if-l2)# top
admin@ncs(config)#
Step 4 Use the commit dry-run outformat xml command to retrieve the XML version of the
configuration when done configuring the above sample configurations.
Note Please verify that the output contains all the configured parameters. If all or a part of the changes
were committed beforehand, the output will be missing those parts.
admin@ncs(config)# commit dry-run outformat xml

device PE11
<interface xmlns="urn:ios">
<GigabitEthernet>
<name>0/9</name>
<xconnect>
<encapsulation>mpls</encapsulation>
<vcid>1001121</vcid>
<address>10.0.0.21</address>
</xconnect>
</GigabitEthernet>
</interface>
device PE21
<interface xmlns="http://tail-f.com/ned/cisco-ios-xr">
<GigabitEthernet>
<id>0/0/0/9</id>
<l2transport/>
</GigabitEthernet>
</interface>
<l2vpn xmlns="http://tail-f.com/ned/cisco-ios-xr">
<xconnect>
<group>
<name>GROUP</name>
<p2p>
<name>CE11-to-CE21</name>
<neighbor>
<pw-id>1001121</pw-id>

</neighbor>
<interface>
<name>GigabitEthernet0/0/0/9</name>
</interface>
</p2p>
</group>
</xconnect>
</l2vpn>
admin@ncs(config)#abort
admin@ncs#
Step 5 Go to the templates subdirectory of your package skeleton (e.g.

$HOME/ncs-run/packages/l2vpn/templates).
Step 6 Edit the XML template file using your preferred editor (e.g. vim, nano).
Note Alternatively, you may use the Notepad++ text editor on Workstation, which will provide you with
syntax highlighting for XML. The N: drive is mapped to NSO, so you can access all files from the
workstation.
Step 7 Copy the XML format or the configuration output into the text editor. Make sure you paste the
configuration into the appropriate section within the device configuration. The initial XML has
two segments where you have to include your XML configuration.
The first section describes the device that the template is configuring and the second section
contains configuration changes.
cisco@NCS:~/ncs-run/packages/l2vpn/templates$ more l2vpn-template.xml

<config-template xmlns="http://tail-f.com/ns/config/1.0"
servicepoint="l2vpn">
<devices xmlns="http://tail-f.com/ns/ncs">
<device>

<name>{/device}</name>
<config>

</config>
</device>
</devices>
</config-template>
cisco@NCS:~/ncs-run/packages/l2vpn/templates$
Since our service model always has two devices, the XML segment has to be duplicated to
accommodate each of them. Open the XML file in any editor and duplicate segments of the XML
code.
cisco@NCS:~/ncs-run/packages/l2vpn/templates$ vim l2vpn-template.xml

<device>
<name>{/device1}</name>
<config>



</config>
</device>

<device>
<config>
</config>
</device>
</devices>
</config-template>
Step 8 Now insert the XML configuration created with commit dry-run outformat xml in the modified
XML skeleton. Replace the device identification with the device name variable in curly brackets
and the configuration segment with XML configuration code. For both devices, add both the IOS
and IOS-XR part of configuration.

<device>
<config>
<GigabitEthernet>
<name>0/9</name>
<xconnect>
</xconnect>
</GigabitEthernet>
</interface>
<GigabitEthernet>
<id>0/0/0/9</id>
<l2transport/>
</GigabitEthernet>
</interface>
<xconnect>
<group>
<name>GROUP</name>

<p2p>
<neighbor>
<pw-id>1001121</pw-id>
</neighbor>
<interface>
</interface>
</p2p>
</group>
</xconnect>
</l2vpn>
</config>
</device>

<device>
<config>
<GigabitEthernet>
<name>0/9</name>
<xconnect>
</xconnect>
</GigabitEthernet>
</interface>
<GigabitEthernet>
<id>0/0/0/9</id>
<l2transport/>
</GigabitEthernet>
</interface>
<xconnect>
<group>
<name>GROUP</name>
<p2p>
<neighbor>
<pw-id>1001121</pw-id>
</neighbor>
<interface>
</interface>
</p2p>
</group>
</xconnect>
</l2vpn>
</config>
</device>
</devices>
</config-template>
Step 9 Replace all occurrences of parameters with variables in curly brackets (e.g. replace
“0/9” with “{intf-number}” in the Cisco IOS portion of the configuration). Note that the variable
names must correspond to the YANG statements you used when creating the service model.
Note You may need to revisit your YANG service model and align it with the requirements of the
device mapping logic. While not strictly necessary, the below sample also contains additional
tags, as is best practice. Can you explain why?



<device tags="nocreate">
<config tags="merge">

<GigabitEthernet>
<name>{/intf-number1}</name>
<xconnect>
<vcid>{/pw-id}</vcid>
<address>{/remote-ip1}</address>
</xconnect>
</GigabitEthernet>
</interface>

<GigabitEthernet>
<id>{/intf-number1}</id>
<l2transport/>
</GigabitEthernet>
</interface>
<xconnect>
<group>
<name>GROUP</name>
<p2p>
<name>{/name}</name>
<neighbor>
<pw-id>{/pw-id}</pw-id>
</neighbor>
<interface>
<name>GigabitEthernet{/intf-number1}</name>
</interface>
</p2p>
</group>
</xconnect>
</l2vpn>
</config>
</device>




<GigabitEthernet>
<name>{/intf-number2}</name>
<xconnect>
</xconnect>
</GigabitEthernet>
</interface>

<GigabitEthernet>
<id>{/intf-number2}</id>
<l2transport/>
</GigabitEthernet>
</interface>
<xconnect>
<group>
<name>GROUP</name>
<p2p>
<neighbor>
</neighbor>
<interface>
<name>GigabitEthernet{/intf-number2}</name>
</interface>
</p2p>
</group>
</xconnect>
</l2vpn>
</config>
</device>
</devices>
</config-template>
Step 10 Save the file when done.
Step 11 Reload packages.

reload-result {
package cisco-ios
result true
}
reload-result {
package cisco-iosxr
result true
}
reload-result {
package l2vpn
result true
}
admin@ncs#
Troubleshooting Hints:
 The variables must reference data according to the hierarchy of the YANG data model.
 As you have two devices being referenced in your informal design (one in each attachment
circuit), you will have to duplicate your XML device templates.
 You have successfully configured the sample service using the NSO CLI when you achieve an identical
configuration to the one provided as sample when issuing the commit dry-run outformat native
command.
 The important part of this step is to record the XML version of the configuration as shown below. This
output can be retrieved by using the commit dry-run outformat xml command.
Cisco IOS (PE11 portion of the output):
<GigabitEthernet>
<name>0/6</name>
<xconnect>
</xconnect>
</GigabitEthernet>
</interface>
Cisco IOS XR (PE21 portion of the output):

<xconnect>
<group>
<name>GROUP</name>
<p2p>
<neighbor>
<pw-id>1001121</pw-id>
</neighbor>
<interface>
</interface>
</p2p>
</group>
</xconnect>
</l2vpn>
<GigabitEthernet>
<id>0/0/0/9</id>
<l2transport/>
</GigabitEthernet>
</interface>

 You have successfully converted the XML configuration into an XML template. Note that the below
section is not a final solution, it only illustrates how variables can be created. Remember that you have to
adjust this configuration for each of two attachment circuits.
Cisco IOS (PE11 portion of the output):
<GigabitEthernet>
<name>{/intf-number}</name>
<xconnect>
<address>{/remote-ip}</address>
</xconnect>
</GigabitEthernet>
</interface>
Cisco IOS XR (PE21 portion of the output):

<xconnect>
<group>
<name>GROUP</name>
<p2p>
<neighbor>
<address>{/remote-ip}</address>
</neighbor>
<interface>
<name>GigabitEthernet{/intf-number}</name>
</interface>
</p2p>
</group>
</xconnect>
</l2vpn>
<GigabitEthernet>
<id>{/intf-number}</id>
<l2transport/>
</GigabitEthernet>
</interface>
Note We have simplified the example to only use the GigabitEthernet interface types. You would have to add
another parameter to select among all the available interface types and replicate the interface configurations
within the XML file.
Task 3: Deploy a Service Instance
In this task, you will deploy a service instance based on your newly installed service.
Activity Procedure
Step 1 Connect to NSO CLI.
Step 2 Provision the first service instance.

admin@ncs# config
admin@ncs(config)# services l2vpn CE11-CE21 ?
check-sync - Check if device config is according to the
service
commit-queue -
deep-check-sync - Check if device config is according to the
service
device1 - PE Router1
device2 - PE Router2
get-modifications - Get the configuration data this service created
intf-number1 - GigabitEthernet Interface ID
intf-number2 - GigabitEthernet Interface ID
pw-id - Unique Pseudowire ID
re-deploy - Run/Dryrun the service logic again
reactive-re-deploy - Reactive redeploy of service logic
remote-ip1 - Loopback0 IP Address of Remote PE (10.0.0.X)
remote-ip2 - Loopback0 IP Address of Remote PE (10.0.0.X)
un-deploy - Undo the effects of this service to the network
<cr> -
admin@ncs(config)# services l2vpn CE11-CE21 pw-id 1001121 device1 PE11
intf-number1 0/9 remote-ip1 10.0.0.21 device2 PE21 intf-number2 0/0/0/9
remote-ip2 10.0.0.11
admin@ncs(config-l2vpn-CE11-CE21)#
Step 3 Once all service parameters are entered, preview device changes using the commit dry-run or
commit dry-run outformat native command.
admin@ncs(config-l2vpn-CE11-CE21)# commit dry-run
cli devices {
device PE11 {
config {
ios:interface {
GigabitEthernet 0/9 {
xconnect {
+ address 10.0.0.21;
+ vcid 1001121;
+ encapsulation mpls;
}
}
}
}
}
device PE21 {
config {
cisco-ios-xr:interface {

GigabitEthernet 0/0/0/9 {
+ l2transport {
+ }
}
}
+ cisco-ios-xr:l2vpn {
+ xconnect {
+ group GROUP {
+ p2p CE11-CE21 {
+ interface GigabitEthernet0/0/0/9;
+ neighbor 10.0.0.11 1001121;
+ }
+ }
+ }
+ }
}
}
}
services {
+ l2vpn CE11-CE21 {
+ pw-id 1001121;
+ device1 PE11;
+ intf-number1 0/9;
+ remote-ip1 10.0.0.21;
+ device2 PE21;
+ intf-number2 0/0/0/9;
+ remote-ip2 10.0.0.11;
+ }
}
admin@ncs(config-l2vpn-CE11-CE21)#
Step 4 Finally, commit the service instance creation using the commit command.
admin@ncs(config-l2vpn-CE11-CE21)# top
Commit complete.
 The service has been successfully deployed.
admin@ncs# show running-config services l2vpn
services l2vpn CE11-CE21
pw-id 1001121
device1 PE11
intf-number1 0/9
device2 PE21
intf-number2 0/0/0/9
!
admin@ncs# show running-config services l2vpn | display xpath
/services/l2vpn:l2vpn[name='CE11-CE21']/pw-id 1001121
/services/l2vpn:l2vpn[name='CE11-CE21']/device1 PE11
/services/l2vpn:l2vpn[name='CE11-CE21']/intf-number1 0/9
/services/l2vpn:l2vpn[name='CE11-CE21']/remote-ip1 10.0.0.21
/services/l2vpn:l2vpn[name='CE11-CE21']/device2 PE21
/services/l2vpn:l2vpn[name='CE11-CE21']/intf-number2 0/0/0/9
/services/l2vpn:l2vpn[name='CE11-CE21']/remote-ip2 10.0.0.11
admin@ncs#
admin@ncs# show running-config services l2vpn | tab

INTF REMOTE INTF REMOTE
NAME PW ID DEVICE1 NUMBER1 IP1 DEVICE2 NUMBER2 IP2
------------------------------------------------------------------------------
CE11-CE21 1001121 PE11 0/9 10.0.0.21 PE21 0/0/0/9 10.0.0.11

Lab 3-2: Manage Services
Activity Objective
In this activity, you will manage your newly deployed service and its deployed instances. After completing
this activity, you will be able to meet these objectives:
 Create, modify, and delete service instances
 Un-deploy and re-deploy service instances
 Assign services to customers
Required Resources
Job Aids
 Student guide: Service Management (Module 3 Lesson 4)
— NSO User Guide
Task 1: Manage Service Instances

The first task requires you to create and manage additional service instances.
Activity Procedure
Step 1 Create two additional Layer-2 MPLS VPN service instances using the information below.
Service Instance Parameter Value
CE11-to-CE21-v2 Pseudowire ID 1011121
Link 1: Device PE11
Link 1: Interface 0/8
Link 1: Remote IP 10.0.0.21
Link 2: Device PE21
Link 2: Interface 0/0/0/8
CE11-to-CE31 Pseudowire ID 1011131
Link 1: Device PE11
Link 1: Interface 0/7
Link 2: Device PE31
Link 2: Interface 0/0/0/7
admin@ncs(config)# services l2vpn CE11-to-CE21-v2 pw-id 1011121 device1

PE11 intf-number1 0/8 remote-ip1 10.0.0.21 device2 PE21 intf-number2
0/0/0/8 remote-ip2 10.0.0.11
admin@ncs(config-l2vpn-CE11-to-CE21-v2)# top
admin@ncs(config)# services l2vpn CE11-to-CE31 pw-id 1011131 device1
PE11 intf-number1 0/7 remote-ip1 10.0.0.21 device2 PE31 intf-number2
0/0/0/7 remote-ip2 10.0.0.11
admin@ncs(config-l2vpn-CE11-to-CE31)# top
Commit complete.
admin@ncs(config)#
Step 2 Connect to router PE11 (ssh [email protected] -p 10101) and check the running configuration.
You should see the Layer-2 VPN configuration on the three GigabitEthernet interfaces (0/7, 0/8,
and 0/9).
…
exit
exit
exit
…
Step 3 Now un-deploy one of the service instances.

admin@ncs(config)# services l2vpn CE11-to-CE31 un-deploy
Step 4 Check to see if the interface configuration has been reverted to a previous state.
…
exit
exit
exit
…
Step 5 Check to see if the service is still present in the NSO configuration database.
admin@ncs(config)# show full-configuration services l2vpn

pw-id 1001121
device1 PE11
intf-number1 0/9
device2 PE21
!
services l2vpn CE11-to-CE21-v2
pw-id 1011121
device1 PE11
intf-number1 0/8
device2 PE21
!
services l2vpn CE11-to-CE31
pw-id 1011131
device1 PE11
intf-number1 0/7
device2 PE31
!
admin@ncs(config)#
Note When the service instance is un-deployed, its record in the CDB is maintained, but the device(s)
configuration is reverted.
Step 6 Check the state of the un-deployed service instance using the check-sync command.
admin@ncs(config)# services l2vpn CE11-to-CE31 check-sync
in-sync false
admin@ncs(config)#
Step 7 Now re-deploy the service instance to make it operational again using the re-deploy command.
Then perform another check of synchronization between NSO and the device.
admin@ncs(config)# services l2vpn CE11-to-CE31 re-deploy
admin@ncs(config)# services l2vpn CE11-to-CE31 check-sync
in-sync true
admin@ncs(config)#
Task 2: Assign Service Instances to Customers
In this task, you will modify the service model to include the assignment of service instances to customers.
Activity Procedure
Step 1 Edit the YANG service model to add another leaf that references the customer data in NSO. The
XPath to reference customer data is: /ncs:customers/ncs:customer/ncs:id.
 Modify the YANG service model to include the new leaf.
leaf customer {
tailf:info "Customer name";
type leafref {
path "/ncs:customers/ncs:customer/ncs:id";
}
}
 Compile the package.
 Reload packages.
Note You should already have at least one customer created from the second lab exercise.
Step 2 Modify one of the existing service instances by assigning it to the customer you have created.
admin@ncs# conf
admin@ncs(config)# services l2vpn CE11-to-CE31 customer ?
ACME
admin@ncs(config)# services l2vpn CE11-to-CE31 customer ACME
admin@ncs(config-l2vpn-CE11-to-CE31)# top
Commit complete.
admin@ncs(config)#
Step 3 Check the configuration of the service instance in CDB.

admin@ncs# show running-config services l2vpn CE11-to-CE31
customer ACME
pw-id 1011131
device1 PE11
intf-number1 0/7
device2 PE31
!
admin@ncs#
Step 4 Now test the rollback functionality by reverting the configuration back to the state when
customers were not assigned to the service instances. Then check the service instance
configuration.
admin@ncs# config
admin@ncs(config)# rollback configuration

Commit complete.
pw-id 1011131
device1 PE11
intf-number1 0/7
device2 PE31
!
admin@ncs#
Step 5 You may perform another rollback operation to re-assign the customer to the service instance
(basically rolling back last rollback).
admin@ncs# config
admin@ncs(config)# rollback configuration
Commit complete.
customer ACME
pw-id 1011131
device1 PE11
intf-number1 0/7
device2 PE21
!
admin@ncs#
Note Every rollback transaction also creates a new rollback file for its own removal.
Lab 4-1: Use NSO APIs
Activity Objective
In this activity, you will test a few of the NSO APIs. After completing this activity, you will be able to meet
these objectives:
 Create a plug-and-play script to augment the NSO CLI
 Create a shell script to configure NSO
Visual Objective
The figure illustrates what you will accomplish in this activity. In this activity, you will use and create two
types of scripts:
 CLI augmentation: script loaded into NSO to provide additional CLI functionality.
 Task automation: shell script that performs an action within NSO.
Cisco NSO CLI
Plug- and- play script

Shell Script
Cisco NSO
Required Resources
Job Aids
 Student guide: Cisco NSO Integration Options (Module 4 Lesson 1)
— NSO Installation Guide
— NSO User Guide

Task 1: Create a Plug-and-Play Script
The first task requires you to create a plug-and-play script that will augment the NSO CLI with a new CLI
command that triggers an external script and returns a result to the CLI.
Activity Procedure
Step 1 The first script has the following requirements:
Requirement Description
Ability to list trace log files Mode: operational

Syntax: show trace list
Ability to display the contents of a trace log Mode: operational

file Syntax: show trace file <filename>
Step 2 Create a script file in the scripts/command subdirectory of the running directory of NSO. Check
the activity verification section for a sample of the command line output.
Tip Check the scripts/command subdirectory in the installation directory for sample plug-and-play
scripts that you can copy or use as a starting point to define the required syntax and
parameters definition.
cisco@NCS:~$ cd $HOME/ncs-run/scripts/command
cisco@NCS:~/ncs-run/scripts/command$ vim show-trace
cisco@NCS:~/ncs-run/scripts/command$ more show-trace
#!/bin/sh
set -e
newline=cat
while [ $# -gt 0 ]; do
case "$1" in
--command)
cat << EOF
begin command
modes: oper
styles: c i j
cmdpath: show trace
help: Show the contents of trace log files
more: true
end
begin param
name: file
presence: optional
flag: file
help: Display contents of trace log file
end
begin param
name: list
presence: optional
type: void
flag: list
help: List trace log files
end
EOF
exit
;;
list)
cd /home/cisco/ncs-run/logs/
ls -1 *.trace
exit
;;
file)
cd /home/cisco/ncs-run/logs/
more $2
exit
;;
*)
break
;;
esac
shift
done
echo Specify a trace log file to display.

echo Usege:
echo show trace list ... lists trace log files
echo show trace file \<file\> ... displays the selected log file
exit
cisco@NCS:~/ncs-run/scripts/command$
Note Make sure you are not using the Tab key for indentation in your script. Instead use space.
Step 3 Now make your new script executable.

cisco@NCS:~/ncs-run/scripts/command$ chmod +x show-trace
cisco@NCS:~/ncs-run/scripts/command$
Step 4 Instruct NSO to reload scripts.

admin@ncs# script reload
/home/cisco/ncs-run/scripts: ok
command:
show-trace: new
admin@ncs#

Step 1 Connect to the NSO CLI.
Step 2 Activate device southbound tracing for device PE11.

admin@ncs# config
admin@ncs(config)# devices device PE11 trace pretty
admin@ncs(config-device-PE11)# commit
Commit complete.
admin@ncs(config-device-PE11)# top
admin@ncs#
Step 3 In order to start tracing, the session toward devices has to be first disconnected and then connected
again.
admin@ncs#
admin@ncs# devices device PE11 disconnect
admin@ncs# devices device PE11 connect
result true
info (admin) Connected to PE11 - 127.0.0.1:10101
admin@ncs#
Note Once southbound tracing is enabled, a new trace file is created in the logs directory. The file
name is a combination of the NED and device name.
You have completed this task when you attain a result that will produce a similar CLI add-on as
shown below:
admin@ncs# show trace ?
file - Display contents of trace log file
list - List trace log files
| - Output modifiers
<cr> -
admin@ncs# show trace list
ned-cisco-ios-PE11.trace
xpath.trace
admin@ncs# show trace file ned-cisco-ios-PE11.trace
>> 28-Jan-2016::01:58:14.909 CLI CONNECT to PE11-127.0.0.1:10101 as
admin (Trace=false)
<< 28-Jan-2016::01:58:15.178 CONNECTED 0
>> 28-Jan-2016::01:58:15.179 IS_ALIVE 0
<< 28-Jan-2016::01:58:15.181 IS_ALIVE true
>> 28-Jan-2016::01:58:46.807 CLOSE 0: (Pool: discard)
<< 28-Jan-2016::01:58:46.817 CLOSED
admin@ncs#
Task 2: Create a Shell Script
In this task, you will create a shell script that will add customer definitions to NSO.
Activity Procedure
Step 1 Write the script using the API of your choice.

cisco@NCS:~/ncs-run/scripts$ vim create-customer
The script must take the following arguments:
Argument Description
Customer name Users of the script must supply the name of the customer
being added.
Step 2 The script automatically sets the following parameters on the customer object:
Parameter Value
Status Active
Rank 128
Step 3 You may use this shell script as an example:

#!/bin/sh
{ ncs_cli -u admin -C<< EOF;
config
customers customer $1 rank 128 status active
commit
exit no-confirm
exit
EOF
}
if [ $? != 0 ]; then echo 'create-customer: script failed'; exit 1; fi
Step 4 Make sure you make the new script executable.

cisco@NCS:~/ncs-run/scripts$ chmod +x create-customer
Note Make sure that NCS environment parameters are loaded (source ncsrc) before you try to
execute the script.
Step 5 Test the script by creating three customers.

cisco@NCS:~/ncs-run/scripts$ ./create-customer TEST1
Commit complete.
Commit complete.
Commit complete.
cisco@NCS:~/ncs-run/scripts$

 Once you create customers using the script, check their configuration in NSO.
admin@ncs# show running-config customers
customers customer ACME
rank 1
status active
!
customers customer TEST1
rank 128
status active
!
rank 128
status active
!
rank 128
status active
!
admin@ncs#
Lab 4-2: Troubleshoot and Debug NSO
Activity Objective
In this activity, you will learn to troubleshoot system- and service design-related issues. After completing this
activity, you will be able to meet these objectives:
 Troubleshoot system issues
 Troubleshoot service design and deployment issues
Visual Objective
The figure illustrates what you will accomplish in this activity. You will first deploy a new service to
provision Layer-3 MPLS VPNs, and then you will have to provision a service instance for one VPN
interconnecting five customer sites.
You have received an unfinished (untested) service model, which you will have to finalize in order to make it
ready for production purposes. The figure illustrates the five customer sites that need to be interconnected
using Layer 3 MPLS VPNs. BGP will be used to exchange customer routing information with PE routers.
CE11 CE12
BGP BGP CE31
PE11 PE12
NSO
BGP CE32
BGP
IOS XR
PE21 PE31 BGP
CE33
Required Resources
Job Aids

 Student guide: Cisco NSO System Administration (Module 4 Lesson 2)
— NSO User Guide
Task 1: Deploy a New Service

The first task requires you to deploy a new service in the lab. The service, however, is not complete and
requires your action to make it functional.
Activity Procedure
Step 1 Create a template-based service skeleton called l3mplsvpn in the $HOME/ncs-run/packages

directory.
cisco@NCS:~$ cd $HOME/ncs-run/packages
cisco@NCS:~/ncs-run/packages$ ncs-make-package --service-skeleton
template l3mplsvpn
Step 2 In the /opt/resources directory, you will find a new service for provisioning Layer-3 MPLS VPNs.
The service only provides the service model and mapping template. Copy the two files to the new
service skeleton.
cisco@NCS:~/ncs-run/packages$ cp /opt/resources/l3mplsvpn.yang
./l3mplsvpn/src/yang/l3mplsvpn.yang
cisco@NCS:~/ncs-run/packages$ cp /opt/resources/l3mplsvpn.xml
./l3mplsvpn/templates/l3mplsvpn-template.xml
Step 3 Compile the service package.
Note There might be problems with this service as the service designer who created the service was
not able to complete the task. You need to troubleshoot the design, which may include errors in
the YANG service model or the device templates.
Step 4 Troubleshoot the YANG service model to fix the syntax errors in order to be able to successfully
compile the service.
Troubleshooting hints:
 Enable XPath trace and monitor the Xpath log while executing the commit dry-run
command.
 Use pyang to validate the YANG service model
Note Note that a successful compilation does not necessarily mean that the service is functioning
correctly. There may also be semantic errors.
 The following XML device template contains the correct XPath expressions to refer to the
YANG data model hierarchy. The fix is highlighted (underlined) and indicates that the
original template wrongly tried to reference the link-id in the parent node.
servicepoint="l3mplsvpn">
<name>{/link/device}</name>
<config>
<vrf xmlns="urn:ios" tags="merge">

<definition>
<name>vpn{string(../vpn-id)}</name>
<description>L3 MPLS VPN for customer {/customer}</description>
<address-family>
<ipv4/>
</address-family>
<route-target>
<import>
<asn-ip>1:{string(/vpn-id)}</asn-ip>
</import>
<export>
<asn-ip>1:{string(/vpn-id)}</asn-ip>
</export>
</route-target>
<rd>1:{string(/vpn-id)}</rd>
</definition>
</vrf>
<interface xmlns="urn:ios" tags="merge">

<GigabitEthernet>
<name>{interface}</name>
<description>Connection {./link-id} for customer
{string(/customer)}</description>
<vrf>
<forwarding>vpn{string(../vpn-id)}</forwarding>
</vrf>
<ip>
<address>
<primary>
<mask>255.255.255.252</mask>
<address>172.31.{./link-id}.1</address>
</primary>
</address>
</ip>
</GigabitEthernet>
</interface>
<ip xmlns="urn:ios" tags="merge" when="{routing-protocol='static'}">

<route>
<vrf>
<ip-route-forwarding-list>
<prefix>{string(prefix)}</prefix>
<mask>{string(mask)}</mask>
<forwarding-address>172.31.{string(../link-id)}.3</forwarding-address>
</ip-route-forwarding-list>
</vrf>
</route>
</ip>
<router xmlns="urn:ios" tags="merge">

<bgp when="{routing-protocol='bgp'}">
<as-no>1</as-no>
<address-family>
<with-vrf>
<ipv4>
<unicast-multicast>unicast</unicast-multicast>
<vrf>
<neighbor>
<id>172.31.string(../link-id}.2</id>
<remote-as>65001</remote-as>
<as-override/>
<default-originate/>
<allowas-in>
<as-number>3</as-number>
</allowas-in>
<activate/>
</neighbor>
<redistribute>

<connected/>
<static/>
</redistribute>
</vrf>
</ipv4>
</with-vrf>
</address-family>
</bgp>
<rip when="{routing-protocol='rip'}">
<address-family>
<ipv4>
<vrf>
<name>vpn{string(/vpn-id)}</name>
<default-information>
<originate/>
</default-information>
<network>
<ip>0.0.0.0</ip>
</network>
</vrf>
</ipv4>
</address-family>
</rip>
</router>
</config>
</device>
</devices>
</config-template>
 The following YANG service model contains the correct syntax and semantics in order to
achieve a working solution. There are three errors in the service model:
— A semicolon is missing.
— Mismatched prefixes were used for the module tailf-ncs.
— The routing-protocol referenced in the when statement is in the parent node.
module l3mplsvpn {
namespace "http://com/example/l3mplsvpn";
prefix l3mplsvpn;
import ietf-inet-types { prefix inet; }

import tailf-ncs { prefix ncs; } // Mismatched prefix
import tailf-common { prefix tailf; }
list l3mplsvpn {
tailf:info "Layer-3 MPLS VPN Service";
key vpn-id;
unique "vpn-name customer";
ncs:servicepoint "l3mplsvpn";
leaf vpn-name {
type string;
}
leaf vpn-id {
tailf:info "Service Instance ID (10001 to 19999)";
type uint32 {
range "10001..19999";
}
}
leaf customer {
tailf:info "VPN Customer";
type leafref {
path "/ncs:customers/ncs:customer/ncs:id";
}
}
// Each VPN service instance can have one or more interfaces

list link {
tailf:info "PE-CE Attachment Point";
key link-id;
unique "device interface"; // syntax error
leaf link-name {
tailf:info "Link Name";
type string;
}
leaf link-id {
tailf:info "Link ID";
type uint32 {
range "1..255";
}
}
leaf device {
tailf:info "PE Router";
type leafref {
}
}
leaf interface {
tailf:info "Customer Facing Interface";
type string;
}
leaf routing-protocol {
tailf:info "Routing option for the PE-CE link";
type enumeration {
enum bgp;
enum rip;
enum static;
}
}
list static {
tailf:info "Static Route";
key "prefix mask";
when "../routing-protocol='static'"; // It is in the parent node
leaf prefix {
tailf:info "Static Route Prefix";
type inet:ipv4-address;
}
leaf mask {
tailf:info "Static Route Subnet Mask";
type inet:ipv4-address;
}
}
}
}
}
}
Step 5 Reload packages once your service has successfully been compiled.

Step 6 Deploy a service instance with several links attached at different PE routers using the following
NSO CLI commands once you have successfully installed the new service package:
admin@ncs(config)# services l3mplsvpn 10001
admin@ncs(config-l3mplsvpn-10001)# link 1 device PE11 interface 0/11 link-name
CE11 routing-protocol bgp
admin@ncs(config-link-1)# exit
admin@ncs(config-l3mplsvpn-10001)# top
admin@ncs(config)#
 You should be able to create the service instance with the native configuration listed below. Make sure
the result contains the following components:
— Configurations for two devices: PE11 and PE31
— PE11 has two interfaces with IP addressing and is placed inside a VRF
— PE31 has three interfaces with IP addressing and is placed inside a VRF
— PE11 has BGP with two neighbors configured
— PE31 has BGP with three neighbors configured
admin@ncs(config)# commit dry-run outformat native
device PE11
vrf definition vpn10001
rd 1:10001
address-family ipv4
exit-address-family
!
route-target export 1:10001
route-target import 1:10001
!
vrf forwarding vpn10001
ip address 172.31.1.1 255.255.255.252
exit
ip address 172.31.2.1 255.255.255.252
exit
router bgp 1
address-family ipv4 unicast vrf vpn10001
neighbor 172.31.1.2 remote-as 65001
neighbor 172.31.1.2 activate
neighbor 172.31.1.2 allowas-in 3
neighbor 172.31.1.2 as-override
neighbor 172.31.1.2 default-originate
redistribute connected
redistribute static
exit-address-family
!
!
device PE31
vrf definition vpn10001
rd 1:10001
address-family ipv4
exit-address-family
!
route-target export 1:10001
route-target import 1:10001
!
ip address 172.31.3.1 255.255.255.252

exit
ip address 172.31.4.1 255.255.255.252
exit
ip address 172.31.5.1 255.255.255.252
exit
router bgp 1
address-family ipv4 unicast vrf vpn10001
redistribute connected
redistribute static
exit-address-family
!
!
admin@ncs(config)#
Task 2: Device Troubleshooting
This task will require you to troubleshoot a potential issue in the communication between NSO and the
managed devices.
Activity Procedure
Step 1 Enable device trace log files for devices PE11, PE12, PE21, and PE31.
Note You may already have tracing enabled on PE11 from the previous lab.
Step 2 Perform a configuration synchronization check for all PE routers.
Step 3 Check to see if the log files for PE routers have been created. The log files are located in the logs
subdirectory of the running directory (e.g. $HOME/ncs-run/logs).
Task 3: System Troubleshooting

This task will require you to perform some system troubleshooting actions that may be useful when faced
with an issue affecting the system performance.
You will use the following techniques to troubleshoot the system:
Activity Procedure
Step 1 Stop the NSO daemon.

cisco@NCS:~/ncs-run$ ncs --stop
Step 2 Start a new instance of NSO in the foreground and verbose mode to see what the daemon is doing.
cisco@NCS:~/ncs-run$ ncs --foreground -v

Appendix 1
Task 1: Optimize Service Model (Advanced)
In this optional task, you will revisit your service model from Lab 3-1 and try to improve it in order to make
it even easier for the operator to manage service instances and to lower the risk of human error when
provisioning service instances.
The following drawbacks were identified for the initial service model:
 The operator must retrieve the interface number from somewhere else and type it into the CLI or Web UI
when deploying a service instance. This increases the risk of human error.
 The operator must correctly type in the loopback IP address of the opposite PE router, which again
increases the risk of human error.
In order to optimize your service model, you will perform the following steps as part of this task:
1. Instead of collecting info for each attachment circuit individually, place circuits in a list called link with
minimum and maximum elements of 2.
2. Link to devices’ interfaces so that they can be selected instead of having to type in the interface number.
3. Automatically retrieve the other PE router's loopback address.
Activity Procedure
This task is split into two separate sub-tasks according to the two optimization requirements described above.
Sub-Task 1: Referencing Interfaces on Devices

In order to reference the interfaces on the devices, you need to perform the following:
 Use data type leafref instead of string for the interface number (intf-num) leaf.
 Use XPath to reference the interfaces in NEDs.
 Import the NEDs YANG modules into your service package.
 Include the NEDs when compiling the service.
The figure illustrates the use of the deref() function, which moves the current position in the data tree to the
given leafref, supplied as an argument (the sample only shows the structure for Cisco IOS).
Note The above figure shows portions of XPath to get from leaf intf-number to the interface ID in the Cisco IOS
NED.
Note The above figure only shows the Cisco IOS example. You will also have to accommodate the same
functionality for Cisco IOS XR devices.
Complete these steps to achieve the required goal:
Step 1 Edit the YANG file containing your service model using your preferred editor.
Step 2 Change the leaf statement containing the interface number for the attachment circuits and
reference the interfaces on devices as shown above.
You will also have to duplicate your link list using two containers, one for IOS and another of IOS
XR, as illustrated in the figure below.

L2VPN Service Model
L l2vpn
name
pw-id
Check if the device is IOS
L{2} link when "/ncs:devices/ncs:device[ncs:name=current()/../device]/"+
"ncs:device-type/ncs:cli/ncs:ned-id='ios-id:cisco-ios'" {
tailf:dependency "../device";
C ios tailf:dependency "/ncs:devices/ncs:device/ncs:device-type";
}
R device Link to interface table for selected device if it is an IOS device
path "deref(../device)/../ncs:config/ios:interface/"+
R intf-number "ios:GigabitEthernet/ios:name";
remote-ip Check if the device is IOS XR

when "/ncs:devices/ncs:device[ncs:name=current()/../device]/"+
C iosxr "ncs:device-type/ncs:cli/ncs:ned-id='cisco-ios-xr-id:cisco-ios-xr'"{
tailf:dependency "/ncs:devices/ncs:device/ncs:device-type";
R device }
Link to interface table for selected device if it is an IOS XR device
R intf-number path "deref(../device)/../ncs:config/cisco-ios-xr:interface/"+
"cisco-ios-xr:GigabitEthernet/cisco-ios-xr:id";
remote-ip
Use the following NSO CLI commands to determine the proper XPath to the data that you need:
Cisco IOS XPath
XPath for Cisco IOS (use PE11 as sample):
show running-config devices device PE11 config ios:interface

GigabitEthernet | display xpath
Use the information from the above show command to construct the following XPath:
path
"deref(../../device)/../ncs:config/ios:interface/ios:GigabitEthernet/ios
:name";
Cisco IOS XR XPath

XPath for Cisco IOS XR (use PE21 as sample):
show running-config devices device PE21 config cisco-ios-xr:interface

GigabitEthernet | display xpath
Use the information from the above show command to construct the following XPath:
path "deref(../../device)/../ncs:config/cisco-ios-xr:interface/cisco-
ios-xr:GigabitEthernet/cisco-ios-xr:id";
Note The Cisco IOS XR differs in the interface name “id” instead of “name”. Also make sure you use
the right prefix.
The printout below highlights the main changes to your YANG file:
 Import the two NEDs (Cisco IOS and Cisco IOS XR).
 Create two containers within the link list and put the interface number into the containers.
 You need to add the logic that checks for the device type using the when statement (see
figure above).
 Change the intf-number from string to leafref and add the XPath pointing to the NED's
interface table (see figure above).
module l2vpn {
prefix l2vpn;

import tailf-ncs { prefix ncs; }
import tailf-ned-cisco-ios { prefix ios; }
import tailf-ned-cisco-ios-xr { prefix cisco-ios-xr; }
list l2vpn {
key name;
unique pw-id;
leaf name {…}
leaf pw-id {…}
list link {
tailf:info "Attachment Circuits";
min-elements 2;
max-elements 2;
key device;
leaf device {
mandatory true;
type leafref {
}
}
container ios {
when … {…}
leaf intf-number {
mandatory true;
type leafref {
path …;
}
}
}
container iosxr {
when … {…}
leaf intf-number {
mandatory true;
type leafref {
path …;
}
}
}

leaf remote-ip {
mandatory true;
pattern "10\.0\.0\.[0-9]+";
}
}
}
}
}
}
Save the YANG file when done.
Step 3 You also have to modify the XML template because the data model has changed. Find all
occurrences where intf-num is referenced and modify the paths according to this rule:
 Add the container name ios or iosxr between link and intf-num to represent the new hierarchy
in the data model. For example:
— In IOS-specific portions of the XML template:
— “/intfnumber1” becomes “/link[1]/ios/intf-number”
— In IOS XR-specific portion of the XML template:
— “/intfnumber1” becomes “/link[1]/iosxr/intf-number”
Step 4 Add the path to the Cisco IOS and Cisco IOS XR NEDs to the Makefile file in the src
subdirectory of your service package in order to be able to compile your service model including
the NEDs.
YANGPATH= --yangpath ../../cisco-ios/src/ncsc-out/modules/yang \
--yangpath ../../cisco-iosxr/src/ncsc-out/modules/yang
Step 5 Run the make command to compile the package.
 You should now be able to select from the available interface when adding the service.
Sub-Task 2: Automatically Assigning PE Router Loopback Addresses

In this sub-task, you will unburden the operator from having to know and type in the loopback IP addresses
that are used for control-plane mechanisms such as BGP and LDP. All routers use Loopback0 for this
purpose.
Step 1 Modify the XML device template to cross-reference the IP addresses. Instead of remote-ip make
use of the deref function to find the actual PE router's loopback address. This is achieved by
looking for the Loopback0 interface. Since device models differ for Cisco IOS and IOS XR,
XPath compound (pipe) operator is required.
…
<address>{
deref(/link[2]/device)/../config/interface/Loopback[name='0']
/ip/address/primary/address |
deref(/link[2]/device)/../config/interface/Loopback[id='0']
/ipv4/address/ip
}</address>
…
Note You need to cross-reference the loopback-addresses in the XML device template so that in
link[1] you reference the loopback address from link[2] and vice versa.
Step 2 Remove the unused remote-ip leaf in the service model YANG file.
Step 3 Compile the service and test it.
 You should now be able to deploy a service instance without having to know the PE routers' loopback
addresses.
Note Make sure that devices have valid IP addresses configured on the Loopback0 interface. If not, modify the
device configuration. Otherwise, commit will fail.
admin@ncs(config)# show config

pw-id 1001121
link PE11
ios intf-number 0/9
!
link PE21
iosxr intf-number 0/0/0/9
!
!
Sub-Task 1: Referencing Interfaces on Devices

The following printout shows the YANG service model that references interface numbers. The major
changes are highlighted.
module l2vpn {
prefix l2vpn;

import tailf-ncs { prefix ncs; }
import tailf-ned-cisco-ios { prefix ios; }
import tailf-ned-cisco-ios-xr { prefix cisco-ios-xr; }
list l2vpn {
key name;
unique pw-id;

leaf name {
mandatory true;
type string;
}
leaf pw-id {
tailf:info "Unique Pseudowire ID";
mandatory true;
type uint32 {
range "1..4294967295";
}
}
list link {
tailf:info "Attachment Circuits";
min-elements 2;
max-elements 2;
key device;
leaf device {
tailf:info "PE Router";
mandatory true;
type leafref {
}
}
container ios {
when "/ncs:devices/ncs:device[ncs:name=current()/../device]/ncs:device-
type/ncs:cli/ncs:ned-id='ios-id:cisco-ios'" {
}
leaf intf-number {
mandatory true;
type leafref {
path "
deref(../../device)/../ncs:config/ios:interface/ios:GigabitEthernet/ios:name";
}
}
}
container iosxr {
when "/ncs:devices/ncs:device[ncs:name=current()/../device]/ncs:device-
type/ncs:cli/ncs:ned-id='cisco-ios-xr-id:cisco-ios-xr'"{
}
leaf intf-number {
mandatory true;
type leafref {
path "deref(../../device)/../ncs:config/cisco-ios-xr:interface/cisco-ios-
xr:GigabitEthernet/cisco-ios-xr:id";
}
}
}
leaf remote-ip {
mandatory true;
pattern "10\.0\.0\.[0-9]+";
}
}
}
}
}
}
The following printout shows the XML template that is used with the above YANG data model. The major
<?xml version="1.0" encoding="utf-8"?>
<config-template xmlns="http://tail-f.com/ns/config/1.0" servicepoint="l2vpn">
<name>{/link[1]/device}</name>
<interface xmlns="urn:ios" tags="nocreate">

<GigabitEthernet>
<name>{/link[1]/ios/intf-number}</name>
<xconnect tags="merge">
<address>{/link[1]/remote-ip}</address>
</xconnect>
</GigabitEthernet>
</interface>
<l2vpn xmlns="http://tail-f.com/ned/cisco-ios-xr" tags="merge">

<xconnect>
<group>
<name>GROUP</name>
<p2p>
<interface>
<name>GigabitEthernet{/link[1]/iosxr/intf-number}</name>
</interface>
<neighbor>
</neighbor>
</p2p>
</group>
</xconnect>
</l2vpn>
<interface xmlns="http://tail-f.com/ned/cisco-ios-xr" tags="nocreate">

<GigabitEthernet>
<id>{/link[1]/iosxr/intf-number}</id>
<l2transport/>
</GigabitEthernet>
</interface>
</config>
</device>
<GigabitEthernet>

</xconnect>
</GigabitEthernet>
</interface>

<xconnect>
<group>
<name>GROUP</name>
<p2p>
<interface>
</interface>
<neighbor>
</neighbor>
</p2p>
</group>
</xconnect>
</l2vpn>

<GigabitEthernet>
<l2transport/>
</GigabitEthernet>
</interface>
</config>
</device>
</devices>
</config-template>
The following printout shows the entire Makefile with the highlighted addition of YANGPATH to tell the
ncsc compiler where to find the NED modules that augment the device config containers:
all: fxs
# Include standard NCS examples build definitions and rules

include $(NCS_DIR)/src/ncs/build/include.ncs.mk
SRC = $(wildcard yang/*.yang)

FXS = $(SRC:yang/%.yang=../load-dir/%.fxs)
YANGPATH= --yangpath ../../cisco-ios/src/ncsc-out/modules/yang \

--yangpath ../../cisco-iosxr/src/ncsc-out/modules/yang
fxs: $(FXS)
../load-dir/%.fxs: yang/%.yang
$(NCSC) `ls $*-ann.yang > /dev/null 2>&1 && echo "-a $*-ann.yang"` \
$(YANGPATH) -c -o $@ $<
clean:
rm -rf ../load-dir/*
Sub-Task 2: Automatically Assigning Loopback IP Addresses
The following printout shows the XML template that is used with the above YANG data model. The major
<?xml version="1.0" encoding="utf-8"?>

<GigabitEthernet>
<address>{
/ipv4/address/ip/link
}</address>
</xconnect>
</GigabitEthernet>
</interface>

<xconnect>
<group>
<name>GROUP</name>
<p2p>
<interface>
</interface>
<neighbor>
<address>{
}</address>
</neighbor>
</p2p>
</group>
</xconnect>
</l2vpn>

<GigabitEthernet>
<l2transport/>
</GigabitEthernet>
</interface>
</config>
</device>
<GigabitEthernet>

<address>{
}</address>
</xconnect>
</GigabitEthernet>
</interface>

<xconnect>
<group>
<name>GROUP</name>
<p2p>
<interface>
</interface>
<neighbor>
<address>{
}</address>
</neighbor>
</p2p>
</group>
</xconnect>
</l2vpn>

<GigabitEthernet>
<l2transport/>
</GigabitEthernet>
</interface>
</config>
</device>
</devices>
</config-template>

Nsobasic 4.2 LG PDF

Uploaded by

Copyright:

Available Formats

Nsobasic 4.2 LG PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Nsobasic 4.2 LG PDF

Uploaded by

Copyright:

Available Formats

What is the purpose of the document?

What is the purpose of the document?

What technologies are discussed in the document?

What technologies are discussed in the document?

NSO

Cisco Network Services

© 2016 Cisco Systems, Inc. Lab Guide i

Cisco NSO DNS

Task 1: Connect to the Lab

Cisco AnyConnect SSL VPN

Cisco NSO DNS

© 2016 Cisco Systems, Inc. Lab Guide 3

Cisco NSO DNS

Step 8 Inspect the topology illustrated in the figure below:

Cisco NSO DNS

Parameter Value Comment

Location of installation /home/cisco Equals environment variable $HOME when

NSO installation type local Local installation is recommended for all

Running directory $HOME/ncs-run

© 2016 Cisco Systems, Inc. Lab Guide 5

Active configuration directory (e.g. location

Step 6 Start NSO by executing ncs in the running directory.

admin connected from 198.18.134.4 using ssh on NCS

© 2016 Cisco Systems, Inc. Lab Guide 7

 Successfully connected to the NSO CLI:

Package Path to the Package

© 2016 Cisco Systems, Inc. Lab Guide 9

admin connected from 198.18.134.4 using ssh on NCS

>>> System upgrade is starting.

© 2016 Cisco Systems, Inc. Lab Guide 11

build-info date "2016-05-18 07:25:22"

build-info date "2016-01-24 23:47:55"

© 2016 Cisco Systems, Inc. Lab Guide 13

cisco@NCS:~$ source $HOME/ncs-4.2/ncsrc

name=PE11 netconf=12101 snmp=11101 ipc=5101 cli=10101

PE11 Cisco IOS 127.0.0.1 10101

PE12 Cisco IOS 127.0.0.1 10102

PE21 Cisco IOS XR 127.0.0.1 10103

PE31 Cisco IOS 127.0.0.1 10104

CE11 Cisco IOS 127.0.0.1 10105

CE12 Cisco IOS 127.0.0.1 10106

CE21 Cisco IOS 127.0.0.1 10107

CE31 Cisco IOS 127.0.0.1 10108

Step 4 Using CLI, manually add the device to NSO.

admin connected from 198.18.134.4 using ssh on NCS

© 2016 Cisco Systems, Inc. Lab Guide 15

Task 2: Create Device Groups

Task 4: Create a Device Template

Step 2 Using Cisco style CLI, switch into ‘config’ mode.

© 2016 Cisco Systems, Inc. Lab Guide 19

NTP Server 10.0.0.1

Domain Name cisco.com

DNS Server 198.18.133.1

Step 6 Check the template configuration.

© 2016 Cisco Systems, Inc. Lab Guide 21

Step 9 Finally, commit this configuration by using commit.

© 2016 Cisco Systems, Inc. Lab Guide 23

© 2016 Cisco Systems, Inc. Lab Guide 25

Provider Network Data Center