IETF Call Home

The IETF Call Home feature (RFC 8071) provides the following features:

  • Supports Call Home for NETCONF over SSH, and NETCONF over TLS, as defined in RFC 8071.

  • allows the server to initiate the TCP connection to 1 or more managers that implement IETF Call Home, called a “callhome server”.

  • allows NETCONF sessions to be started through firewalls

  • allows server discovery and bootstrap configuration

Call Home CLI Configuration

Call Home CLI Parameters




Specifies whether server will reconnect after client closes the session.


Specifies the number of seconds to wait after a connect attempt to the callhome server has failed before attempting another connect attempt to that server.


Specifies the number of retry attempts the server should attempt to the callhome server before giving up.


Specifies a callhome/SSH server that this server should attempt to initiate a callhome connection at boot-time.


Specifies a callhome/TLS server that this server should attempt to initiate a callhome connection at boot-time.


Specifies the command used in Call Home to invoke the SSH server


Specifies the filespec for the config file used in Call Home to invoke the SSH server


Specifies the command used in Call Home to invoke the netconf subsystem


Enable or disable the IETF Call Home protocol

Notes for NETCONF over SSH Call Home:

  • The CallHome over SSH port is called “netconf-ch-ssh” by IANA.

  • The default TCP port number is 4334.

  • The netconfd-pro server probably needs to be started with “s netconfd-pro u”

  • If the --with-callhome parameter is set to 'true' then the server will check if any --callhome-server parameters are provided. If not, then the Call Home feature will not be used on the server.

  • The server will fork a process for each callhome server that will attempt a TCP connection to one of the callhome servers configured on the netconfd-pro server.

  • If the TCP connection succeeds the SSH server will be called in “inetd” mode. The SSH server will wait for the client (callhome server) to initiate an SSH session to the netconfd-pro server.

  • If the client successfully initiates a NETCONF session, a new incoming session will be started on the server in the normal manner. The server will check if the incoming session was started by callhome, in order to skip the TCP port checks. The source port will not be 830 (or whatever is specified in the --port CLI parameter), but rather the source port used by the server to initiate the TCP connection.


In this example there are 3 separate systems, 1 netconfd-pro server and 2 callhome servers

Configuration parameters for the netconfd-pro server:

netconfd-pro {
  callhome-reconnect true
  callhome-retry-interval 30
  callhome-retry-max 10
  callhome-server [email protected]
  callhome-server [email protected]
  with-callhome true

Call Home YANG Configuration

The yumaworks-callhome module can be used to configure Call Home servers with YANG.

+--rw callhome
   +--rw server* [name]
      +--rw name        yang:yang-identifier
      +--rw address     inet:host
      +--rw port?       inet:port-number
      +--rw protocol    enumeration

The YANG module contains a list called “server”, which is a list of CallHome servers for connections. This configured list is used in addition to any bootstrap callhome servers created with CLI parameters. Entries can be created and deleted but not modified. If an entry is deleted then the CallHome session associated with the entry is not affected. Only the configuration is affected, which affects the sessions started on the next reboot..

  • name: This value must not be the same as any callhome server name used in a --callhome-server CLI parameter, in order to prevent confusing logging messages with duplicate names. A 'duplicate entry' error message will be returned in this case.

  • address: IP Address or host name for the callhome server. This must not be a loopback address, which would imply the client and server are running on the same host.

  • port: the TCP port number for the callhome server. If not present then the default port for the protocol will be used.

  • protocol: enumeration

    • netconf-ssh: Use a NETCONF over SSH Call Home connection

    • netconf-tls: Use a NETCONF over TLS Call Home connections