IETF Call Home
The IETF Call Home feature (RFC 8071) provides the following features:
Supports Call Home for NETCONF over SSH, and NETCONF over TLS, as defined in RFC 8071.
allows the server to initiate the TCP connection to 1 or more managers that implement IETF Call Home, called a “Call Home server”.
allows NETCONF sessions to be started through firewalls
allows server discovery and bootstrap configuration
Call Home CLI Configuration
Call Home CLI Parameters
Parameter |
Description |
|---|---|
Specifies whether server will reconnect after client closes the session. |
|
Specifies the number of seconds to wait after a connect attempt to the Call Home server has failed before attempting another connect attempt to that server. |
|
Specifies the number of retry attempts the server should attempt to the Call Home server before giving up. |
|
Specifies a callhome/SSH server that this server should attempt to initiate a callhome connection at boot-time. |
|
Specifies a callhome/TLS server that this server should attempt to initiate a callhome connection at boot-time. |
|
Specifies the command used in Call Home to invoke the SSH server |
|
Specifies the filespec for the config file used in Call Home to invoke the SSH server |
|
Specifies the command used in Call Home to invoke the netconf subsystem |
|
Enable or disable the IETF Call Home protocol |
Notes for NETCONF over SSH Call Home:
The Call Home over SSH port is called “netconf-ch-ssh” by IANA.
The default TCP port number is 4334.
The netconfd-pro server probably needs to be started with “s netconfd-pro u”
If the --with-callhome parameter is set to 'true' then the server will check if any --callhome-server parameters are provided. If not, then the Call Home feature will not be used on the server.
The server will fork a process for each Call Home server that will attempt a TCP connection to one of the Call Home servers configured on the netconfd-pro server.
If the TCP connection succeeds the SSH server will be called in “inetd” mode. The SSH server will wait for the client (callhome server) to initiate an SSH session to the netconfd-pro server.
If the client successfully initiates a NETCONF session, a new incoming session will be started on the server in the normal manner. The server will check if the incoming session was started by callhome, in order to skip the TCP port checks. The source port will not be 830 (or whatever is specified in the --port CLI parameter), but rather the source port used by the server to initiate the TCP connection.
In this example there are 3 separate systems, 1 netconfd-pro server and 2 Call Home servers
Configuration parameters for the netconfd-pro server:
netconfd-pro {
callhome-reconnect true
callhome-retry-interval 30
callhome-retry-max 10
callhome-server [email protected]
callhome-server [email protected]
with-callhome true
}
Call Home YANG Configuration
The yumaworks-callhome module can be used to configure Call Home servers with YANG.
+--rw callhome
+--rw server* [name]
+--rw name yang:yang-identifier
+--rw address inet:host
+--rw port? inet:port-number
+--rw protocol enumeration
The YANG module contains a list called “server”, which is a list of Call Home servers for connections. This configured list is used in addition to any bootstrap Call Home servers created with CLI parameters. Entries can be created and deleted but not modified. If an entry is deleted then the Call Home session associated with the entry is not affected. Only the configuration is affected, which affects the sessions started on the next reboot..
name: This value must not be the same as any Call Home server name used in a --callhome-server CLI parameter, in order to prevent confusing logging messages with duplicate names. A 'duplicate entry' error message will be returned in this case.
address: IP Address or host name for the Call Home server. This must not be a loopback address, which would imply the client and server are running on the same host.
port: the TCP port number for the Call Home server. If not present then the default port for the protocol will be used.
protocol: enumeration
netconf-ssh: Use a NETCONF over SSH Call Home connection
netconf-tls: Use a NETCONF over TLS Call Home connections