MG-SOFT NETCONF Simulator
Main features
MG-SOFT NETCONF Simulator software application can simulate numerous NETCONF, RESTCONF and gNMI-enabled network devices (servers) on one computer, where each simulated server listens on a different IP address or port(s) and supports its own set of YANG modules, features and access parameters.
The following is a brief list of the main features in NETCONF Simulator:
|
Effectively simulating numerous NETCONF/RESTCONF/gNMI devices MG-SOFT NETCONF Simulator can simulate thousands of NETCONF, RESTCONF and gNMI manageable network devices (servers) on one computer. Each simulated server listens on specific IP address and ports for NETCONF and (optionally) RESTCONF and gNMI requests and supports configured SSH/TLS access parameters. Furthermore, each simulated server instance can support a distinct set of YANG modules, capabilities, features, and datastore contents. Support for RESTCONF and gNMI protocols can be enabled on a per-server basis. When RESTCONF and gNMI are enabled, simulated servers support all 3 configuration protocols in parallel and expose the same YANG-modeled configuration and state data through NETCONF, RESTCONF and gNMI management interfaces. Network management systems can establish a number of concurrent NETCONF, RESTCONF and gNMI sessions with simulated servers and manipulate their configurations. In other words, the software lets you simulate arbitrary manageable networks that appear to NMS as a multitude of real NETCONF/RESTCONF/gNMI devices; all this without bulky and costly equipment (screen shot). | |
|
Supporting a wide range of NETCONF capabilities Besides the base NETCONF capabilities, the simulated servers support a number of optional protocol capabilities, like the writable-running datastore, candidate datastore, startup datastore, confirmed commit operation 1.0 and 1.1, XPath filtering, configuration validation 1.0 and 1.1, rollback-on-error, with-defaults data handling (RFC 6243), and so on. Other capabilities and features can be supported by configuring a corresponding YANG profile (e.g., yang-library, ietf-netconf-monitoring, ietf-netconf-acm, ietf-system, basic NETCONF notifications (RFC 5277, RFC 6470), dynamic notification subscriptions and YANG Push over NETCONF (RFC 8639 - RFC 8641), custom capabilities, etc.). | |
|
Supporting a wide range of RESTCONF capabilities Simulated servers support standard RESTCONF capabilities (:depth, :filter, :fields, etc. query parameters, notification event streams, with-defaults data handling (RFC 6243), and so on). Other capabilities and features can be supported by configuring a corresponding YANG profile (e.g., yang-library, ietf-restconf-monitoring, ietf-netconf-acm, ietf-system, basic RESTCONF notifications (RFC 5277, RFC 8040), dynamic notification subscriptions and YANG Push over RESTCONF (RFC 8639, RFC 8641, RFC 8650), custom capabilities, etc.). | |
|
Supporting all standard NETCONF protocol operations Simulated servers support all standard NETCONF v1.1 (RFC 6241), and NETCONF v1.0 (RFC 4741) operations, like <get>, <get-config>, <edit-config>, <copy-config>, <delete-config>, <commit>, <validate>, <lock>, <unlock>, etc. All the above makes the NETCONF simulations even more realistic and provides room for many use cases and test scenarios. For example, a NMS can connect to a simulated server and lock its running and candidate datastores (using the <lock> operation), write a configuration change to the candidate datastore by means of the <edit-config> operation, validate the new configuration on the server using the <validate> request, then apply the changes to the running datastore by performing the <commit> operation, then copy the configuration from running datastore to the startup datastore (<copy-config> RPC), so the server will boot up from it on the next start, then unlock the running and candidate datastores (<unlock> operation), then fetch the new configuration by means of the <get-config> request, etc. | |
|
Supporting all standard RESTCONF protocol operations When RESTCONF protocol is enabled, the simulated server supports all standard RESTCONF operations and HTTP methods, like GET, PUT, POST, PATCH, DELETE, etc. (RFC 8040). Furthermore, the software supports XML and JSON data encoding in RESTCONF protocol. | |
|
Supporting all standard gNMI protocol operations When gNMI protocol is enabled, the simulated server supports all standard gNMI operations, i.e., Get, Set, Subscribe and Capabilities (gNMI specification). Simulated gNMI servers support all 3 types of gNMI subscriptions specified in GNMI specification: ONCE, POLL and STREAM, and allow sending of updates to subscribed clients by means of gNMI notifications. Furthermore, the software supports JSON and JSON_IETF and PROTOBUF data encodings in gNMI. | |
|
NETCONF over SSH The software provides full support for the NETCONF v1.1 over SSH (RFC 6242), as well as for NETCONF v1.0 over SSH (RFC 4742) for backward compatibility reasons. In addition to the plain password authentication mechanism, NETCONF Simulator supports also public key authentication with SSH, with password authentication as a fallback option (screen shot). | |
|
NETCONF over TLS NETCONF Simulator can simulate servers that support NETCONF over TLS (Transport Layer Security) protocol employing the public key authentication mechanism. Both, NETCONF v1.1 over TLS (RFC 7589) and NETCONF 1.0 over TLS (for backward compatibility) (RFC 5539) are supported. | |
|
RESTCONF over HTTPS NETCONF Simulator can simulate servers that support RESTCONF over HTTP over TLS (HTTPS), using the TLS public key infrastructure (X.509 certificates) for authenticating both server and client, as specified in RFC 8040. | |
|
gNMI over TLS and gNMI without TLS NETCONF Simulator can simulate servers that support gNMI over TLS (Transport Layer Security) protocol employing the public key infrastructure (X.509 certificates) for authenticating both parties and encrypting gNMI connections. In addition, the software supports also insecure mode that does not involve TLS protocol and associated X.509 certificates. The latter can be used in secure environments to simplify configuration and management of gNMI servers. | |
|
Support for NETCONF Call Home over SSH and TLS The software lets you simulate NETCONF servers that support the Call Home functionality (RFC 8071), where servers are the peers that initiate connection with the client. Both secure transports, SSH and TLS, are supported for Call Home connections. Furthermore, MG-SOFT NETCONF Simulator lets you simulate NETCONF devices that acquire their own IP addresses and even target IP address for Call Home connection from a DHCP server in your network. All this lets you effectively simulate NETCONF devices as if located in customer premises or in a different network (e.g., behind a NAT/firewall), where devices "call home" to configured client(s)/NMS that will manage them. Enabling the Call Home feature in NETCONF Simulator is simple and profile-based, providing the convenience of easily applying the same Call Home settings to many servers (screen shot). | |
|
Support for basic NETCONF and RESTCONF notifications Simulated NETCONF/RESTCONF servers support the create-subscription method by which NETCONF and RESTCONF clients can subscribe to receiving asynchronous event notifications from servers. Simulated server(s) will then start sending the basic notifications from the 'NETCONF' event stream to subscribed clients via NETCONF or RESTCONF protocol, as described in RFC 5277 and RFC 8040. Currently, the notifications supported out-of-the-box are 'netconf-config-change', 'netconf-session-start', and 'netconf-session-end' (defined in ietf-netconf-notifications YANG module (RFC 6470)). These notifications are sent when a configuration change occurs in the given server and when a NETCONF/RESTCONF session is established and terminated, respectively. In addition, by means of scripting, simulated servers can send also any other notifications defined in YANG. | |
|
Support for dynamic and configured notification subscriptions (NETCONF/RESTCONF)
(RFC 8639)
Besides the original NETCONF event reporting mechanism defined in RFC 5277, NETCONF Simulator fully supports also a modern notification subscription model and notifying mechanism defined in RFC 8639 - RFC 8641 collectively referred to as "YANG Push". The software supports dynamic notification subscriptions, which are set up by means of the 'establish-subscription' RPC, as well as configured subscriptions, which are set up by means of the 'edit-config' operation in the 'subscriptions' subtree of the 'ietf-subscribed-notifications' YANG module. Multiple concurrent dynamic and configured subscriptions can be used on a single transport session. The software implements the 'ietf-subscribed-notifications' YANG module and supports the following dynamic subscription management operations: 'establish-subscription', 'modify-subscription', and 'delete-subscription' operation. Furthermore, NETCONF Simulator supports and sends also notifications that indicate the subscription state changes (e.g., 'subscription-started', 'subscription-modified', 'replay-completed', 'subscription-completed', etc.). | |
|
Telemetry streaming via YANG Push mechanism (NETCONF/RESTCONF)
(RFC 8641)
MG-SOFT NETCONF Simulator fully supports the datastore content streaming by means of NETCONF (RFC 8640) and RESTCONF notifications (RFC 8650). In other words, it allows clients to subscribe to datastore updates from simulated servers. The updates can be either periodic or on-change (i.e., whenever a modification in the subscribed content in the datastore occurs). This is so-called "YANG-Push" mechanism that enables streaming of YANG-modeled configuration and state data from server to client by means of 'push-update' or 'push-change-update' notifications defined in 'ietf-yang-push' module (RFC 8641). This mechanism eliminates the need for periodic polling of YANG datastores by NETCONF/RESTCONF clients. | |
|
Telemetry streaming via gNMI subscriptions
In addition to the NETCONF/RESTCONF subscription mechanisms, NETCONF Simulator supports also gNMI subscriptions, as specified in (gNMI specification, section 3.5). The software supports all 3 types of gNMI subscriptions: ONCE, POLL and STREAM and allows sending of updates to subscribed clients by means of gNMI notifications. A subscription of type ONCE returns one-off data (it acts as a single request/response interaction); a subscription of type POLL allows the client to periodically request a set of subscribed data (similar to polling), and subscription of type STREAM is a long-lived subscription that streams data from server to client either periodically in regular intervals (sample), or only when a change in the subscribed content occurs (on-change). | |
|
YANG profiles define NETCONF/RESTCONF/gNMI server data model and actual data The data model (YANG files, features), the content of the running datastore (configuration and state data) and live behavior (automatic data changing) can be configured in YANG profiles. A YANG profile can be assigned to one or more simulated servers to exhibit the data model and return the configuration and state data written in the profile. This way, one can create different types of NETCONF/RESTCONF/gNMI devices that "implement" different data models and associated data. The software can use data models defined by any set of valid YANG 1.1 (RFC 7950) and YANG 1.0 (RFC 6020) modules - standard and proprietary (screen shot). | |
|
Creating YANG profiles by taking snapshots of real NETCONF devices or by downloading YANG modules from GitHub MG-SOFT NETCONF Simulator can take a "snapshot" of any NETCONF server on the network and then simulate such server (screen shot). In addition to the configuration and/or state data retrieved from a real NETCONF device, the software can download also the YANG modules from it and discover the features it supports. Server snapshot can be viewed and edited in the built-in visual Snapshot Editor. All this information is stored in a YANG profile that can be easily assigned to one or more simulated servers. Alternatively, the software lets you add YANG modules to a YANG profile from a local file system or by downloading them from GitHub repositories (screen shot). | |
|
Configurable NETCONF/RESTCONF/gNMI server behavior (live value templates) MG-SOFT NETCONF Simulator lets you configure various methods by which the state and configuration data nodes in simulated NETCONF/RESTCONF/gNMI servers automatically change their values (e.g., generate random value, increase or decrease numeric value by fixed or variable amount, compute desired value by using XPath expressions, etc.). This enables exhibiting a certain behavior of a server during simulation (e.g., high network traffic, or flapping status of interfaces, or certain configuration changes, ...). The configured methods are stored as live value templates that can be quickly re-used for any data node of compatible type. In other words, the software lets you configure a specific live behavior and easily apply it to multiple simulated NETCONF/RESTCONF/gNMI servers that use the same YANG profile, while offering the possibility to customize/override the behavior for individual servers or even individual instances of a data node (e.g., one interface behaves differently than others). The latter is achieved by implementing the three-level approach to configuring live behavior: top-level is done on the schema tree of the YANG profile, mid-level is configured on the instantiated data tree (snapshot) of the YANG profile, and the low-level on the instantiated data tree of a specific server. You can configure the live behavior on any of the three levels (or combinations thereof), based on the required node instance diversity and the number of NETCONF/RESTCONF/gNMI servers that should exhibit the same behavior (screen shot). | |
|
NETCONF Simulator Scripting API and Script Wizard In addition to the GUI-configurable live behavior, the software incorporates also the Scripting API, which is a JavaScript library for programming the live behavior of simulated NETCONF/RESTCONF/gNMI servers. The API provides a programming interface to the running datastore, configuration and state data nodes, NETCONF session elements and notifications of simulated servers. Scripts that utilize the API can be executed when a configuration data node is created (onCreate), deleted (onDelete), modified (onValueChange) (screen shot) via the NETCONF/RESTCONF/gNMI protocol, or whenever the running configuration is changed (onCommit). Scripts can also be invoked programmaticaly trough Northbound Interface (NBI) or automatically when simulated servers are started (onStart) (screen shot). The Sripting API comes with comprehensive documentation describing all API classes and methods, as well as step-by-step tutorials for writing different types of scripts. Furthermore, NETCONF Simulator incorporates the Script Wizard tool that lets you create all types of simulation scripts in a straightforward and rapid manner (screen shot). | |
|
Built-in Script Editor/Debugger NETCONF Simulator includes the Script Editor window that features JavaScript syntax coloring and validation, code-completion and templates that let you write or edit live behavior scripts in no time (screen shot). In addition, the built-in set of code debugging tools, like the ability to set breakpoints, execute code line-by-line using 'Step Over' and 'Step In' functions (screen shot) and the integrated scratchpad testing datastore allow you to debug the scripts and observe the execution results in graphical manner (data nodes are created, deleted, modified, etc. in the testing datastore). One can also create scripts that send notifications, perform additional validation of data and return errors, establish Call Home sessions, etc. The integrated API documentation and step-by-step tutorials in HTML form allow you to get acquainted with the API usage quickly and effectively (screen shot). All this lets you create and run scripts in a highly productive manner. | |
|
Scripting scenarios for realistic simulation of NETCONF/RESTCONF/gNMI devices The use of scripting allows for advanced modeling of sever behavior, sending of notifications, advanced creation of error scenarios and inter-relationships between YANG node instances. The built-in Scripting Scenario Editor lets you create different simulation scenarios and assign scripts to them and then activate or de-activate one or more scenarios during runtime, without stopping the simulation. Scripting scenarios enable fully realistic simulations of server behavior in different situations and error conditions (screen shot). | |
|
Server Snapshot Editor and Startup Datastore Editor NETCONF Simulator incorporates a visual editor that lets you build and edit the state and configuration data tree based on the underlying YANG data model, set the values of data node instances (fixed or live values), and validate the correctness of the specified data. The visual editor allows you to build the data tree by selecting the desired node instances from the context menu and edit the values of sibling node instances in a convenient tabular view, which provides quick access also to live value templates. This visual data tree editor is incorporated in the Snapshot Editor window (screen shot) and in the Startup Datastore Editor window (screen shot). The former lets you edit the NETCONF/RESTCONF/gNMI server snapshot of a selected YANG profile. A snapshot contains configuration and state data which is copied to the running datastore of those simulated servers that use the given YANG profile and do not have a distinct startup configuration. A snapshot can be either retrieved from a real NETCONF device or created from scratch in the Snapshot Editor window. The Startup Datastore Editor window is similar to the Snapshot Editor window, however, it is used for editing the contents of the startup datastore of a specific (selected) server. | |
|
Generating datastore content from YANG NETCONF Simulator lets you generate an entire subtree of configuration and optionally also state data in the running or startup datastore. You can generate the content at any level, for example, at the root to populate the entire datastore or at any container or list node to create a certain subtree of data, as modeled in YANG (screen shot). The generated data node instances will have random or default values that can be easily edited as desired. This feature significantly speeds up the datastore editing process, especially when creating datastore content from scratch. | |
|
Access profiles define NETCONF/RESTCONF/gNMI server connection parameters The software lets you configure access profiles containing NETCONF/RESTCONF/gNMI connection parameters, including the transport protocol (SSH/TLS), user credentials, X.509 certificates/keys and optional NETCONF Call Home settings and DHCP options. An access profile can be assigned to multiple simulated servers to utilize specified access parameters for establishing NETCONF, RESTCONF and gNMI connections with clients (screen shot). | |
|
Support for custom RPCs and actions The software supports simulating the invocation of data-model-specific operations and actions defined with the YANG 'rpc' or 'action' statements, and returning a valid response to NETCONF or RESTCONF clients (without performing the actual operation on the server). If the operation or action is invoked with correct input parameters as defined in YANG module(s) utilized by the simulated server, the response will contain the automatically generated values of output parameters (if defined in YANG). Otherwise, a corresponding error will be returned in the response. When using scripting, the actual custom rpc/action can be perfromed by the script on onExecute event and the results passed in rpc-reply to the client. | |
|
Various data validation options NETCONF Simulator can perform complete validation of the configuration and state data in its datastores and will not accept the data if it does not fully conform to YANG data model. However, the software also supports relaxed validation, where certain parts of the validation are not performed. This allows ignoring some inconsistencies in the configuration of simulated servers and can be used to simulate NETCONF/RESTCONF/gNMI servers that do not (fully) comply with specification (data model). Validation parts that can be disabled include checking the values of node instances, constraints represented by 'Min/Max-elements', 'Mandatory', 'Must' and 'When' YANG statements (screen shot). | |
|
Problems window panel The Problems panel in the lower-right section of the main window displays error and warning messages that let you tell at a glance if there are any issues in the simulation configuration (e.g., failed to start server due to unavailable port or IP, invalid datastore content, missing YANG modules, problems with system IP allocation, etc.). This window not only immediately notifies you when the problems emerge, but also provides a detailed explanation of detected issues and lets you fix them in a rapid and straightforward manner (screen shot1), (screen shot2) . | |
|
Implementing the ietf-yang-library and ietf-netconf-monitoring YANG modules NETCONF Simulator "implements" the standard 'ietf-yang-library' (RFC 7895) and 'ietf-netconf-monitoring' (RFC 6022) YANG modules, meaning that all YANG modules you assign to a simulated server will be automatically announced as supported in these two modules. This also means that NETCONF/RESTCONF clients will be able to download the supported YANG modules directly from the simulated servers by means of the HTTP Get method or the NETCONF <get-schema> operation. | |
|
Support for network configuration access control model (NACM) MG-SOFT NETCONF Simulator implements the network configuration access control model (NACM), as defined in the 'ietf-netconf-acm' module (RFC 8341). If a YANG profile includes the 'ietf-netconf-acm' module, then the simulated server that uses this YANG profile will support the NACM. By default, all users will have full access (read, write, execute) to all datastore contents (no restriction is enforced). However, one can configure a simulated server to restrict access to datastore contents for one or more users. This can be configured either by means of the NETCONF/RESTCONF/gNMI protocol or by using the GUI (e.g., Snapshot Editor). | |
|
User provisioning via NETCONF/RESTCONF (ietf-system & o-ran-usermgmt) MG-SOFT NETCONF Simulator supports the user provisioning, as specified in 'ietf-system' (system/authentication/user) and 'o-ran-usermgmt' YANG modules. This means that if either of these two YANG modules is included in the assigned YANG profile, you can manage users and their permissions to access the given server either by using NETCONF/RESTCONF/gNMI protocol or the GUI (e.g., Snapshot Editor). | |
|
Built-in X.509 certificate management tool The software incorporates a tool that lets you generate and manage digital certificates and public-private key pairs used for securing NETCONF over TLS, NETCONF over SSH, RESTCONF and gNMI sessions. This easy-to-use tool allows you to generate new public and private key pairs wrapped in X.509 certificates in a wizard-driven fashion, quickly import certificates from external keystore files, generate certificate signing requests, export certificates, manage trusted CA certificates, etc. (screen shot). | |
|
Integrated DHCP client with vendor options 60, 124, 43 and 143 The newly incorporated DHCP client enables NETCONF Simulator to dynamically acquire IP addresses from a DHCP server in your network and assign these addresses to simulated NETCONF/RESTCONF servers. NETCONF Simulator can either discover DHCP server automatically (by using the standard broadcast DHCP requests), or query a user-specified DHCP server (using unicast DHCP requests). Furthermore, NETCONF Simulator supports DHCP vendor options 60 and 124, which allow it to identify itself to the DHCP server by using the vendor class string. DHCP server may use this information when allocating IP addresses or when provisioning other network configuration data to NETCONF Simulator (e.g., Call Home target address) by using Vendor encapsulated option (43) or Zerotouch redirect option (143). Among others, these options can be used for simulating O-RAN NETCONF devices (screen shot). | |
|
Simulator engine (service) and management console (GUI) The main components of the software are the simulator engine and the management console (GUI). Simulator engine continuously runs as a system service and simulates NETCONF/RESTCONF/gNMI servers. An easy-to-use graphical user inaterface is provided for configuring and managing simulated server instances. The GUI features a classic (light) visual theme and a dark theme. One can switch between the dark and light mode at any time in the program preferences (screen shot 1) (screen shot 2). | |
|
Northbound interface supporting RESTCONF protocol The software incorporates a northbound interface (NBI) that enables integration of NETCONF Simulator into automated testing environments (e.g., CI/CD). NBI supports creating, updating, starting, stopping and deleting simulated NETCONF/RESTCONF/gNMI servers, as well as retrieving the server status and applying scripting scenarios programmatically via the REST API. The API also offers the ability to upload a startup datastore from a local XML file to NETCONF Simulator and start a simulated server with it, providing the configuration and state data the server will return. Furthermore, 'NBI' live behavior scripts can be invoked through this API, which enables controlling of the behavior of simualted servers from automated test environments. The data model of the NBI is defined in a YANG module bundled with the software. Through NBI, simulated servers can be created and manipulated by using any RESTCONF client tool, for example, MG-SOFT NETCONF Browser Pro. For user convenience, curl-based NBI client scripts for Windows and Linux are provided (screen shot), as well as the OpenAPI definition file for RESTful API tools like Swagger and Postman, enabling straightforward configuration of NETCONF Simulator via NBI. | |
|
Support for IPv4 and IPv6 and the built-in IP Address Manager tool NETCONF Simulator features a built-in IP Address Manager utility that lets you easily add multiple IPv4 and IPv6 addresses to the local network interfaces in order for simulated servers to listen on these addresses (screen shot). | |
|
Bulk commands for greater productivity NETCONF Simulator management console offers commands that let you create, configure, start and stop simulating multiple NETCONF/RESTCONF/gNMI servers at a time (screen shot). | |
|
Logging important operations and NETCONF/RESTCONF/gNMI messages exchanged between servers and clients The software logs all major user actions performed on the simulated servers, like creating new servers, starting servers, stopping servers, deleting servers, etc. and the status of these actions. In addition to this general log, the software lets you create a dedicated log for each simulated server instance. Such a dedicated log contains a list of the actual NETCONF, RESTCONF and gNMI requests and responses exchanged between the given server and clients (screen shot). | |
|
Tracing NETCONF, RESTCONF and gNMI transactions The NETCONF Simulator Transactions Trace window lets you record and view all NETCONF, RESTCONF and gNMI transactions between simulated servers and clients. A transaction is a NETCONF operation (e.g., get, get-config, edit-config, etc.) or a RESTCONF operation (e.g., get, put, patch, etc.) or a gNMI operation (e.g., get, set, subscribe, etc.) that includes both – a request and a response message. A transaction in this context is also a NETCONF or RESTCONF or gNMI notification message. In addition to being able to capture and view transactions, the Transactions Trace tool includes also powerful filtering and searching capabilities to find and display only transactions of interest. All in all, this tool is valuable for analyzing the NETCONF/RESTCONF/gNMI traffic and debugging incorrect behavior of NETCONF/RESTCONF/gNMI clients that communicate with simulated servers (screen shot). | |
|
Saving and loading simulation configurations Once you have configured everything in the NETCONF Simulator management console, you can save the entire simulation configuration to disk for later use. This functionality allows you to save several fully configured groups of NETCONF/RESTCONF/gNMI servers (e.g., where servers use different IP addresses, ports, YANG profiles, etc.) and then quickly switch between any of the configured simulations (screen shot). | |
|
Runs on Windows and Linux operating systems with 64-bit Java(TM) 8+ MG-SOFT NETCONF Simulator is available for 64-bit Microsoft Windows and Linux operating systems with 64-bit Java(TM) Runtime Environment 8 or later installed. Eclipse Adoptium JDK 11 or later is also supported. For detailed system requirements please consult the section 2.1 of the User Manual. |
