Failed to connect to SSH server

[mga...@mgamble.ca]

I was trying out NetconfX today with some Cisco devices and can't get it to connect - it always throws an exception.  Adding some additional debugging, it appears the issue is an NPE in the fromNetconfXml function in Capabilities.java.  

Here's the initial response from my device:

<?xml version="1.0" encoding="UTF-8"?><hello><capabilities><capability>urn:ietf:params:netconf:base:1.0</capability><capability>urn:ietf:params:netconf:capability:writeable-running:1.0</capability><capability>urn:ietf:params:netconf:capability:startup:1.0</capability><capability>urn:ietf:params:netconf:capability:url:1.0</capability><capability>urn:cisco:params:netconf:capability:pi-data-model:1.0</capability><capability>urn:cisco:params:netconf:capability:notification:1.0</capability></capabilities><session-id>272148504</session-id></hello>]]>]]>

The XML looks valid, and at a quick glance the elements line up with what the code is looking for, but I'm still getting the NPE and a failure to connect.

Any suggestions before I start really digging into the code?  Is this a known problem with Cisco devices?

[Subramaniam Aiylam]

I am not aware of any specific problem with Cisco devices. However, looking at the XML, it seems like there is no namespace defined with the <hello> tag. The expected namespace is "urn:ietf:params:xml:ns:netconf:base:1.0" - see:

   https://tools.ietf.org/html/rfc6241#section-8.1

 It is possible there are Cisco devices out there that don't conform to the RFC. Could you provide me with the following information:

 - What Cisco device are you talking to?

 - Could you send me a stack trace of the exception? Maybe the stack needs to be more forgiving for certain Cisco devices.

Best Regards

--
You received this message because you are subscribed to the Google Groups "NetconfX" group.
To unsubscribe from this group and stop receiving emails from it, send an email to netconfx+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[mga...@mgamble.ca]

The device is a Cisco 897, running Cisco IOS Software, C800 Software (C800-UNIVERSALK9-M), Version 15.3(3)M1, RELEASE SOFTWARE (fc1).  I tried with a few other Cisco 8xx devices and none of them put the correct namespace in the XML.

Here's the stack:

java.lang.RuntimeException: Failed to connect to SSH server: 172.16.1.1 at port:22

at com.centeredlogic.net.netconf.transport.ssh.SshConnection.establishSession(SshConnection.java:227)

at com.centeredlogic.net.netconf.transport.ssh.SshConnection.connect(SshConnection.java:196)

at com.centeredlogic.net.netconf.transport.ssh.SyncSshConnection.connect(SyncSshConnection.java:43)

at com.centeredlogic.net.netconf.transport.ssh.SshTransportClient.connect(SshTransportClient.java:128)

at com.centeredlogic.net.netconf.transport.ssh.SshTransportClient.obtainConnection(SshTransportClient.java:272)

at com.centeredlogic.net.netconf.transport.ssh.SshTransportClient.send(SshTransportClient.java:183)

at com.centeredlogic.net.netconf.Client.sendRaw(Client.java:825)

at com.centeredlogic.net.netconf.Client.send(Client.java:803)

at com.centeredlogic.net.netconf.Client.loadDeviceCaps(Client.java:162)

at com.centeredlogic.net.netconf.Client.connect(Client.java:150)

at com.centeredlogic.net.netconf.Client.setup(Client.java:141)

at com.centeredlogic.net.netconf.Client.setup(Client.java:113)

If you look further into the code and add some additional debugging it looks like the issue starts in the processResponseInternal section of SshConnection.java - capsRoot ends up being null (likely due to the name space error) and then from there the rest of the stack above happens.  I tried changing the namespace to blank, but that didn't help.

[Subramaniam Aiylam]

Instead of passing in a blank namespace, try doing:

         Element capsRoot = response.getChild("capabilities");

In other words, use the getChild() call that does not take in a namespace parameter.

I think that should work for you...