MG-SOFT NETCONF Simulator

Main features


MG-SOFT NETCONF Simulator software application can simulate numerous NETCONF-enabled network devices (servers) on one machine, where each simulated server listens on a different IP address or port and supports its own set of YANG modules, features and NETCONF access parameters.

The following is a brief list of the main features in NETCONF Simulator:

Effectively simulating numerous NETCONF devices
MG-SOFT NETCONF Simulator can simulate thousands of NETCONF-capable network devices (servers) on one machine. Each simulated NETCONF server binds to a specified IP address, port and network interface and can support its own set of access parameters (SSH or TLS transport, user credentials, certificates). Furthermore, each simulated server instance can support a distinct set of YANG modules, capabilities, features, and datastores (configuration and state data). Network management systems can establish a number of concurrent NETCONF sessions with simulated NETCONF servers to manipulate their configurations and retrieve their state data. In other words, the software lets you simulate arbitrary NETCONF networks that appear to NMS as a multitude of real NETCONF devices, without using the bulky and costly equipment (screen shot).
Supporting a wide range of NETCONF capabilities
Besides the base NETCONF capabilities, the simulated servers support a number of optional protocol capabilities, like the writable-running datastore, candidate datastore, startup datastore, confirmed commit operation 1.0 and 1.1, XPath filtering, configuration validation 1.0 and 1.1, rollback-on-error, with-defaults data handling (RFC 6243), and so on. Other capabilities and features can be supported by configuring a corresponding YANG profile (e.g., yang-library, ietf-netconf-monitoring, ietf-netconf-acm, ietf-system, basic NETCONF notifications (RFC 5277), (RFC 6470), etc.
Supporting all standard NETCONF protocol operations
Simulated servers also support all standard NETCONF v1.1 (RFC 6241), and NETCONF v1.0 (RFC 4741) operations, like <get>, <get-config>, <edit-config>, <copy-config>, <delete-config>, <commit>, <validate>, <lock>, <unlock>, etc. All the above makes the NETCONF simulations even more realistic and provides room for many use cases and test scenarios, for example, a NMS can connect to a simulated server and lock its running and candidate datastores (using the <lock> operation), write a configuration change to the candidate datastore by means of the <edit-config> operation, validate the new configuration on the server using the <validate> request, then apply the changes to the running datastore by performing the <commit> operation, then copy the configuration from running datastore to the startup datastore (<copy-config> RPC), so the server will boot up from it on the next restart, then unlock the running and candidate datastores (<unlock> operation), then fetch the new configuration by means of the <get-config> request, etc.
NETCONF over SSH
The software provides full support for the NETCONF v1.1 over SSH (RFC 6242), as well as for NETCONF v1.0 over SSH (RFC 4742) for backward compatibility reasons. In addition to the plain password authentication mechanism, NETCONF Simulator supports also public key authentication with SSH, with password authentication as a fallback option (screen shot).
NETCONF over TLS
NETCONF Simulator can simulate servers that support NETCONF over TLS (Transport Layer Security) protocol employing the public key authentication mechanism. Both, NETCONF v1.1 over TLS (RFC 7589) and NETCONF 1.0 over TLS (for backward compatibility) (RFC 5539) are supported.
Support for NETCONF Call Home over SSH and TLS
The software lets you simulate NETCONF servers that support the Call Home functionality (RFC 8071), where servers are the peers that initiate connection with the client. Both secure transports, SSH and TLS, are supported for Call Home connections. Furthermore, MG-SOFT NETCONF Simulator lets you simulate NETCONF devices that acquire their own IP addresses and even target IP address for Call Home connection from a DHCP server in your network. All this lets you effectively simulate NETCONF devices as if located in customer premises or in a different network (e.g., behind a NAT/firewall), where devices "call home" to configured client(s)/NMS to manage them. Enabling the Call Home feature in NETCONF Simulator is simple and profile-based, providing the convenience of easily applying the same Call Home settings to many servers (screen shot).
Support for basic NETCONF notifications
NETCONF Simulator supports the create-subscription method by which NETCONF clients can subscribe to receiving basic asynchronous event notifications from simulated NETCONF servers. Simulated server(s) will then send the basic notifications from the NETCONF event stream to subscribed clients, as described in (RFC 5277). Currently supported notifications are the netconf-config-change, netconf-session-start, and netconf-session-end (defined in ietf-netconf-notifications YANG module (RFC 6470)). These notifications are sent when a configuration change occurs in the given server and when a NETCONF session is established and terminated, respectively.
YANG profiles define NETCONF server data model and actual data
The data model (YANG files, features), the content of the running datastore (configuration and state data) and live behavior (automatic data changing) can be configured in YANG profiles. A YANG profile can be assigned to one or more simulated servers to exhibit the data model and return the configuration and state data written in the profile. This way, one can create different types of NETCONF devices that "implement" different data models and associated data. The software can use data models defined by any set of valid YANG 1.1 (RFC 7950) and YANG 1.0 (RFC 6020) modules - standard and proprietary (screen shot).
Creating YANG profiles by taking snapshots of real NETCONF devices
MG-SOFT NETCONF Simulator can take a "snapshot" of any NETCONF server on the network and then simulate such server. In addition to the configuration and/or state data retrieved from a real NETCONF device, the software can download also the YANG modules from it and discover the features it supports. Server snapshot can be viewed and edited in the built-in visual Snapshot Editor. All this information is stored in a YANG profile that can be easily assigned to one or more simulated NETCONF servers (screen shot).
Configurable NETCONF server behavior (live value templates)
MG-SOFT NETCONF Simulator lets you configure various methods by which the state and configuration data nodes in simulated NETCONF servers automatically change their values (e.g., generate random value, increase or decrease numeric value by fixed or variable amount, compute desired value by using XPath expressions, etc.). This enables exhibiting a certain behavior of a server during simulation (e.g., high network traffic, or flapping status of interfaces, or certain configuration changes, ...). The configured methods are stored as live value templates that can be quickly re-used for any data node of compatible type. In other words, the software lets you configure a specific live behavior and easily apply it to multiple simulated NETCONF servers that use the same YANG profile, while offering the possibility to customize/override the behavior for individual servers or even individual instances of a data node (e.g., one interface behaves differently than others). The latter is achieved by implementing the three-level approach to configuring live behavior: top-level is done on the schema tree of the YANG profile, mid-level is configured on the instantiated data tree (snapshot) of the YANG profile, and the low-level on the instantiated data tree of a specific server. You can configure the live behavior on any of the three levels (or combinations thereof), based on the required node instance diversity and the number of NETCONF servers that should exhibit the same behavior (screen shot).
NETCONF Simulator Scripting API
In addition to the GUI-configurable live behavior, the software incorporates also the Scripting API, which is a JavaScript library for programming the live behavior of simulated NETCONF servers. The API offers programming interface to the running datastore, configuration and state data nodes, NETCONF session elements and notifications of simulated servers. Scripts that utilize the API can be executed when a configuration data node is created (onCreate), deleted (onDelete), or modified (onValueChange) (screen shot) via the NETCONF protocol, or whenever the running configuration is changed (onCommit). Scripts can also be executed when simulated servers are started and periodically afterwards (onStart) (screen shot). The Sripting API comes with comprehensive documentation describing all API classes and methods, as well as step-by-step tutorials for writing different types of scripts.
Built-in Script Editor/Debugger
NETCONF Simulator includes the Script Editor window that features JavaScript syntax coloring and validation, code-completion and templates that let you write or edit live behavior scripts in no time (screen shot). In addition, the built-in set of code debugging tools, like the ability to set breakpoints, execute code line-by-line using 'Step Over' and 'Step In' functions (screen shot) and the integrated scratchpad testing datastore allow you to debug the scripts and observe the execution results in a graphical manner (data nodes are created, deleted, modified, etc. in the testing datastore). The integrated API documentation and step-by-step tutorials in HTML form allow you to get acquainted with the API usage quickly and effectively. All this lets you create and run scripts in a highly productive manner.
Scripting scenarios for realistic simulation of NETCONF devices
The use of scripting allows for advanced modeling of sever behavior, sending of notifications, advanced creation of error scenarios and inter-relationships between YANG node instances. The built-in Scripting Scenario Editor lets you create different simulation scenarios and assign scripts to them and then activate or de-activate one or more scenarios during runtime, without stopping the simulation. Scripting scenarios enable fully realistic simulations of server behavior in different situations and error conditions (screen shot).
Server Snapshot Editor and Startup Datastore Editor
NETCONF Simulator incorporates a visual editor that lets you build and edit the state and configuration data tree based on the associated YANG data model, set the values of data node instances (fixed or live values), and validate the correctness of the specified data. The visual editor allows you to build the data tree by selecting the desired node instances from the context menu and edit the values of sibling node instances in a convenient tabular view, which provides quick access also to live value templates. This visual data tree editor is incorporated in the Snapshot Editor window (screen shot) and in the Startup Datastore Editor window (screen shot) The former lets you edit the NETCONF server snapshot of a selected YANG profile. A server snapshot contains configuration and state data which is copied to the running datastore of those simulated servers that use the given YANG profile and do not have a distinct startup configuration. A snapshot can be either retrieved from a real NETCONF device or created from scratch in the Snapshot Editor window. The Startup Datastore Editor window is similar to the Snapshot Editor window, however, it is used for editing the contents of the startup datastore of a particular (selected) server
Access profiles define NETCONF server connection parameters
The software lets you configure access profiles containing NETCONF connection parameters, including the transport protocol (SSH or TLS), user credentials, X.509 certificates/keys and optional NETCONF Call Home settings and DHCP options. An access profile can be assigned to one or more simulated NETCONF servers in order to use the specified parameters while establishing NETCONF connections with clients (screen shot).
Support for custom RPCs and actions.
The software supports simulating the invocation of non-standard RPCs and actions defined in YANG modules and returning a valid response to NETCONF clients (without performing the actual operation on the server). If the RPC or action is invoked with correct input parameters as defined in YANG module(s) configured for the simulated server, the response will contain the automatically generated values of output parameters (if defined in YANG). Otherwise, a corresponding error will be returned in a rpc-reply message.
Various validation options.
By default, NETCONF Simulator performs complete validation of the configuration and state data in its datastores and will not allow performing a configuration change if the data does not pass the validation. However, the software now lets you optionally turn off some parts of the validation and thus ignore some inconsistencies in the configuration of simulated servers. This can be used to simulate NETCONF servers that do not (fully) comply with specification (data model). Validation parts that can be disabled include constraints represented by 'Min/Max-elements', 'Mandatory', and 'Must' YANG statements (screen shot).
Built-in X.509 certificate management tool
The software incorporates a tool that lets you generate and manage digital certificates and public-private key pairs used for securing NETCONF over TLS and NETCONF over SSH sessions. This easy-to-use tool allows you to generate new public and private key pairs wrapped in X.509 certificates in a wizard-driven fashion, quickly import certificates from external keystore files, generate certificate signing requests, export certificates, manage trusted CA certificates, etc. (screen shot).
Implementing the ietf-yang-library and ietf-netconf-monitoring YANG modules
NETCONF Simulator "implements" the standard 'ietf-yang-library' (RFC 7895) and 'ietf-netconf-monitoring' (RFC 6022) YANG modules, meaning that all YANG modules you assign to a simulated server will be automatically announced as supported in these two modules. This also means that NETCONF clients will be able to downlaod the supported YANG modules directly from the simulated servers by means of the HTTP Get method or the NETCONF <get-schema> operation.
Support for NETCONF access control model (NACM).
MG-SOFT NETCONF Simulator implements the Network Access Control Model (NACM), as defined in the 'ietf-netconf-acm' module (RFC 8341). If a YANG profile includes the 'ietf-netconf-acm' module, then the simulated server that uses this YANG profile will support the NACM. By default, all users will have full access (read, write, execute) to all datastore contents (no restriction is enforced). However, one can configure a simulated server to restrict access to datastore contents for one or more users. This can be configured either by means of the NETCONF protocol or by using the GUI (e.g., Snapshot Editor).
User provisioning via NETCONF (ietf-system & o-ran-usermgmt).
MG-SOFT NETCONF Simulator supports the user provisioning, as specified in 'ietf-system' (system/authentication/user) and 'o-ran-usermgmt' YANG modules. This means that if either of these two YANG modules is included in the assigned YANG profile, you can manage users and their permissions to access the given server either by using NETCONF protocol or the NETCONF Simulator management console (e.g., Snapshot Editor).
Integrated DHCP client with vendor options 60, 124, 43 and 143.
The newly incorporated DHCP client enables NETCONF Simulator to dynamically acquire IP addresses from a DHCP server in your network and assign these addresses to simulated NETCONF servers. NETCONF Simulator can either discover DHCP server automatically (by using the standard broadcast DHCP requests), or query a user-specified DHCP server (using unicast DHCP requests). Furthermore, NETCONF Simulator supports DHCP vendor options 60 and 124, which allow it to identify itself to the DHCP server by using the vendor class string. DHCP server may use this information when allocating IP addresses or when provisioning other network configuration data to NETCONF Simulator (e.g., Call Home target address) by using Vendor encapsulated option (43) or Zerotouch redirect option (143). Among others, these options can be used for simulating O-RAN NETCONF devices (screen shot).
Simulator engine (service) and management console (GUI)
The main components of the software are the simulator engine and the management console (GUI). Simulator engine continuously runs as a system service and simulates NETCONF servers. An easy-to-use graphical user inaterface is provided for configuring and managing simulated NETCONF server instances. The GUI offers a classic (light) visual theme and a dark theme. One can switch between the dark and light mode at any time in the program preferences (screen shot 1) (screen shot 2).
Bulk commands and IP Address Manager tool for greater productivity
NETCONF Simulator management console offers commands that let you create, configure, start and stop simulating multiple NETCONF servers at a time (screen shot). It also features a built-in IP address manager utility that lets you easily add multiple IP addresses to the local network interfaces in order for simulated servers to listen on these addresses (screen shot).
Logging important operations and NETCONF messages exchanged between servers and clients
The software logs all major user actions performed on the simulated servers, like creating new servers, starting servers, stopping servers, deleting servers, etc. and the status of these actions. In addition to this general log, the software lets you open a dedicated log for each simulated server instance. Such a dedicated log contains records of actual NETCONF RPC requests and responses exchanged between the given NETCONF server and NETCONF clients. The latter can be valuable for analyzing the NETCONF traffic and for debugging incorrect behavior of NETCONF clients that communicate with simulated servers (screen shot).
Saving and loading simulation configurations
Once you have configured everything in the NETCONF Simulator management console, you can save the entire simulation configuration to disk for later use. This functionality allows you to save several fully configured groups of NETCONF servers (e.g., where servers use different IP addresses, ports, YANG profiles, etc.) and then quickly switch between any of the configured simulations (screen shot).
Runs on Windows operating systems with Java(TM) 8+
MG-SOFT NETCONF Simulator runs on 64-bit Microsoft Windows operating systems with Oracle Java(TM) Runtime Environment 8 or later installed. AdoptOpenJDK 11 or later Java distribution is also supported. For detailed system requirements please consult the section 2.1 of the User Manual.