If i use POSTMAN 7 use a GET from the SET Method it returns an api. in the case of
https://api.icndb.com/jokes/random it will return a Random joke.

If i use the DELETE from the SET method using the Same using the same URL where am i deleting from? the actual dtabase where the data is or just locally on my machine?

Surely i shouldn't be allowed to Delete anything without permission?

Go easy on me I'm a newby and thanks in advance.

Every xml file should have a root element, so in this case would it be better:

<?xml version="1.0" encoding="UTF-8" ?>
<addresses>
  <address>
    <ip>172.16.0.2</ip>
   <netmask>255.255.255.0</netmask>
  </address>
  <address>
    <ip>172.16.0.3</ip>
    <netmask>255.255.255.0</netmask>
  </address>
  <address>
    <ip>172.16.0.4</ip>
    <netmask>255.255.255.0</netmask>
  </address>
</addresses>

I am learning the lesson in Python Part3 trying to use the request.get

Now in the video he uses 10.10.20.21 however in the info for the lesson it say to reference the always on sandbox. The router ther has an ip address of 10.10.20.48 so this is the ip address I've used. so i enter all the correct info and get the cert warning, which i expect, but when I run the print command to get the interface info I'm getting errors for access denied and protocol, why is this ?

Firstly you can see i make it as far as the router as i get a cert warning regarding the self certs

router = {“ip”: “10.10.20.48” ,
… “port”:“443”,
… “user”:“XXXX”,
… “pass”:“XXXXX”}

headers = {“Accept”: “application/yang-data+json”}
u = “https://{}:{}/restconf/data/interfaces/interface=Gigabitethernet1”
u = u.format(router[“ip”], router[“port”])
print(u)
https://10.10.20.48:443/restconf/data/interfaces/interface=Gigabitethernet1

r = requests.get(u,
… headers = headers,
… auth=(router[“user”], router[“pass”]),
… verify=False)
C:\Users\M7551873\AppData\Local\Programs\Python\Python38\lib\site-packages\urllib3\connectionpool.py:1013: InsecureRequestWarning: Unverified HTTPS request is being made to host ‘10.10.20.48’.
Adding certificate verification is strongly advised. See: Advanced Usage - urllib3 2.0.0.dev0 documentation

I then run pprint and expect it to return the interface information but i get access denied. I expect this is because I’m being given the wrong credentials? Or is it the request headers? this is what i get when running the print command

pprint(r.text)
Traceback (most recent call last):
File “”, line 1, in
NameError: name ‘pprint’ is not defined

from pprint import pprint
pprint(r.text)
(’{\n’
’ “errors”: {\n’
’ “error”: [\n’
’ {\n’
’ “error-tag”: “access-denied”,\n’
’ “error-type”: “protocol”\n’
’ }\n’
’ ]\n’
’ }\n’
‘}\n’)

print(r.text)
{
“errors”: {
“error”: [
{
“error-tag”: “access-denied”,
“error-type”: “protocol”
}
]
}
}

at the videos credentials are given as
devnetuser
Cisco123! , however this does not work . I believe sandboxdnac2 somehow has been decommissioned ?

In the netprog_basics repo, under ‘programming fundamentals’ - ‘python_part_3’, it is a little bit confusing… In the video you are using interactive python for the libraries demos, but the commands are not included in the repo… In fact the repo includes commands in a scratchpad file, but those go against 127.0.0.1 (so I guess you were using vagrant when you wrote it). Overall it is confusing, feels like the repo is a little bit “disconnected’ from the video.

it gives authentication error, obviously credentials for 127.0.0.1 is wrong.

In the following path
programming_fundamentals/rest_part_1/curl_examples.sh
go to the last line and put this:
https://sandbox-iosxe-recomm-1.cisco.com/restconf/data/ietf-interfaces:interfaces/interface=GigabitEthernet2

The host name has been changed for the sandbox in question, hence the above change
CSR1000V Host: sandbox-iosxe-recomm-1.cisco.com

The folder for 'Programming Fundamentals' - 'Python part 3' (https://github.com/CiscoDevNet/netprog_basics/tree/master/programming_fundamentals/python_part_3) does not include the command files for the first section on 'Libraries to work with data'.

It would be great to include those files so that readers do not have to type every command (prone to typing error).

in https://upload-large-file.s3.us-east-2.amazonaws.com/production/Ansible%20Part%202%20-%20Using%20Ansible%20for%20Network%20Configuration.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAXOWDCPZVZA5I2YGX%2F20201114%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20201114T044454Z&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=7721202c19e65880f420df1a70590dce3c0e1b69fedcd8c9e70808b5afd26977

page 7

http://docs.ansible.com/ansible/latest/list_of_network_modules.html is broken
I believe correct one should be
https://docs.ansible.com/ansible/latest/collections/index.html#list-of-collections

from

#! /usr/bin/env python

to

#!/usr/bin/env python3

When you run the code from the example #3 in the curl examples from this path:
programming_fundamentals/rest_part_1/curl_examples.sh

if we change the header to netconf , it does not work

curl -vk -u developer:C1sco12345 -H 'accept: application/yang-data+json' http://ios-xe-mgmt.cisco.com:10000/netconf-yang/data/ietf-interfaces:interfaces/interface=GigabitEthernet1

• Server auth using Basic with user 'developer'

GET /netconf-yang/data/ietf-interfaces:interfaces/interface=GigabitEthernet1 HTTP/1.1
Authorization: Basic ZGV2ZWxvcGVyOkMxc2NvMTIzNDU=
User-Agent: curl/7.29.0
Host: ios-xe-mgmt.cisco.com:10000
accept: application/yang-data+json

SSH-2.0-OpenSSH_6.1

• Recv failure: Connection reset by peer
• Closing connection 0
  curl: (56) Recv failure: Connection reset by peer

Does anyone know why ?

Hi, I'm trying to run the APIC-EM Always-On Sandbox but it's no longer available. Are there another solution?

Thank you.

Instead of

message += "The color you added was {}.".format(colors[3])

why not use

message += "The color you added was {}.".format(colors[-1])

so it will always pick up the last list element even if the number of list elements changes?

It would be even better to catch an exception if the list is empty.

try:
message += "The color you added was {}.".format(colors[-1])
except Exception as e:
print(e)
exit(1)

Before running any exercise using "ios-xe-mgmt.cisco.com:9443" you need to make sure postman configuration has 'SSL certificate verification' disabled. Otherwise the default setting (ON) will not work.

https://github.com/CiscoDevNet/netprog_basics/blob/master/programming_fundamentals/data_formats/README.md

https://developer.cisco.com/fileMedia/download/2681d7c1-4cc3-3bc4-a1c8-a5881eb8dd58

This link is broken is there a working link?

Hello all I'm a total newby so bear with me. i'm trying to do the xmltodict example in Useful Python Libraries for Network Engineers

I kind of get how it works and i ran a query myself to get the ip address so here is the xml that he uses

pprint(xml_example)
('\n'
'\n'
' GigabitEthernet2\n'
' Wide Area Network\n'
' true\n'
' \n'
'

\n'
' 172.16.0.2\n'
' 255.255.255.0\n'
' \n'
' \n'
'\n')

**Here is the query to generate an ip address notice how it is in the order of the info top down from the xml

test_address = xml_dict["interface"]["ipv4"]["address"]["ip"]**

Here is the query ran

test_address
'172.16.0.2'

This only returns the ip address. How would i make the query return the ip address and the netmask ie
172.16.0.2 255.255.255.0 ?

I've tried lots of combinations the nearest i could get to it is

test8 = xml_dict["interface"]["ipv4"]["address"]
test8
OrderedDict([('ip', '172.16.0.2'), ('netmask', '255.255.255.0')])

how do i get it with just 172.16.0.2 255.255.255.0 ?

Hi

Since python2 is deprecated, is this lab going to be updated to use python3?

• Andre

It seems to be trying to connect to some resource at the localhost using vagrant/vagrant credentials, but which resource? Vagrant? We have not seen this subject so far. I think some information is missed or the file is in the wrong place. Could anyone provide us with some information ? @hpreston ?

In lesson in Python Part3 trying to use the request.get

Now the lesson says to leverage the devnet sandbox then it gives you a link, which i go to and use the vpn. i run the query and then i get the errors "access-denied" for protocol?

Now in the video he uses 10.10.20.21 however in the info for the lesson it say to reference the always on sandbox. The router there has an ip address of 10.10.20.48 so this is the ip address I've used. so i enter all the correct info and get the cert warning, which i expect, but when I run the print command to get the interface info I'm getting errors for access denied and protocol, why is this ? Is it to do with the headers I' using in my request?

I'm going to have a rant here. Cisco are encouraging people to learn this stuff and the devnet box isn't setup properly so I'm getting the wrong reply when i add the query. what's the point if the info you're giving us is wrong? apologies but i'm very frustrated!

Firstly you can see i make it as far as the router as i get a cert warning regarding the self certs

router = {“ip”: “10.10.20.48” ,
… “port”:“443”,
… “user”:“root”,
… “pass”:“cisco123”}

headers = {“Accept”: “application/yang-data+json”}
u = “https://{}:{}/restconf/data/interfaces/interface=Gigabitethernet1”
u = u.format(router[“ip”], router[“port”])
print(u)
https://10.10.20.48:443/restconf/data/interfaces/interface=Gigabitethernet1

r = requests.get(u,
… headers = headers,
… auth=(router[“user”], router[“pass”]),
… verify=False)
C:\Users\M7551873\AppData\Local\Programs\Python\Python38\lib\site-packages\urllib3\connectionpool.py:1013: InsecureRequestWarning: Unverified HTTPS request is being made to host ‘10.10.20.48’.
Adding certificate verification is strongly advised. See: Advanced Usage - urllib3 2.0.0.dev0 documentation

I then run pprint and expect it to return the interface information but i get access denied. I expect this is because I’m being given the wrong credentials? Or is it the request headers? this is what i get when running the print command

pprint(r.text)
Traceback (most recent call last):
File “”, line 1, in
NameError: name ‘pprint’ is not defined

from pprint import pprint
pprint(r.text)
(’{\n’
’ “errors”: {\n’
’ “error”: [\n’
’ {\n’
’ “error-tag”: “access-denied”,\n’
’ “error-type”: “protocol”\n’
’ }\n’
’ ]\n’
’ }\n’
‘}\n’)

print(r.text)
{
“errors”: {
“error”: [
{
“error-tag”: “access-denied”,
“error-type”: “protocol”
}
]
}
}

As far as i can see the router is running restconf?
csr1000v-1#sho run
Building configuration...

Current configuration : 4209 bytes
!
! Last configuration change at 18:04:57 UTC Sat Jan 9 2021 by developer
!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
platform console virtual
!
hostname csr1000v-1
!
boot-start-marker
boot-end-marker
!
!
no logging console
enable secret 5 $1$20ue$uC.uSGo6nvfWs63EjjzRP.
!
no aaa new-model
!
!
!
!
!
!
!
ip domain name abc.inc
!
!
!
login on-success log
!
!
!
!
!
!
!
subscriber templating
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
crypto pki trustpoint TP-self-signed-65385644
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-65385644
revocation-check none
rsakeypair TP-self-signed-65385644
!
!
crypto pki certificate chain TP-self-signed-65385644
certificate self-signed 01
3082032C 30820214 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
2F312D30 2B060355 04031324 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 36353338 35363434 301E170D 31393035 32323139 33383539
5A170D33 30303130 31303030 3030305A 302F312D 302B0603 55040313 24494F53
2D53656C 662D5369 676E6564 2D436572 74696669 63617465 2D363533 38353634
34308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201 0A028201
0100C96F D53A4C23 F96F71E2 BA91DAA3 C4546EAD 399F1B32 CA9BB364 C528FFFD
9F2A0CCE D5FD2756 6452B91B 2DCC328D 6951AEF3 BD25A687 62354EF7 0C68717E
94BF7B1E 320231A5 FFB9B765 A5616FD3 673709D5 7E89DB6D E6A14B85 E3FE2153
DFA8B852 BB37CCB4 4C523450 2A757DB5 8FB13133 0DE79EAE 579DDFE9 EA4B6C2A
CD8DC33E F69A0F45 020367D1 0C8451F1 AB9C0891 2A1AF1E5 2245E739 43CB1F48
03324EDF 7A647E25 86552D27 EEE5E05D EB01D886 4D00C47A B9B022AD AACA9E84
5D5627BD B0D6F2FC C5103F0E 808E5822 86B63301 C2B7B50C BBA6F3D1 471F2A53
B02E5DA1 DC1ECF46 116EAC77 160090AF 7AB23919 1896AA07 6893E638 8CE05F53
E5EB0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14A162A4 D3CD7E6B 7E775D4E CA02E2DA 5AEBC668 45301D06
03551D0E 04160414 A162A4D3 CD7E6B7E 775D4ECA 02E2DA5A EBC66845 300D0609
2A864886 F70D0101 05050003 82010100 8034A615 EED522BA 8A4D45D9 107A1C72
B622ECB6 26EB96AA AD26A14D 34FC54B6 93F03F5D F1C1F1DB C716B213 67342ADF
0E4F4313 00C19914 B8EAD89F D90FDCF7 943D9304 3E3158A7 2E7558D3 C90D9540
F8CDB4AE 9A266418 DA396402 6954BAA6 D49FB91B 5795EBD7 17C260BA AD2DCD40
6C86E58F 3D521061 A7ADC34D B1875BBA A5EC9877 57D65870 1134D226 EA884C43
CEA1F154 905F1872 E5FA575F 9C060B34 BA18FBB5 E03AB440 12D37659 B70A7C8A
9D32DD93 95BBE653 F39D1A30 2062C41C B3857FA5 9C6E2FAE 61E10F20 7B8994B9
DADCE497 38BD1450 8D1BF507 E9C0CD94 EFED9FA2 D888C58F 700A7182 1A2F12B2
32AF600E 7623C1E2 026B06FA EA75E800
quit
!
!
!
!
!
!
!
!
license udi pid CSR1000V sn 9CO9QHEWZEL
license boot level ax
no license smart enable
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
netconf-yang
!
restconf
!
username developer privilege 15 secret 5 $1$apX9$osH3JUIsEok.XVu5bKG0D0
username cisco privilege 15 secret 5 $1$3PeY$CBmJ7lqSYLpLn6uImSoMD0
username root privilege 15 secret 5 $1$F2Ov$Ax5.47hkCDThKbWt1.M4U0
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet1
description MANAGEMENT INTERFACE - DON'T TOUCH ME
ip address 10.10.20.48 255.255.255.0
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet2
description Network Interface
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet3
description Network Interface
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 GigabitEthernet1 10.10.20.254
!
ip ssh rsa keypair-name ssh-key
ip ssh version 2
ip scp server enable
!
!
!
!
!
control-plane

csr1000v-1#show platform software yang-management process monitor
COMMAND PID S VSZ RSS %CPU %MEM ELAPSED
confd 24825 S 833180 138792 0.2 1.7 01:24:29
confd-startup.s 24612 S 19692 4388 0.0 0.0 01:24:30
dmiauthd 25649 S 282420 27360 0.0 0.3 01:24:27
ncsshd 25981 S 169304 10396 0.0 0.1 01:24:25
ncsshd_bp 25871 S 175024 10560 0.0 0.1 01:24:26
ndbmand 25430 S 599624 71432 0.0 0.8 01:24:27
nesd 25173 S 192704 14592 0.0 0.1 01:24:28
nginx 26230 S 338612 19700 0.0 0.2 01:24:15
nginx 26237 S 344668 17928 0.0 0.2 01:23:45
pubd 24381 S 657128 73504 0.0 0.9 01:24:31
syncfd 24943 S 193624 19212 0.0 0.2 01:24:29

c

Using curl against the always-on sandbox device does not seem to authenticate correctly with the provided username & password.

$ curl -vk \
-u root:cisco123 \
-H "accept: application/yang-data+json" \
https://ios-xe-mgmt.cisco.com:9443/restconf/data/interfaces/interface\=GigabitEthernet2
*   Trying 64.103.37.51...
* TCP_NODELAY set
* Connected to ios-xe-mgmt.cisco.com (64.103.37.51) port 9443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* NPN, negotiated HTTP1.1
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Unknown (67):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: CN=IOS-Self-Signed-Certificate-3053958489
*  start date: Apr  5 10:47:55 2018 GMT
*  expire date: Jan  1 00:00:00 2020 GMT
*  issuer: CN=IOS-Self-Signed-Certificate-3053958489
*  SSL certificate verify result: self signed certificate (18), continuing anyway.
* Server auth using Basic with user 'root'
> GET /restconf/data/interfaces/interface=GigabitEthernet2 HTTP/1.1
> Host: ios-xe-mgmt.cisco.com:9443
> Authorization: Basic cm9vdDpjaXNjbzEyMw==
> User-Agent: curl/7.54.0
> accept: application/yang-data+json
>
< HTTP/1.1 401 Unauthorized
< Server: nginx
< Date: Mon, 15 Oct 2018 10:30:03 GMT
< Content-Type: application/yang-data+json
< Transfer-Encoding: chunked
< Connection: close
* Authentication problem. Ignoring this.
< WWW-Authenticate: Basic realm="restconf"
< Vary: Accept-Encoding
<
{
  "errors": {
    "error": [
      {
        "error-tag": "access-denied",
        "error-type": "protocol"
      }
    ]
  }
}
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):

Can someone verify this Lab/Sanbox is functional:
NETCONF/YANG & RESTCONF on IOS XE
The Sandbox opens, but the Connections Host URL doesn't work for me:

Access Details:
Developers and network engineers access the "NETCONF/YANG and RESTCONF on IOS XE" Always On Sandbox directly using the following information:

CSR1000V Host : ios-xe-mgmt.cisco.com
SSH Port: 8181
NETCONF Port: 10000
RESTCONF Port : 9443 (HTTPS)

Is anyone else having issues establishing a VPN connection with NX-OS sandbox devnetsandbox-emea-gwy.cisco.com?? This is required for the Ansible tutorials in Module 6.

Every time I try, the connection times out and I receive the following error message: Failed to open HTTPS connection to devnetsandbox-emea-gwy.cisco.com

I have no issues connecting to other sandboxes.

I'm using Ubuntu with the OpenConnect application.

Any advice would be appreciated.
Thanks in advance.

The port and password for the sandbox associated with this code have changed. Also, to get it to work, I had to import urllib and call requests.packages.urllib3.disable_warnings().

When you run the code from the example #3 in the curl examples from this path:
programming_fundamentals/rest_part_1/curl_examples.sh

You get error code 406 because the command accepts 'application/yang-data+json' and the host is only sending in 'application/yang-data+xml' (as of today 06/12/2019)

So you need to change the command to: -H 'accept: application/yang-data+xml' \