Large prefix lists/sets on IOS-XR

Saku Ytti saku at
Fri Dec 9 15:14:06 UTC 2022

On Fri, 9 Dec 2022 at 17:07, Joshua Miller <contemno at> wrote:

> I don't know that Netconf or gRPC are any faster than loading cli. Those protocols facilitate automation so that the time it takes to load any one device is not a significant factor, especially when you can roll out changes to devices in parallel. Also, it's easier to build the changes into a structured format than assemble the right syntax to interact with the CLI.

As a programmer I don't really find output format to be significant
cost. If I have source of data how I emit them out doesn't matter
much. I accept preferences that people have, but don't think it to be
important part of solution.

Adrian mentioned paramiko, and if we imagine paramiko logging into
IOS-XR, and doing 'load http://...' + 'commit'. We've automated the

Depending on your platform netconf/yang/grpc can be asset or
liability, I put IOS-XR strongly in the liability part, because they
don't have proper infrastructure that is datafirst, they don't have
proper module for even handling configurations, but configurations are
owned by individual component teams (like tunnel teams owns GRE config
and so forth). Contrasting with Juniper, which is datafirst, and even
CLI is 2nd class citizen taking formal data from XML RPC.
In IOS-XR you will find all kind of gaps, where you can't rely on
netconf/yang, which you will then spend cycles to deal with vendor.
Compared to people who use the first class citizen approach, CLI
format, who are already done.

I did not read Steffan as though he'd be punching in anything
manually, he wants to make the process itself faster, without any
delays introduced by humans. And I have personally nothing to offer
him, except put your server closer to the router, so you can deal with
the limited TCP window sizes that hurt transfer speed.


More information about the NANOG mailing list