So now I'm the proud owner of two wireless APs which I cannot setup until I figure out how. I'm sure as hell not convincing Arista to sell me a month of their official enviornment cuz I'm just a dude, so it's onto the hunt for the mysterious openconfig system people talk about in the forums. Yippee
January 2, 2026 at 8:28 AM
So now I'm the proud owner of two wireless APs which I cannot setup until I figure out how. I'm sure as hell not convincing Arista to sell me a month of their official enviornment cuz I'm just a dude, so it's onto the hunt for the mysterious openconfig system people talk about in the forums. Yippee
How ironic… After spending the last 10 years boring everyone to death about IPv6 being the future and NAT being evil… my first OpenConfig YANG model contribution is for… checks notes …Network Address Translation 🤦♂️
Go ahead, throw your tomatoes.
github.com/openconfig/p...
Go ahead, throw your tomatoes.
github.com/openconfig/p...
Add NAT model by nleiva · Pull Request #1335 · openconfig/public
Change Scope
This PR introduces a new YANG data model for Network Address Translation (NAT).
This is a new model, so the change is backward compatible.
We use NAT instances to stay in line with R...
github.com
September 2, 2025 at 10:30 PM
How ironic… After spending the last 10 years boring everyone to death about IPv6 being the future and NAT being evil… my first OpenConfig YANG model contribution is for… checks notes …Network Address Translation 🤦♂️
Go ahead, throw your tomatoes.
github.com/openconfig/p...
Go ahead, throw your tomatoes.
github.com/openconfig/p...
Cisco’s Outshift demo shows how a multi‑agent AI system, built on an OpenConfig knowledge graph, turns a ServiceNow ticket into automated testing and reporting, cutting change‑failure rates. https://youtu.be/m0dxZ-NDKHo #NetworkAutomation #OpenConfig
August 25, 2025 at 7:09 AM
Cisco’s Outshift demo shows how a multi‑agent AI system, built on an OpenConfig knowledge graph, turns a ServiceNow ticket into automated testing and reporting, cutting change‑failure rates. https://youtu.be/m0dxZ-NDKHo #NetworkAutomation #OpenConfig
Glad to hear it helped. For OpenConfig schema paths, they use openconfig.net/projects/mod...
OpenConfig - Schema paths
openconfig.net
April 21, 2025 at 1:24 PM
Glad to hear it helped. For OpenConfig schema paths, they use openconfig.net/projects/mod...
Vulnerability ID: CVE-2025-1260
Published: 2025-03-04T20:15:37.133
Last Modified: 2025-03-04T20:15:37.133
Description: On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/o
Published: 2025-03-04T20:15:37.133
Last Modified: 2025-03-04T20:15:37.133
Description: On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/o
March 6, 2025 at 12:00 AM
Vulnerability ID: CVE-2025-1260
Published: 2025-03-04T20:15:37.133
Last Modified: 2025-03-04T20:15:37.133
Description: On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/o
Published: 2025-03-04T20:15:37.133
Last Modified: 2025-03-04T20:15:37.133
Description: On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/o
Vulnerability ID: CVE-2025-1260
Published: 2025-03-04T20:15:37.133
Last Modified: 2025-03-04T20:15:37.133
Description: On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/o
Published: 2025-03-04T20:15:37.133
Last Modified: 2025-03-04T20:15:37.133
Description: On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/o
March 5, 2025 at 12:00 PM
Vulnerability ID: CVE-2025-1260
Published: 2025-03-04T20:15:37.133
Last Modified: 2025-03-04T20:15:37.133
Description: On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/o
Published: 2025-03-04T20:15:37.133
Last Modified: 2025-03-04T20:15:37.133
Description: On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/o
CVE-2025-1259 - Arista OpenConfig gNOI Request Validation Bypass
CVE ID : CVE-2025-1259
Published : March 4, 2025, 8:15 p.m. | 2 hours, 59 minutes ago
Description : On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it sho...
CVE ID : CVE-2025-1259
Published : March 4, 2025, 8:15 p.m. | 2 hours, 59 minutes ago
Description : On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it sho...
CVE-2025-1259 - Arista OpenConfig gNOI Request Validation Bypass
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available
cvefeed.io
March 4, 2025 at 11:54 PM
CVE-2025-1259 - Arista OpenConfig gNOI Request Validation Bypass
CVE ID : CVE-2025-1259
Published : March 4, 2025, 8:15 p.m. | 2 hours, 59 minutes ago
Description : On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it sho...
CVE ID : CVE-2025-1259
Published : March 4, 2025, 8:15 p.m. | 2 hours, 59 minutes ago
Description : On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it sho...
Paloaltoの脆弱性情報 「CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin (Severity: HIGH)」が公開されました。
→ https://security.paloaltonetworks.com/CVE-2025-0110
→ https://security.paloaltonetworks.com/CVE-2025-0110
February 21, 2025 at 7:03 PM
Paloaltoの脆弱性情報 「CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin (Severity: HIGH)」が公開されました。
→ https://security.paloaltonetworks.com/CVE-2025-0110
→ https://security.paloaltonetworks.com/CVE-2025-0110
[RSS] PaloAlto OpenConfig Plugin: Command Injection Vulnerability
github.com ->
CVE-2025-0110
Original->
github.com ->
CVE-2025-0110
Original->
February 20, 2025 at 6:49 AM
[RSS] PaloAlto OpenConfig Plugin: Command Injection Vulnerability
github.com ->
CVE-2025-0110
Original->
github.com ->
CVE-2025-0110
Original->
CVE-2025-0110 - Palo Alto Networks PAN-OS Command Injection Vulnerability
CVE ID : CVE-2025-0110
Published : Feb. 12, 2025, 9:15 p.m. | 1 hour, 6 minutes ago
Description : A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an aut...
CVE ID : CVE-2025-0110
Published : Feb. 12, 2025, 9:15 p.m. | 1 hour, 6 minutes ago
Description : A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an aut...
CVE-2025-0110 - Palo Alto Networks PAN-OS Command Injection Vulnerability
A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the “__openconfig” user (which has the Device Administrator …
cvefeed.io
February 13, 2025 at 12:24 AM
CVE-2025-0110 - Palo Alto Networks PAN-OS Command Injection Vulnerability
CVE ID : CVE-2025-0110
Published : Feb. 12, 2025, 9:15 p.m. | 1 hour, 6 minutes ago
Description : A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an aut...
CVE ID : CVE-2025-0110
Published : Feb. 12, 2025, 9:15 p.m. | 1 hour, 6 minutes ago
Description : A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an aut...
ID: CVE-2025-0110
CVSS V4.0: HIGH
A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system...
#security #infosec #cve-alert
CVSS V4.0: HIGH
A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system...
#security #infosec #cve-alert
nvd.nist.gov
February 12, 2025 at 9:15 PM
ID: CVE-2025-0110
CVSS V4.0: HIGH
A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system...
#security #infosec #cve-alert
CVSS V4.0: HIGH
A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system...
#security #infosec #cve-alert
Paloaltoの脆弱性情報 「CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin (Severity: HIGH)」が公開されました。
→ https://security.paloaltonetworks.com/CVE-2025-0110
→ https://security.paloaltonetworks.com/CVE-2025-0110
February 12, 2025 at 7:03 PM
Paloaltoの脆弱性情報 「CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin (Severity: HIGH)」が公開されました。
→ https://security.paloaltonetworks.com/CVE-2025-0110
→ https://security.paloaltonetworks.com/CVE-2025-0110
Thanks! How do I merge that with what they have already? Can I paste the interface section at the bottom of that file? My apologies for the newbie question :-) github.com/openconfig/k...
kne/examples/multivendor/srlinux.cfg at main · openconfig/kne
Contribute to openconfig/kne development by creating an account on GitHub.
github.com
January 28, 2025 at 11:28 PM
Thanks! How do I merge that with what they have already? Can I paste the interface section at the bottom of that file? My apologies for the newbie question :-) github.com/openconfig/k...
Hey @netdevops.me what would the SR Linux interface config look like for the KNE multivendor example? github.com/openconfig/k...
kne/examples/multivendor at main · openconfig/kne
Contribute to openconfig/kne development by creating an account on GitHub.
github.com
January 28, 2025 at 11:04 PM
Hey @netdevops.me what would the SR Linux interface config look like for the KNE multivendor example? github.com/openconfig/k...
generating structs out of a serialized payload is a not where concerns lie. Instead of creating structs from the payload we want to create structs from the underlying schema (yang), because this is what drives the payload format eventually
In go you have openconfig/ygot, but it has limitations
In go you have openconfig/ygot, but it has limitations
January 21, 2025 at 10:39 PM
generating structs out of a serialized payload is a not where concerns lie. Instead of creating structs from the payload we want to create structs from the underlying schema (yang), because this is what drives the payload format eventually
In go you have openconfig/ygot, but it has limitations
In go you have openconfig/ygot, but it has limitations
It is not that uncommon to throw shade on the gNxI set of OpenConfig protocols, sometimes for a good reason, but gNSI is, likely, the only modern way to manage the full certificate lifecycle in a non archaic way.
January 5, 2025 at 10:42 AM
It is not that uncommon to throw shade on the gNxI set of OpenConfig protocols, sometimes for a good reason, but gNSI is, likely, the only modern way to manage the full certificate lifecycle in a non archaic way.
One problem with _vendors_ implementing YANG as a bolt-on is they might have an incomplete mapping between their NOS internal cfg DB and exposed (OpenConfig) schema's. Results can vary between garbage (schema invalid config) emitted or plain pieces of data, just missing. 🤯
December 3, 2024 at 11:48 AM
One problem with _vendors_ implementing YANG as a bolt-on is they might have an incomplete mapping between their NOS internal cfg DB and exposed (OpenConfig) schema's. Results can vary between garbage (schema invalid config) emitted or plain pieces of data, just missing. 🤯
Demonstrating a route from “data swamp” to pattern matching and eventually correlation, in a practical sense, with network telemetry (say OpenConfig base data), would be very inspiring. It then opens the door to kick start real event driven automation, which closes the loop back to your earlier work
December 2, 2024 at 8:52 PM
Demonstrating a route from “data swamp” to pattern matching and eventually correlation, in a practical sense, with network telemetry (say OpenConfig base data), would be very inspiring. It then opens the door to kick start real event driven automation, which closes the loop back to your earlier work
Can't run tight control loops when snmp polling takes minutes @google #openconfig #ONS2015
November 18, 2024 at 2:54 AM
Can't run tight control loops when snmp polling takes minutes @google #openconfig #ONS2015
