Exam weight: 15% | Labs: 6 | ← Back to CCNP ENCOR
6.1 Data Encoding Formats
| Format | Syntax | Used By | Identifier |
|---|---|---|---|
| JSON | Braces / brackets | REST, RESTCONF, gNMI | { "key": |
| XML | Tags | NETCONF (mandatory) | <rpc> or <edit-config> |
| YAML | Indentation | Ansible, Kubernetes | --- with spaces |
Exam tip: YAML uses spaces, never tabs. All three formats represent the same logical structure (key/value pairs, lists, nesting) with different syntax.
6.2 Basic Python Components
Core Data Types
int/float— counters, IDsstr— hostnames, interface namesbool— enable/disable flagslist— ordered, mutable collectionstuple— immutable pairsdict— key/value mapping (maps directly to JSON object)set— unique unordered values
Essential Libraries
requests— HTTP client for REST APIsjson— JSON parsing and serializationncclient— NETCONF over SSH (port 830)netmiko/paramiko— SSH/CLI automationPyYAML— YAML file reading
6.3 APIs — REST / RESTCONF / NETCONF / gNMI
| Protocol | Transport/Port | Encoding | Models |
|---|---|---|---|
| REST | HTTPS/443 | JSON | Vendor-specific (Catalyst Center Intent API) |
| RESTCONF | HTTPS/443 | JSON or XML | YANG |
| NETCONF | SSH/830 | XML only | YANG (transactional) |
| gNMI | gRPC/HTTP-2 57400 | Protocol Buffers | OpenConfig YANG |
HTTP Methods (CRUD)
- GET — Read (idempotent)
- POST — Create (not idempotent)
- PUT — Replace/full update (idempotent)
- PATCH — Partial update
- DELETE — Remove (idempotent)
HTTP Status Codes
- 200 OK, 201 Created, 202 Accepted (async), 204 No Content
- 400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, 429 Rate-limited, 500 Server Error
Catalyst Center Authentication
POST to /auth/token with Basic Auth → receive token → all subsequent requests use X-Auth-Token header. Tokens expire after ~1 hour.
6.4 YANG Data Models & Model-Driven Telemetry
- Native: Vendor-authored (Cisco-IOS-XE-native)
- OpenConfig: Vendor-neutral industry group
- IETF: RFC-based (ietf-interfaces, ietf-routing)
MDT Subscription Types
- Periodic: Streams data every N centiseconds regardless of change
- On-change: Sends only when monitored value changes
- Default encoding: KVGPB (Key-Value Google Protocol Buffers)
6.5 Configuration Management — Ansible & Terraform
| Tool | Language | Approach | State | Primary Use |
|---|---|---|---|---|
| Ansible | YAML playbooks | Agentless (SSH) | Stateless | Configuration management |
| Terraform | HCL | Provider plugins | State file | Infrastructure provisioning |
Key Ansible IOS modules: cisco.ios.ios_config, cisco.ios.ios_command, cisco.ios.ios_vlans, cisco.ios.ios_facts
6.6 Embedded Event Manager (EEM)
On-device automation. Two components:
- Event detector: Watches for syslog patterns, SNMP traps, timers, CLI matches, interface counters, routing changes
- Action: Runs CLI commands, sends syslog/mail, executes TCL/Python policies
Applet structure: exactly one event line + multiple numbered action lines (1.0, 2.0…) executed in ascending order. Use action … cli command "enable" before any privileged commands.
6.7 AI/ML in Networking
Three Layers
- AIOps (Traditional ML): Baseline anomaly detection, predictive analytics, Machine Reasoning Engine, AI Endpoint Analytics
- Generative AI Assistant: Embedded in Catalyst Center, Meraki, ThousandEyes; natural-language troubleshooting; generates config snippets
- Agentic AI / MCP: Autonomous multi-step workflows; MCP provides standardized client/server interface so LLM agents can discover and call external tools uniformly
Key distinction: Traditional automation runs pre-written scripts; AIOps detects unprogrammed patterns; agentic AI decides which tools to invoke for stated goals.
Hands-On Labs
Lab 1: Enable NETCONF & RESTCONF on IOS XE
Configure AAA local auth, enable netconf-yang and restconf. Verify: show netconf-yang sessions, show platform software yang-management process.
Lab 2: Python — GET Device List from Catalyst Center
Use requests library; POST to /auth/token with Basic Auth; GET device list with X-Auth-Token header; parse JSON response.
Lab 3: Ansible Playbook — Push VLAN Config
Define inventory with network_cli connection; use cisco.ios.ios_vlans and cisco.ios.ios_config modules to push VLAN configuration idempotently.
Lab 4: NETCONF edit-config with Python
Use ncclient manager to push XML configuration to device on port 830. Build XML payload matching YANG schema.
Lab 5: EEM Applet — Auto-Save Config
Watch syslog for config-change pattern; trigger EEM applet to execute write memory automatically on any configuration change.
Lab 6: Model-Driven Telemetry — gRPC Dial-Out
Configure periodic and on-change subscriptions with KVGPB encoding; point to remote collector on port 57500. Verify: show telemetry ietf subscription detail.
