Netconf
Encyclopedia
The Network Configuration Protocol, NETCONF, is an IETF
network management
protocol. It was developed in the NETCONF working group and published in December 2006 as RFC 4741 and later revised in June 2011 and published as RFC 6241.
NETCONF provides mechanisms to install, manipulate, and delete the configuration of network devices. Its operations are realized on top of a simple Remote Procedure Call (RPC) layer. The NETCONF protocol uses an Extensible Markup Language
(XML) based data encoding for the configuration data as well as the protocol messages. This in turn is realized on top of the transport protocol.
The NETCONF protocol can be conceptually partitioned into four layers:
Layer Example
+-------------+ +-------------------------------------------+
| Content | | Configuration data |
+-------------+ +-------------------------------------------+
| |
+-------------+ +-------------------------------------------+
| Operations | |, , |
+-------------+ +-------------------------------------------+
| | |
+-------------+ +-----------------------------+ |
| RPC | |, | |
+-------------+ +-----------------------------+ |
| | |
+-------------+ +-------------------------------------------+
| Transport | | BEEP, SSH, SSL, console |
| Protocol | | |
+-------------+ +-------------------------------------------+
, , , , , , , , .
A capability to support subscribing and receiving asynchronous event notifications is published in RFC 5277. It defines the operation, which enables creating real-time and replay subscriptions. Notifications are then sent asynchronously using the construct. The RFC also defines the :interleave capability, which when supported with the basic :notification capability facilitates the processing of other NETCONF operations while the subscription is active.
A capability to support partial locking of the running configuration is defined in RFC 5717. This allows
multiple sessions to edit non-overlapping sub-trees within the running configuration. Without this capability, the only lock available is for the entire configuration.
The working group is also working on a new capability to retrieve the schema definitions
(XML Schema, Relax NG
, etc.) that define NETCONF content.
.
The NETMOD working group has completed work to define a "human-friendly" modeling language for defining the semantics of operational data, configuration data, notifications, and operations, called YANG
. YANG
is defined in RFC 6020, and is accompanied by the "Common YANG Data Types" found in RFC 6021.
During the summer of 2010, the NETMOD working group was re-chartered to work on core configuration models (system, interface, and routing) as well as work on compatibility with the SNMP modeling language.
in the late 1980s and it proved to be a very popular network management
protocol
. In the early part of the 21st century it became apparent that in spite of what was originally intended, SNMP was not being used to configure network equipment, but was mainly being used for network monitoring
. In 2002, the Internet Architecture Board
and key members of the IETF's network management community got together with network operators to discuss the situation. The results of this meeting are documented in RFC 3535. It turned out that operators were primarily using proprietary Command Line Interfaces (CLI) to configure their boxes. This had a number of features that the operators liked, including the fact that it was text-based, as opposed to the BER-encoded
SNMP. In addition, many equipment vendors did not provide the option to completely configure their devices via SNMP. As operators generally liked to write scripts to help manage their boxes, they did find the CLI lacking in a number of ways. Most notably was the unpredictable nature of the output. The content and formatting of output was prone to change in unpredictable ways.
Around this same time, Juniper Networks
had been using an XML-based network management approach. This was brought to the IETF and shared with the broader community.
Collectively, these two events led the IETF to the creation of a protocol which it hopes will better align with the needs of network operators and equipment vendors.
Internet Engineering Task Force
The Internet Engineering Task Force develops and promotes Internet standards, cooperating closely with the W3C and ISO/IEC standards bodies and dealing in particular with standards of the TCP/IP and Internet protocol suite...
network management
Network management
Network management refers to the activities, methods, procedures, and tools that pertain to the operation, administration, maintenance, and provisioning of networked systems....
protocol. It was developed in the NETCONF working group and published in December 2006 as RFC 4741 and later revised in June 2011 and published as RFC 6241.
NETCONF provides mechanisms to install, manipulate, and delete the configuration of network devices. Its operations are realized on top of a simple Remote Procedure Call (RPC) layer. The NETCONF protocol uses an Extensible Markup Language
Extensible Markup Language
Extensible Markup Language is a set of rules for encoding documents in machine-readable form. It is defined in the XML 1.0 Specification produced by the W3C, and several other related specifications, all gratis open standards....
(XML) based data encoding for the configuration data as well as the protocol messages. This in turn is realized on top of the transport protocol.
The NETCONF protocol can be conceptually partitioned into four layers:
Layer Example
+-------------+ +-------------------------------------------+
| Content | | Configuration data |
+-------------+ +-------------------------------------------+
| |
+-------------+ +-------------------------------------------+
| Operations | |
+-------------+ +-------------------------------------------+
| | |
+-------------+ +-----------------------------+ |
| RPC | |
+-------------+ +-----------------------------+ |
| | |
+-------------+ +-------------------------------------------+
| Transport | | BEEP, SSH, SSL, console |
| Protocol | | |
+-------------+ +-------------------------------------------+
Basic Operations
The base protocol includes the following protocol operations:Capabilities
Basic NETCONF functionality can be extended by the definition of NETCONF capabilities. The set of additional protocol features that an implementation supports is communicated between the server and the client during the capability exchange portion of session setup. Mandatory protocol features are not included in the capability exchange since they are assumed. RFC 4741 defines a number of optional capabilities including :xpath and :validate. Note that RFC 6241 obsoletes RFC 4741.A capability to support subscribing and receiving asynchronous event notifications is published in RFC 5277. It defines the
A capability to support partial locking of the running configuration is defined in RFC 5717. This allows
multiple sessions to edit non-overlapping sub-trees within the running configuration. Without this capability, the only lock available is for the entire configuration.
The working group is also working on a new capability to retrieve the schema definitions
(XML Schema, Relax NG
RELAX NG
In computing, RELAX NG is a schema language for XML, based on Murata Makoto's RELAX and James Clark's TREX. A RELAX NG schema specifies a pattern for the structure and content of an XML document...
, etc.) that define NETCONF content.
Transport Protocols
NETCONF defines four transport mappings- SSHSecure ShellSecure Shell is a network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that it connects via a secure channel over an insecure network: a server and a client...
(RFC 4742), which is mandatory to implement - SOAPSOAPSOAP, originally defined as Simple Object Access Protocol, is a protocol specification for exchanging structured information in the implementation of Web Services in computer networks...
(RFC 4743) - BEEPBEEPIn computer networking, BEEP is a framework for creating network application protocols. It includes an application protocol kernel for connection-oriented asynchronous interactions, and can be used both for binary and text messages within the context of a single application user identity.BEEP is...
(RFC 4744) - TLSTransport Layer SecurityTransport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
(RFC 5539)
Content
The content of NETCONF operations is well-formed XML. Most content is related to network managementNetwork management
Network management refers to the activities, methods, procedures, and tools that pertain to the operation, administration, maintenance, and provisioning of networked systems....
.
The NETMOD working group has completed work to define a "human-friendly" modeling language for defining the semantics of operational data, configuration data, notifications, and operations, called YANG
YANG
YANG is a data modeling language for the NETCONF network configuration protocol. The YANG data modeling language was developed by the NETMOD working group in the IETF and was published as RFC 6020 in October 2010. The data modeling language can be used to model both configuration data as well as...
. YANG
YANG
YANG is a data modeling language for the NETCONF network configuration protocol. The YANG data modeling language was developed by the NETMOD working group in the IETF and was published as RFC 6020 in October 2010. The data modeling language can be used to model both configuration data as well as...
is defined in RFC 6020, and is accompanied by the "Common YANG Data Types" found in RFC 6021.
During the summer of 2010, the NETMOD working group was re-chartered to work on core configuration models (system, interface, and routing) as well as work on compatibility with the SNMP modeling language.
History
The IETF developed SNMPSimple Network Management Protocol
Simple Network Management Protocol is an "Internet-standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more." It is used mostly in network management systems to monitor...
in the late 1980s and it proved to be a very popular network management
Network management
Network management refers to the activities, methods, procedures, and tools that pertain to the operation, administration, maintenance, and provisioning of networked systems....
protocol
Communications protocol
A communications protocol is a system of digital message formats and rules for exchanging those messages in or between computing systems and in telecommunications...
. In the early part of the 21st century it became apparent that in spite of what was originally intended, SNMP was not being used to configure network equipment, but was mainly being used for network monitoring
Network monitoring
The term network monitoring describes the use of a system that constantly monitors a computer network for slow or failing components and that notifies the network administrator in case of outages...
. In 2002, the Internet Architecture Board
Internet Architecture Board
The Internet Architecture Board is the committee charged with oversight of the technical and engineering development of the Internet by the Internet Society ....
and key members of the IETF's network management community got together with network operators to discuss the situation. The results of this meeting are documented in RFC 3535. It turned out that operators were primarily using proprietary Command Line Interfaces (CLI) to configure their boxes. This had a number of features that the operators liked, including the fact that it was text-based, as opposed to the BER-encoded
Basic Encoding Rules
The Basic Encoding Rules is one of the encoding formats defined as part of the ASN.1 standard specified by the ITU in X.690.-Description:...
SNMP. In addition, many equipment vendors did not provide the option to completely configure their devices via SNMP. As operators generally liked to write scripts to help manage their boxes, they did find the CLI lacking in a number of ways. Most notably was the unpredictable nature of the output. The content and formatting of output was prone to change in unpredictable ways.
Around this same time, Juniper Networks
Juniper Networks
Juniper Networks is an information technology and computer networking products multinational company, founded in 1996. It is head quartered in Sunnyvale, California, USA. The company designs and sells high-performance Internet Protocol network products and services...
had been using an XML-based network management approach. This was brought to the IETF and shared with the broader community.
Collectively, these two events led the IETF to the creation of a protocol which it hopes will better align with the needs of network operators and equipment vendors.
See also
- Network managementNetwork managementNetwork management refers to the activities, methods, procedures, and tools that pertain to the operation, administration, maintenance, and provisioning of networked systems....
- Configuration managementConfiguration managementConfiguration management is a field of management that focuses on establishing and maintaining consistency of a system or product's performance and its functional and physical attributes with its requirements, design, and operational information throughout its life.For information assurance, CM...
- Network monitoringNetwork monitoringThe term network monitoring describes the use of a system that constantly monitors a computer network for slow or failing components and that notifies the network administrator in case of outages...
- SSHSecure ShellSecure Shell is a network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that it connects via a secure channel over an insecure network: a server and a client...
- SOAPSOAPSOAP, originally defined as Simple Object Access Protocol, is a protocol specification for exchanging structured information in the implementation of Web Services in computer networks...
- BEEPBEEPIn computer networking, BEEP is a framework for creating network application protocols. It includes an application protocol kernel for connection-oriented asynchronous interactions, and can be used both for binary and text messages within the context of a single application user identity.BEEP is...
- Command Line Interface
- SNMPSimple Network Management ProtocolSimple Network Management Protocol is an "Internet-standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more." It is used mostly in network management systems to monitor...
- XML Schema
- YANGYANGYANG is a data modeling language for the NETCONF network configuration protocol. The YANG data modeling language was developed by the NETMOD working group in the IETF and was published as RFC 6020 in October 2010. The data modeling language can be used to model both configuration data as well as...
External links
- Network Configuration (netconf) Working Group Charter
- NETCONF Data Modeling Language (netmod) Working Group Charter
- NETCONF WG Wiki Page
- Yuma: Open Source NETCONF implementation and YANG compiler
- pyang: Open Source YANG compiler
- Netconf Central: NETCONF information and tutorials
- Yang Central: YANG tutorials, and freely available YANG and DSDL tools
- RFC 5381: Experience of Implementing NETCONF over SOAP