Let's get started
What is NETCONF?
A network managing protocol to configure network elements.
It transports xml (json) via SSH.
<rpc-reply message-id="1" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <data> <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"> <interface> <name>eth0</name> <type xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">ianaift:ethernetCsmacd</type> <enabled>true</enabled> <ipv6 xmlns="urn:ietf:params:xml:ns:yang:ietf-ip"> <address> <ip>2001:db8:c18:1::3</ip> <prefix-length>128</prefix-length> </address> </ipv6> </interface> </interfaces> </data></rpc-reply>
What is YANG?
A data modeling language for the definition of data sent over the NETCONF network configuration protocol.
It is a schema to validate xml.
container interfaces { description "Interface configuration parameters."; list interface { key "name"; leaf name { type string; } leaf type { type identityref { base interface-type; } mandatory true; } leaf enabled { type boolean; default "true"; } } // list interface} // container interfaces
NetConf
NetConf was designed based on Operators Requirements, which are documented in RFC3535. It addresses security topics and operational and maintenance topics.
What is the difference?
Protocol: | SNMP | NETCONF | SOAP | REST | RESTCONF | gRPC | What comes next ... |
Transport Stack | UDP | SSH | SSL | SSL | SSL | HTTP/2 TCP | |
Encoding | BER | XML (new JSON) | XML | XML, JSON | XML, JSON | binary | |
Resources | OIDs | Path | URLs | URLs | URLs | ||
Data models | MIBs | YANG modules | WSDL, XSD | YANG modules | Protocol Buffers | ||
Data Modeling Language | SMI | YANG | WSDL, XSD | Undefined, (WSDL), WADL, text… | YANG | Protocol Buffers | |
Management Operations | SNMP operations | NETCONF operations | In the XML Schema, not standardized | HTTP operations | HTTP operations | HTTP/2 operations | |
SDO (like) | IETF | IETF | W3C | W3C | IETF |
NETCONF Datastore concept
configuration datastore:
The datastore holding the complete set of configuration data that is required to get a device from its initial default state into a desired operational state.
running configuration datastore:
A configuration datastore holding the complete configuration currently active on the device. The running configuration datastore always exists.
candidate configuration datastore:
A configuration datastore that can be manipulated without impacting the device's current configuration and that can be committed to the running configuration datastore. Not all devices support a candidate configuration datastore.
startup configuration datastore:
The configuration datastore holding the configuration loaded by the device when it boots. Only present on devices that separate the startup configuration datastore from the running configuration datastore.
NETCONF Operations
| Operation | Description |
|---|---|
| get | Retrieve running configuration and device state information. |
| get-config | Retrieve all or part of a specified configuration datastore. |
| edit-config | Loads all or part of a specified configuration to the specified target (<running>, <candidate>) configuration datastore. operation-types: merge, replace, create, delete, remove |
| copy-config | Create or replace an entire configuration datastore with the contents of another complete configuration datastore. |
| delete-config | Delete a configuration datastore. The <running> configuration datastore cannot be deleted. |
| (partly-) lock | It allows the client to lock the entire configuration datastore system of a device. |
| (partly-) unlock | Releases a configuration lock, previously obtained with the <lock> operation. |
| commit | Sets the running configuration to the current contents of the candidate configuration. |
| validate | This protocol operation validates the contents of the specified configuration. |
| close-session | Request graceful termination of a NETCONF session. |
| kill-session | Force the termination of a NETCONF session. |
| (hello-message) | (exchange of yang capabilities (yang modules) between server and client) |
How does it work?
(one of x possibilities)
YANG
- YANG is a data modeling language for NETCONF (and RESTCONF) configuration and state data.
- It defines the syntax of the exchanged xml (and json) data between a NETCONF client (e.g. OpenDaylight) and a NETCONF server (a device)
Build-in data types
Name | Description |
binary | Any binary data |
bits | A set of bits or flags |
boolean | "true" or "false" |
decimal64 | 64-bit signed decimal number |
empty | A leaf that does not have any value |
enumeration | Enumerated strings |
identityref | A reference to an abstract identity |
instance-identifier | References a data tree node |
[u]int[8|16|32|64] | [8|16|32|64] -bit [un]signed integer |
leafref | A reference to a leaf instance |
string | Human-readable string |
union | Choice of member types |
Common data types
ietf-yang-types | Equivalent SMIv2 type |
counter32 | Counter32 (SNMPv2-SMI) |
zero-based-counter32 | ZeroBasedCounter32 (RMON2-MIB) |
counter64 | Counter64 (SNMPv2-SMI) |
zero-based-counter64 | ZeroBasedCounter64 (HCNUM-TC) |
gauge32 | Gauge32 (SNMPv2-SMI) |
gauge64 | CounterBasedGauge64 (HCNUM-TC) |
object-identifier | OBJECT IDENTIFIER |
object-identifier-128 | |
yang-identifier | |
date-and-time | |
timeticks | TimeTicks (SNMPv2-SMI) |
timestamp | TimeStamp (SNMPv2-TC) |
phys-address | PhysAddress (SNMPv2-TC) |
mac-address | MacAddress (SNMPv2-TC) |
xpath1.0 | |
hex-string | |
uuid | |
dotted-quad |
ietf-inet-types | Equivalent SMIv2 type |
ip-version | InetVersion (INET-ADDRESS-MIB) |
dscp | Dscp (DIFFSERV-DSCP-TC) |
ipv6-flow-label | IPv6FlowLabel (IPV6-FLOW-LABEL-MIB) |
port-number | InetPortNumber (INET-ADDRESS-MIB) |
as-number | InetAutonomousSystemNumber |
ip-address | |
ipv4-address | |
ipv6-address | |
ip-address-no-zone | |
ipv4-address-no-zone | |
ipv6-address-no-zone | |
ip-prefix | |
ipv4-prefix | |
ipv6-prefix | |
domain-name | |
host | |
uri | Uri (URI-TC-MIB) |