What is NETCONF?
NETCONF is a network management protocol for configuration management and retrieving configuration and operational state data from network devices.
NETCONF uses a simple Remote Procedure Call (RPC) based mechanism to facilitate communication between a client and a server and uses XML for encoding the configuration data as well as the protocol messages. It uses Secure Shell (SSH) as the transport layer across network devices. It uses SSH port number 830 as the default port.
NETCONF also supports capability discovery and model downloads.
NETCONF Protocol Stack
|Content||Configuration/filters; XML representation of data models (YANG, XSD)|
|Operation||<get-config>, <edit-config>, <copy-config>, <delete-config>, <lock>, <unlock>, <close-session>, <kill-session>|
NETCONF is commonly implemented using SSH as transport.
NETCONF messages are based on an RPC based communication model. NETCONF supports two [three?] message types:
Every NETCONF message is a well-formed XML document. An RPC result is linked to an RPC invocation by a message-id attribute.
<rpc message-id="101"> <!-- rest of request as XML... --> </rpc> <rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <data> <!-- XML content/response... --> </data> </rpc-reply>
|<get>||Retrieve running configuration and device state information|
|<get-config>||Retrieve all or part of a specified configuration datastore|
|<edit-config>||Edit a configuration datastore by creating, deleting, merging or replacing content|
|<copy-config>||Copy an entire configuration datastore to another configuration datastore|
|<delete-config>||Delete a configuration datastore|
|<lock>||Lock an entire configuration datastore of a device|
|<unlock>||Release a configuration datastore lock previously obtained with the <lock> operation|
|<close-session>||Request graceful termination of a NETCONF session|
|<kill-session>||Force the termination of a NETCONF session|
The content of NETCONF operations is well-formed XML. Most content is related to network management. NETCONF only supports XML for data encoding.
NETCONF has different data stores. These data stores are the target of configuration reads and writes. The data stores defined in the RFC are:
- running (mandatory)
- candidate (optional)
- startup (optional)
NETCONF rpc example:
<?xml version="1.0" encoding="UTF-8"?> <rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1"> <get-config> <source> <running/> </source> <filter xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"> <interfaces/> </filter> </get-config> </rpc>
Network Programmability and Automation, by Jason Edelman , Scott S. Lowe , and Matt Oswalt