You are reading this because “maybe” you are a professional with the typical Network Engineer role operating, implementing, troubleshooting, configuring your current devices using memorized CLI commands (IOS XE or junOS mostly), using notepad everyday, secureCRT, copy pasting long CLI scripts, and manage your inter-infrastructure communication using old MIBs and SNMP, right?. Well, NETCONF is considered as a SNMP replacement so this post might be important for you.
NETCONF is a protocol defined by the IETF to address some of the challenges with CLI scripting by providing a standards-based method to “install, manipulate, and delete the configuration of network devices”. Basically you will use other “way” to configure devices. Your vendor “cli input” won’t be needed to memorize anymore. All the exchange data to go from the client (human) to the configured device (router) will be XML data format. The secure transport will be SSH.
NETCONF protocol Stack
NETCONF Layers | Examples |
Protocols | SSHv2, SOAP, TLS |
Messages | <rpc>,<rpc-reply> |
Operations* | <get-config>, <get>, <copy-config>, <commit>, <validate>, <lock>, <unlock>, <edit-config>, <delete-config> |
Content | XML Documents (XSD, YANG, etc.) |
NETCONF common operations include:
<get> : Retrieves running configuration and device state information
get<-config> : Retrieves all or part of a configuration datastore
<edit-config> : Loads all or part of a configuration to the specified datastore
<delete-config> : Deletes a configuration datastore
<copy-config> : Replaces an entire configuration datastore with another
<lock> / <unlock> : Locks or unlocks the entire configuration datastore system
<close-session> : Performs a graceful termination of NETCONF session
<kill-session> : Performs a forced termination of NETCONF session
check NETCONF-YANG (TCP:830) decom configuring a Cisco Router (IOS above 16.x) >>>>>>