NETCONF all the theory you need to know

You are reading this because “maybe” you are a professional with the typical Network Engineer role operating, implementing, troubleshooting, configuring your current devices using memorized CLI commands (IOS XE or junOS mostly), using notepad everyday, secureCRT, copy pasting long CLI scripts, and manage your inter-infrastructure communication using old MIBs and SNMP, right?. Well, NETCONF is considered as a SNMP replacement so this post might be important for you.

NETCONF is a protocol  defined by the IETF to address some of the challenges with CLI scripting by providing a standards-based method to “install, manipulate, and delete the configuration of network devices”. Basically you will use other “way” to configure devices. Your vendor “cli input” won’t be needed to memorize anymore. All the exchange data to go from the client (human) to the configured device (router) will be XML data format. The secure transport will be SSH.

NETCONF protocol Stack

NETCONF LayersExamples
ProtocolsSSHv2, SOAP, TLS
Messages<rpc>,<rpc-reply>
Operations*<get-config>, <get>, <copy-config>, <commit>, <validate>, <lock>, <unlock>, <edit-config>, <delete-config>
ContentXML Documents (XSD, YANG, etc.)

NETCONF common operations include:

<get> : Retrieves running configuration and device state information
get<-config> : Retrieves all or part of a configuration datastore
<edit-config> : Loads all or part of a configuration to the specified datastore
<delete-config> : Deletes a configuration datastore
<copy-config> : Replaces an entire configuration datastore with another
<lock> / <unlock> : Locks or unlocks the entire configuration datastore system
<close-session> : Performs a graceful termination of NETCONF session
<kill-session> : Performs a forced termination of NETCONF session

Check NETCONF (TCP:22) demo configuring a Cisco Router using NETCONF input, check this post (IOS below 16.x)>>>>>

check NETCONF-YANG (TCP:830) decom configuring a Cisco Router (IOS above 16.x) >>>>>>

Tags :

Leave a Reply

Your email address will not be published. Required fields are marked *