You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
NETCONF is a network management protocol (RFC 6241) designed to replace CLI-based configuration. YANG is the data modelling language (RFC 7950) that defines the structure of network configuration and operational data. Together, they provide a model-driven, programmatic approach to network management.
| Issue | CLI | NETCONF + YANG |
|---|---|---|
| Data format | Unstructured text | Structured XML (or JSON) |
| Parsing | Regex, screen scraping | Standard XML/JSON parsing |
| Transactions | No atomic transactions | Commit/rollback support |
| Validation | Device checks after apply | Schema validation before apply |
| Consistency | Vendor-specific commands | Standard protocol, model-driven |
| Error handling | Parse text for error messages | Structured error responses |
NETCONF (Network Configuration Protocol) is an IETF standard for installing, manipulating, and deleting network device configurations:
| Feature | Description |
|---|---|
| Transport | SSH (port 830 by default) |
| Encoding | XML |
| Operations | get, get-config, edit-config, copy-config, delete-config, lock, unlock, commit |
| Datastores | running, candidate, startup |
| Capabilities | Server advertises supported features during session setup |
┌──────────────────────┐
│ Content │ ← Configuration and operational data (XML)
├──────────────────────┤
│ Operations │ ← get, get-config, edit-config, commit, etc.
├──────────────────────┤
│ Messages │ ← RPC request/reply framing
├──────────────────────┤
│ Transport │ ← SSH (secure, authenticated)
└──────────────────────┘
| Operation | Description |
|---|---|
<get> | Retrieve running configuration and operational state |
<get-config> | Retrieve configuration from a specific datastore |
<edit-config> | Modify the configuration |
<copy-config> | Copy one datastore to another |
<delete-config> | Delete a datastore (not running) |
<lock> / <unlock> | Lock a datastore to prevent concurrent edits |
<commit> | Apply candidate configuration to running |
<validate> | Validate the candidate configuration |
<discard-changes> | Discard changes to the candidate datastore |
┌─────────────┐
edit-config ──────────> │ Candidate │
│ Datastore │
└──────┬──────┘
│
commit │
▼
┌─────────────┐
│ Running │
│ Datastore │
└─────────────┘
The candidate datastore lets you stage changes, validate them, and then commit atomically. If something is wrong, you can discard changes without affecting the running configuration.
YANG (Yet Another Next Generation) is a data modelling language that defines the structure and constraints of network configuration and state:
| Feature | Description |
|---|---|
| Defines schema | What configuration options exist and their data types |
| Hierarchical | Tree structure with containers, lists, and leaves |
| Constraints | Mandatory fields, valid ranges, patterns, when conditions |
| Reusable | Modules can import and augment other modules |
| Vendor-neutral | OpenConfig models work across vendors |
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.