NETCONF and YANG Concepts

Presented by Tail-f
TUTORIAL: NETCONF AND YANG

High-level Properties

NETCONF YANG
Network management protocol specifically designed to support Text based data modeling language designed for use with
service activation and provisioning. NETCONF.

Encrypted, efficient transport

Operator friendly
XML content transported over SSH+TCP.
Easy to mimic existing human operator interfaces, such as
Extensible CLI and WebUI. Supports tables inside tables.

XML Namespaces make it possible to add e.g. new RPC Precise

types or new table columns without breaking existing
applications. Very precise and specific data definitions. Allowed values
could be 1..99 | 1300..1999 | none. Explicit about keys in
Transactional tables.

Configuration changes happen all-or-nothing and all-at- Extensible

once which simplifies network management applications.
Define additional keywords in Yang with rigid syntax, that
Network-wide standard compilers parse correctly. Additional keywords
used to generate code, documentation, test cases, etc based
Can address multiple network elements in parallel to on model.
implement network-wide transactions.
Human readable
Non-programmers can read Yang models.

2013 TAIL-F all rights reserved MAY 27, 2013 2

TUTORIAL: NETCONF AND YANG

What makes NETCONF/YANG different?

Every few years the last 20, there has been a new emerging management standard
Each time, there is a big hype and everything will be great
in the end, all that changed was one more interface type that adds to the complexity

Do you remember them all?

CMIP, SNMP, Corba, CIM, Soap, Rest,

Now I say NETCONF and YANG are a good idea. Why should you believe me?

2013 TAIL-F all rights reserved MAY 27, 2013 3

TUTORIAL: NETCONF AND YANG

What makes NETCONF/YANG different?

SNMP NETCONF SOAP

Management SNMP NETCONF

Operations

RPC Protocol BER XML XML

Transport UDP SSH SSL

Stack TCP HTTP
TCP
2013 TAIL-F all rights reserved MAY 27, 2013 4
TUTORIAL: NETCONF AND YANG

What makes NETCONF/YANG different?

SNMP NETCONF SOAP

Data models Defined in Defined in

MIBs YANG
Data Modeling SMI YANG
Language

Management SNMP NETCONF

Operations

RPC Protocol BER XML XML

Transport UDP SSH SSL

Stack TCP HTTP
2013 TAIL-F all rights reserved
TCP MAY 27, 2013 5
TUTORIAL: NETCONF AND YANG

What makes NETCONF/YANG different?

SNMP NETCONF
GET <get-config>
GET-NEXT <edit-config>
SET <copy-config>
TRAP <delete-config>
<get>
<lock>

so what? same same?

2013 TAIL-F all rights reserved MAY 27, 2013 6

TUTORIAL: NETCONF AND YANG

This is where the difference is:

In the supported use cases!
What makes NETCONF/YANG different?
Use Case SNMP NETCONF
Get collection of status fields Yes Yes. Bulk xfer up to
10x faster. Really.

Set collection of configuration fields Yes, up to 64kB Yes

Set configuration fields in transaction No Yes
Transactions across multiple network elements No Yes

Invoke administrative actions Well Yes

Send event notifications Yes Yes, connected
Backup and restore configuration Usually not Yes
Secure protocol v3 is fair Yes
Test configuration before final commit No Yes
The Holy Grail:
Service Activation No Yes
2013 TAIL-F all rights reserved MAY 27, 2013 7
TUTORIAL: NETCONF AND YANG

The Meaning of Transactions

The four properties that define a transaction: ACID

Atomicity
Transactions are indivisible, all-or-nothing
Consistency
Transactions are all-at-once
There is no internal order inside a transaction, it is a set of changes, not a sequence
Implies that { create A, create B } and { create B, create A } are identical
Implies that a system behaving differently with respect to the sequence is not transactional
Independence
Parallel transactions do not interfere with each other
Transactions appear to happen always-in-sequence
Durability
Committed data always-sticks, i.e. remains in the system even in the case of a fail-over,
2013 TAIL-Fpower failure, restart, etc
all rights reserved MAY 27, 2013 8
TUTORIAL: NETCONF AND YANG

The Meaning of Transactions

Consider transaction A
Add interface eth5
Add route 55.66.0.0/24 over interface eth5

Transactions are all-at-once, there is no internal ordering

Transaction A is therefore equivalent to
Add route 55.66.0.0/24 over interface eth5
Add interface eth5

Obviously, the order matters in the execution.

But it is not the managers concern in a transactional system.

2013 TAIL-F all rights reserved MAY 27, 2013 9

TUTORIAL: NETCONF AND YANG

The Meaning of Transactions

Backup Restore
Read the configuration Send the saved configuration
Manager does not need to know No need to sort data
which elements are configuration All-or-nothing semantics
Save result to a file No PDU size limit
Human readable XML file
Use diff and other XML processing
tools
Edit file, if desired

2013 TAIL-F all rights reserved MAY 27, 2013 10

TUTORIAL: NETCONF AND YANG

The Meaning of Transactions

Service Activation
Operator creates new service in OSS OSS sends configuration change to
GUI all concerned devices in a network
IPTV service, HD quality wide transaction
No need to sort data
OSS computes configuration changes
to send to network All-or-nothing semantics across all
devices
Some IPTV server edits
Each device validates
Three routers
Two firewalls Optionally test service
One billing machine Confirm or roll back

2013 TAIL-F all rights reserved MAY 27, 2013 11

TUTORIAL: NETCONF AND YANG

Network-wide Transactions is the most

important leap in network management
technology since SNMP.
The error recovery and sequencing tasks are
removed from the manager side.
This is usually more than half the cost in a
mature system; more than the entire cost of
the managed devices.

2013 TAIL-F all rights reserved MAY 27, 2013 12

TUTORIAL: NETCONF AND YANG

Current IETF Status

2013 TAIL-F all rights reserved MAY 27, 2013 13

TUTORIAL: NETCONF AND YANG

NETCONF RFC Overview

RFC 3535 Informational: Background
RFC 6244 NETCONF+Yang Architectural Overview
RFC 6241 Base NETCONF Protocol
RFC 6242, 4743-4744, 5539 Transport Mappings
RFC 5277 Notifications
RFC 5717 Partial Locking
RFC 6243 With defaults
RFC 6470 Base Notifications
RFC 6536 NETCONF Access Control Model

https://datatracker.ietf.org/wg/netconf/charter/
www.rfc-editor.org/rfc/rfcXXXX.txt

2013 TAIL-F all rights reserved MAY 27, 2013 14

TUTORIAL: NETCONF AND YANG

YANG RFC Overview

RFC 6020 YANG Base Specification
RFC 6021 YANG Types
RFC 6087 Guidelines for YANG Authors and Reviewers
RFC 6110 Mapping and Validating YANG Start Here!
RFC 6244 NETCONF+Yang Architectural Overview
RFC 6643 Translation of SMIv2 MIBs to YANG

Rather than
https://datatracker.ietf.org/wg/netmod/charter/ risking getting
https://www.ietf.org/iesg/directorate/yang-doctors.html things wrong,
http://www.yang-central.org/
ask the
YANG Doctors
2013 TAIL-F all rights reserved MAY 27, 2013 15