IETF-93 Proceedings

Introduction  |  Area, Working Goup & BoF Reports  |  Plenaries  |  Training  |  Internet Research Task Force

Network Configuration (netconf) (WG)

Minutes   |   Jabber Logs  |   Mailing List Archives

Additional information is available at


Operations and Management Area Area Director(s):

Assigned Area Director


Meeting Slides:

Blue Sheets:


Request for Comments:

Charter (as of 2015-09-30):

Configuration of networks of devices has become a critical requirement
for operators in today's highly interconnected networks. Large and small
operators alike have developed their own mechanisms or have used vendor
specific mechanisms to transfer configuration data to and from a device
and to examine device state information which may impact the
configuration. Each of these mechanisms may be different in various
aspects, such as session establishment, user authentication,
configuration data exchange, and error responses.

The NETCONF protocol (RFC 6241) provides mechanisms to install, manipulate, and delete the configuration of network devices. NETCONF is based on the secure transport (SSH is mandatory to implement while TLS is an optional transport) and uses an XML-based data representation. The NETCONF protocol is data modeling language independent, but YANG (RFC 6020) is the recommended NETCONF modeling language, which introduces advanced
language features for configuration management.

Based on the implementation, deployment experience and interoperability
testing, the WG aims to produce a NETCONF status report in a later stage.
The result may be clarifications for RFC6241 and RFC6242 and addressing
any reported errata.

In the current phase of NETCONF's incremental development the workgroup
will focus on following items:

1. Develop the call home mechanism for the mandatory SSH binding (Reverse SSH) providing a server-initiated session establishment.

2. Develop a zero touch configuration document (a technique to establish a secure network management relationship between a newly delivered network device configured with just its factory default settings, and the Network Management System), specific to the NETCONF use case.

3. Advance NETCONF over TLS to be in-line with NETCONF 1.1 (i.e., update RFC 5539) and add the call home mechanism to provide a server-initiated session establishment.

4. Combine the server configuration data models from Reverse SSH and RFC5539bis drafts in a separate call home YANG module.

5. Develop RESTCONF, a protocol based on NETCONF in terms of capabilities, but over HTTP and with some REST characteristics, for accessing YANG data using the datastores defined in NETCONF. An "ordered edit list" approach is needed (the YANG patch) to provide client developers with a simpler edit request format that can be more efficient and also allow more precise client control of the transaction procedure than existing mechanisms. The YANG patch operation, based on the HTTP PATCH method, will be prepared in a separate draft. RESTCONF should not deviate from the NETCONF capabilities unless proper justification is provided and documented. The RESTCONF work will consider requirements suggested by the other working groups (for example I2RS).