< draft-ietf-netconf-restconf-03.txt   draft-ietf-netconf-restconf-04.txt >
Network Working Group A. Bierman Network Working Group A. Bierman
Internet-Draft YumaWorks Internet-Draft YumaWorks
Intended status: Standards Track M. Bjorklund Intended status: Standards Track M. Bjorklund
Expires: April 28, 2015 Tail-f Systems Expires: August 3, 2015 Tail-f Systems
K. Watsen K. Watsen
Juniper Networks Juniper Networks
October 25, 2014 January 30, 2015
RESTCONF Protocol RESTCONF Protocol
draft-ietf-netconf-restconf-03 draft-ietf-netconf-restconf-04
Abstract Abstract
This document describes an HTTP-based protocol that provides a This document describes an HTTP-based protocol that provides a
programmatic interface for accessing data defined in YANG, using the programmatic interface for accessing data defined in YANG, using the
datastores defined in NETCONF. datastores defined in NETCONF.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
skipping to change at page 1, line 35 skipping to change at page 1, line 35
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 28, 2015. This Internet-Draft will expire on August 3, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1. Secure Transport . . . . . . . . . . . . . . . . . . . . 5 1.1. Simple Subset of NETCONF Functionality . . . . . . . . . 5
1.2. Simple Subset of NETCONF Functionality . . . . . . . . . 5 1.2. Data Model Driven API . . . . . . . . . . . . . . . . . . 6
1.3. Data Model Driven API . . . . . . . . . . . . . . . . . . 6 1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 7
1.4. Terminology . . . . . . . . . . . . . . . . . . . . . . . 7 1.3.1. NETCONF . . . . . . . . . . . . . . . . . . . . . . . 7
1.4.1. NETCONF . . . . . . . . . . . . . . . . . . . . . . . 7 1.3.2. HTTP . . . . . . . . . . . . . . . . . . . . . . . . 8
1.4.2. HTTP . . . . . . . . . . . . . . . . . . . . . . . . 8 1.3.3. YANG . . . . . . . . . . . . . . . . . . . . . . . . 9
1.4.3. YANG . . . . . . . . . . . . . . . . . . . . . . . . 9 1.3.4. Terms . . . . . . . . . . . . . . . . . . . . . . . . 9
1.4.4. Terms . . . . . . . . . . . . . . . . . . . . . . . . 9 1.3.5. URI Template . . . . . . . . . . . . . . . . . . . . 11
1.4.5. URI Template . . . . . . . . . . . . . . . . . . . . 11 1.3.6. Tree Diagrams . . . . . . . . . . . . . . . . . . . . 11
1.4.6. Tree Diagrams . . . . . . . . . . . . . . . . . . . . 11 2. Transport Protocol Requirements . . . . . . . . . . . . . . . 11
2. Resources . . . . . . . . . . . . . . . . . . . . . . . . . . 11 2.1. Integrity and Confidentiality . . . . . . . . . . . . . . 11
2.1. RESTCONF Resource Types . . . . . . . . . . . . . . . . . 12 2.2. HTTPS with X.509v3 Certificates . . . . . . . . . . . . . 12
2.2. Resource Discovery . . . . . . . . . . . . . . . . . . . 12 2.3. Certificate Validation . . . . . . . . . . . . . . . . . 12
2.3. API Resource . . . . . . . . . . . . . . . . . . . . . . 13 2.4. Authenticated Server Identity . . . . . . . . . . . . . . 12
2.3.1. {+restconf}/data . . . . . . . . . . . . . . . . . . 13 2.5. Authenticated Client Identity . . . . . . . . . . . . . . 12
2.3.2. {+restconf}/operations . . . . . . . . . . . . . . . 14 3. Resources . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.4. Datastore Resource . . . . . . . . . . . . . . . . . . . 14 3.1. Root Resource Discovery . . . . . . . . . . . . . . . . . 14
2.4.1. Edit Collision Detection . . . . . . . . . . . . . . 15 3.2. RESTCONF Resource Types . . . . . . . . . . . . . . . . . 15
2.5. Data Resource . . . . . . . . . . . . . . . . . . . . . . 15 3.3. API Resource . . . . . . . . . . . . . . . . . . . . . . 15
2.5.1. Encoding YANG Instance Identifiers in the Request URI 16 3.3.1. {+restconf}/data . . . . . . . . . . . . . . . . . . 16
2.5.2. Defaults Handling . . . . . . . . . . . . . . . . . . 18 3.3.2. {+restconf}/operations . . . . . . . . . . . . . . . 17
2.6. Collection Resource . . . . . . . . . . . . . . . . . . . 19 3.4. Datastore Resource . . . . . . . . . . . . . . . . . . . 17
2.7. Operation Resource . . . . . . . . . . . . . . . . . . . 19 3.4.1. Edit Collision Detection . . . . . . . . . . . . . . 18
2.7.1. Encoding Operation Input Parameters . . . . . . . . . 20 3.5. Data Resource . . . . . . . . . . . . . . . . . . . . . . 19
2.7.2. Encoding Operation Output Parameters . . . . . . . . 21 3.5.1. Encoding Data Resource Identifiers in the Request URI 19
2.8. Schema Resource . . . . . . . . . . . . . . . . . . . . . 22 3.5.2. Defaults Handling . . . . . . . . . . . . . . . . . . 22
2.9. Stream Resource . . . . . . . . . . . . . . . . . . . . . 23 3.6. Operation Resource . . . . . . . . . . . . . . . . . . . 22
2.10. Errors Resource . . . . . . . . . . . . . . . . . . . . . 23 3.6.1. Encoding Operation Input Parameters . . . . . . . . . 23
3. Operations . . . . . . . . . . . . . . . . . . . . . . . . . 23 3.6.2. Encoding Operation Output Parameters . . . . . . . . 24
3.1. OPTIONS . . . . . . . . . . . . . . . . . . . . . . . . . 24 3.7. Schema Resource . . . . . . . . . . . . . . . . . . . . . 24
3.2. HEAD . . . . . . . . . . . . . . . . . . . . . . . . . . 24 3.8. Event Stream Resource . . . . . . . . . . . . . . . . . . 25
3.3. GET . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 3.9. Errors Media Type . . . . . . . . . . . . . . . . . . . . 26
3.4. POST . . . . . . . . . . . . . . . . . . . . . . . . . . 26 4. Operations . . . . . . . . . . . . . . . . . . . . . . . . . 26
3.4.1. Create Resource Mode . . . . . . . . . . . . . . . . 26 4.1. OPTIONS . . . . . . . . . . . . . . . . . . . . . . . . . 27
3.4.2. Invoke Operation Mode . . . . . . . . . . . . . . . . 27 4.2. HEAD . . . . . . . . . . . . . . . . . . . . . . . . . . 27
3.5. PUT . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 4.3. GET . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
3.6. PATCH . . . . . . . . . . . . . . . . . . . . . . . . . . 29 4.4. POST . . . . . . . . . . . . . . . . . . . . . . . . . . 28
3.7. DELETE . . . . . . . . . . . . . . . . . . . . . . . . . 30 4.4.1. Create Resource Mode . . . . . . . . . . . . . . . . 29
3.8. Query Parameters . . . . . . . . . . . . . . . . . . . . 31 4.4.2. Invoke Operation Mode . . . . . . . . . . . . . . . . 30
3.8.1. Query Parameter URIs . . . . . . . . . . . . . . . . 31 4.5. PUT . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3.8.2. The "content" Query Parameter . . . . . . . . . . . . 32 4.6. PATCH . . . . . . . . . . . . . . . . . . . . . . . . . . 32
3.8.3. The "depth" Query Parameter . . . . . . . . . . . . . 32 4.6.1. Plain Patch . . . . . . . . . . . . . . . . . . . . . 32
3.8.4. The "select" Query Parameter . . . . . . . . . . . . 33
3.8.5. The "insert" Query Parameter . . . . . . . . . . . . 34
3.8.6. The "point" Query Parameter . . . . . . . . . . . . . 34
3.8.7. The "limit" Query Parameter . . . . . . . . . . . . . 35
3.8.8. The "offset" Query Parameter . . . . . . . . . . . . 35
3.8.9. The "filter" Query Parameter . . . . . . . . . . . . 36
3.8.10. The "start-time" Query Parameter . . . . . . . . . . 36
3.8.11. The "stop-time" Query Parameter . . . . . . . . . . . 37
4. Messages . . . . . . . . . . . . . . . . . . . . . . . . . . 38
4.1. Request URI Structure . . . . . . . . . . . . . . . . . . 38
4.2. RESTCONF Path Resolution . . . . . . . . . . . . . . . . 39
4.3. Message Headers . . . . . . . . . . . . . . . . . . . . . 40
4.4. Message Encoding . . . . . . . . . . . . . . . . . . . . 41
4.5. RESTCONF Meta-Data . . . . . . . . . . . . . . . . . . . 41
4.6. Return Status . . . . . . . . . . . . . . . . . . . . . . 42
4.7. Message Caching . . . . . . . . . . . . . . . . . . . . . 42
5. Notifications . . . . . . . . . . . . . . . . . . . . . . . . 42
5.1. Server Support . . . . . . . . . . . . . . . . . . . . . 42
5.2. Event Streams . . . . . . . . . . . . . . . . . . . . . . 43
5.3. Subscribing to Receive Notifications . . . . . . . . . . 45
5.3.1. NETCONF Event Stream . . . . . . . . . . . . . . . . 46
5.4. Receiving Event Notifications . . . . . . . . . . . . . . 46
6. Error Reporting . . . . . . . . . . . . . . . . . . . . . . . 48
6.1. Error Response Message . . . . . . . . . . . . . . . . . 49
7. RESTCONF module . . . . . . . . . . . . . . . . . . . . . . . 51
8. RESTCONF Monitoring . . . . . . . . . . . . . . . . . . . . . 57
8.1. restconf-state/capabilities . . . . . . . . . . . . . . . 58
8.2. restconf-state/streams . . . . . . . . . . . . . . . . . 58
8.3. RESTCONF Monitoring Module . . . . . . . . . . . . . . . 58
9. YANG Module Library . . . . . . . . . . . . . . . . . . . . . 62
9.1. modules . . . . . . . . . . . . . . . . . . . . . . . . . 63
9.1.1. modules/module . . . . . . . . . . . . . . . . . . . 63
9.2. YANG Library Module . . . . . . . . . . . . . . . . . . . 64
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 68
10.1. The "restconf" Relation Type . . . . . . . . . . . . . . 68
10.2. YANG Module Registry . . . . . . . . . . . . . . . . . . 68
10.3. application/yang Media Sub Types . . . . . . . . . . . . 69
10.4. NETCONF Capability URNs . . . . . . . . . . . . . . . . 70
11. Security Considerations . . . . . . . . . . . . . . . . . . . 70
12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 71
13. References . . . . . . . . . . . . . . . . . . . . . . . . . 71
13.1. Normative References . . . . . . . . . . . . . . . . . . 71
13.2. Informative References . . . . . . . . . . . . . . . . . 73
Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 73
A.1. 02 - 03 . . . . . . . . . . . . . . . . . . . . . . . . . 73
A.2. 01 - 02 . . . . . . . . . . . . . . . . . . . . . . . . . 74
A.3. 00 - 01 . . . . . . . . . . . . . . . . . . . . . . . . . 75
A.4. bierman:restconf-04 to ietf:restconf-00 . . . . . . . . . 76
Appendix B. Open Issues . . . . . . . . . . . . . . . . . . . . 76 4.7. DELETE . . . . . . . . . . . . . . . . . . . . . . . . . 33
Appendix C. Example YANG Module . . . . . . . . . . . . . . . . 76 4.8. Query Parameters . . . . . . . . . . . . . . . . . . . . 34
C.1. example-jukebox YANG Module . . . . . . . . . . . . . . . 77 4.8.1. Query Parameter URIs . . . . . . . . . . . . . . . . 35
Appendix D. RESTCONF Message Examples . . . . . . . . . . . . . 82 4.8.2. The "defaults" Protocol Capability URI . . . . . . . 35
D.1. Resource Retrieval Examples . . . . . . . . . . . . . . . 82 4.8.3. The "content" Query Parameter . . . . . . . . . . . . 36
D.1.1. Retrieve the Top-level API Resource . . . . . . . . . 82 4.8.4. The "depth" Query Parameter . . . . . . . . . . . . . 36
D.1.2. Retrieve The Server Module Information . . . . . . . 83 4.8.5. The "fields" Query Parameter . . . . . . . . . . . . 37
D.1.3. Retrieve The Server Capability Information . . . . . 84 4.8.6. The "insert" Query Parameter . . . . . . . . . . . . 38
D.2. Edit Resource Examples . . . . . . . . . . . . . . . . . 85 4.8.7. The "point" Query Parameter . . . . . . . . . . . . . 38
D.2.1. Create New Data Resources . . . . . . . . . . . . . . 85 4.8.8. The "filter" Query Parameter . . . . . . . . . . . . 39
D.2.2. Detect Resource Entity Tag Change . . . . . . . . . . 86 4.8.9. The "start-time" Query Parameter . . . . . . . . . . 40
D.3. Query Parameter Examples . . . . . . . . . . . . . . . . 87 4.8.10. The "stop-time" Query Parameter . . . . . . . . . . . 40
D.3.1. "content" Parameter . . . . . . . . . . . . . . . . . 87 4.8.11. The "with-defaults" Query Parameter . . . . . . . . . 41
D.3.2. "depth" Parameter . . . . . . . . . . . . . . . . . . 90 5. Messages . . . . . . . . . . . . . . . . . . . . . . . . . . 42
D.3.3. "select" Parameter . . . . . . . . . . . . . . . . . 93 5.1. Request URI Structure . . . . . . . . . . . . . . . . . . 42
D.3.4. "insert" Parameter . . . . . . . . . . . . . . . . . 94 5.2. Message Headers . . . . . . . . . . . . . . . . . . . . . 43
D.3.5. "point" Parameter . . . . . . . . . . . . . . . . . . 95 5.3. Message Encoding . . . . . . . . . . . . . . . . . . . . 44
D.3.6. "limit" Parameter . . . . . . . . . . . . . . . . . . 95 5.4. RESTCONF Meta-Data . . . . . . . . . . . . . . . . . . . 45
D.3.7. "offset" Parameter . . . . . . . . . . . . . . . . . 96 5.5. Return Status . . . . . . . . . . . . . . . . . . . . . . 45
D.3.8. "filter" Parameter . . . . . . . . . . . . . . . . . 97 5.6. Message Caching . . . . . . . . . . . . . . . . . . . . . 45
D.3.9. "start-time" Parameter . . . . . . . . . . . . . . . 98 6. Notifications . . . . . . . . . . . . . . . . . . . . . . . . 46
D.3.10. "stop-time" Parameter . . . . . . . . . . . . . . . . 98 6.1. Server Support . . . . . . . . . . . . . . . . . . . . . 46
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 98 6.2. Event Streams . . . . . . . . . . . . . . . . . . . . . . 46
6.3. Subscribing to Receive Notifications . . . . . . . . . . 48
6.3.1. NETCONF Event Stream . . . . . . . . . . . . . . . . 49
6.4. Receiving Event Notifications . . . . . . . . . . . . . . 49
7. Error Reporting . . . . . . . . . . . . . . . . . . . . . . . 51
7.1. Error Response Message . . . . . . . . . . . . . . . . . 52
8. RESTCONF module . . . . . . . . . . . . . . . . . . . . . . . 55
9. RESTCONF Monitoring . . . . . . . . . . . . . . . . . . . . . 61
9.1. restconf-state/capabilities . . . . . . . . . . . . . . . 62
9.2. restconf-state/streams . . . . . . . . . . . . . . . . . 62
9.3. RESTCONF Monitoring Module . . . . . . . . . . . . . . . 62
10. YANG Module Library . . . . . . . . . . . . . . . . . . . . . 66
10.1. modules . . . . . . . . . . . . . . . . . . . . . . . . 66
10.1.1. modules/module . . . . . . . . . . . . . . . . . . . 67
11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 67
11.1. The "restconf" Relation Type . . . . . . . . . . . . . . 67
11.2. YANG Module Registry . . . . . . . . . . . . . . . . . . 67
11.3. application/yang Media Sub Types . . . . . . . . . . . . 68
11.4. RESTCONF Capability URNs . . . . . . . . . . . . . . . . 69
12. Security Considerations . . . . . . . . . . . . . . . . . . . 70
13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 71
14. References . . . . . . . . . . . . . . . . . . . . . . . . . 71
14.1. Normative References . . . . . . . . . . . . . . . . . . 71
14.2. Informative References . . . . . . . . . . . . . . . . . 74
Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 74
A.1. 03 - 04 . . . . . . . . . . . . . . . . . . . . . . . . . 74
A.2. 02 - 03 . . . . . . . . . . . . . . . . . . . . . . . . . 75
A.3. 01 - 02 . . . . . . . . . . . . . . . . . . . . . . . . . 76
A.4. 00 - 01 . . . . . . . . . . . . . . . . . . . . . . . . . 76
A.5. bierman:restconf-04 to ietf:restconf-00 . . . . . . . . . 77
Appendix B. Open Issues . . . . . . . . . . . . . . . . . . . . 77
Appendix C. Example YANG Module . . . . . . . . . . . . . . . . 78
C.1. example-jukebox YANG Module . . . . . . . . . . . . . . . 78
Appendix D. RESTCONF Message Examples . . . . . . . . . . . . . 84
D.1. Resource Retrieval Examples . . . . . . . . . . . . . . . 84
D.1.1. Retrieve the Top-level API Resource . . . . . . . . . 84
D.1.2. Retrieve The Server Module Information . . . . . . . 85
D.1.3. Retrieve The Server Capability Information . . . . . 86
D.2. Edit Resource Examples . . . . . . . . . . . . . . . . . 87
D.2.1. Create New Data Resources . . . . . . . . . . . . . . 87
D.2.2. Detect Resource Entity Tag Change . . . . . . . . . . 88
D.3. Query Parameter Examples . . . . . . . . . . . . . . . . 89
D.3.1. "content" Parameter . . . . . . . . . . . . . . . . . 89
D.3.2. "depth" Parameter . . . . . . . . . . . . . . . . . . 92
D.3.3. "fields" Parameter . . . . . . . . . . . . . . . . . 95
D.3.4. "insert" Parameter . . . . . . . . . . . . . . . . . 96
D.3.5. "point" Parameter . . . . . . . . . . . . . . . . . . 97
D.3.6. "filter" Parameter . . . . . . . . . . . . . . . . . 97
D.3.7. "start-time" Parameter . . . . . . . . . . . . . . . 98
D.3.8. "stop-time" Parameter . . . . . . . . . . . . . . . . 98
D.3.9. "with-defaults" Parameter . . . . . . . . . . . . . . 98
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 100
1. Introduction 1. Introduction
There is a need for standard mechanisms to allow WEB applications to There is a need for standard mechanisms to allow Web applications to
access the configuration data, operational data, data-model specific access the configuration data, operational data, data-model specific
protocol operations, and notification events within a networking protocol operations, and notification events within a networking
device, in a modular and extensible manner. device, in a modular and extensible manner.
This document describes an HTTP [RFC2616] based protocol called This document describes an HTTP [RFC7230] based protocol called
RESTCONF, for accessing data defined in YANG [RFC6020], using RESTCONF, for accessing data defined in YANG [RFC6020], using
datastores defined in NETCONF [RFC6241]. datastores defined in NETCONF [RFC6241].
The NETCONF protocol defines configuration datastores and a set of The NETCONF protocol defines configuration datastores and a set of
Create, Retrieve, Update, Delete (CRUD) operations that can be used Create, Retrieve, Update, Delete (CRUD) operations that can be used
to access these datastores. The YANG language defines the syntax and to access these datastores. The YANG language defines the syntax and
semantics of datastore content, operational data, protocol semantics of datastore content, operational data, protocol
operations, and notification events. RESTCONF uses HTTP operations operations, and notification events. RESTCONF uses HTTP operations
to provide CRUD operations on a NETCONF datastore containing YANG- to provide CRUD operations on a NETCONF datastore containing YANG-
defined data. Since NETCONF protocol operations are not relevant, defined data. Since NETCONF protocol operations are not relevant,
skipping to change at page 5, line 12 skipping to change at page 5, line 16
be retrieved with the GET method. Resources representing be retrieved with the GET method. Resources representing
configuration data can be modified with the DELETE, PATCH, POST, and configuration data can be modified with the DELETE, PATCH, POST, and
PUT methods. Data is encoded with either XML [W3C.REC-xml-20081126] PUT methods. Data is encoded with either XML [W3C.REC-xml-20081126]
or JSON [RFC7158]. or JSON [RFC7158].
Data-model specific protocol operations defined with the YANG "rpc" Data-model specific protocol operations defined with the YANG "rpc"
statement can be invoked with the POST method. Data-model specific statement can be invoked with the POST method. Data-model specific
notification events defined with the YANG "notification" statement notification events defined with the YANG "notification" statement
can be accessed. can be accessed.
1.1. Secure Transport 1.1. Simple Subset of NETCONF Functionality
RESTCONF relies on TLS [RFC2246] to provide privacy and data
integrity for its HTTP operations. More specifically, RESTCONF
requires HTTP over TLS (HTTPS) [RFC2818]. To ensure security,
RESTCONF clients MUST verify the RESTCONF server's X.509 certificate
using the path validation algorithm defined in section 6 of
[RFC5280]. Devices that do not support TLS will be unable to
implement RESTCONF.
1.2. Simple Subset of NETCONF Functionality
The framework and meta-model used for an HTTP-based API does not need The framework and meta-model used for an HTTP-based API does not need
to mirror those used by the NETCONF protocol, but it needs to be to mirror those used by the NETCONF protocol, but it needs to be
compatible with NETCONF. A simplified framework and protocol is compatible with NETCONF. Instead, a simplified framework and
needed that utilizes the three NETCONF datastores (candidate, protocol is needed that co-exists with the three NETCONF datastores
running, startup), but hides the complexity of multiple datastores (candidate, running, startup), but hides the complexity of multiple
from the client. datastores from the client.
A simplified transaction model is needed that allows basic CRUD A simplified transaction model is needed that allows basic CRUD
operations on a hierarchy of conceptual resources. This represents a operations on a hierarchy of conceptual resources. This represents a
limited subset of the transaction capabilities of the NETCONF limited subset of the transaction capabilities of the NETCONF
protocol. protocol.
The HTTP POST, PUT, PATCH, and DELETE methods are used to edit data
resources represented by YANG data models. These basic edit
operations allow the running configuration to be altered in an all-
or-none fashion. This is similar to the "rollback-on-error"
capability in NETCONF. Edits are usually applied to one data
resource instance at a time.
Applications that require more complex transaction capabilities might Applications that require more complex transaction capabilities might
consider NETCONF instead of RESTCONF. The following transaction consider NETCONF instead of RESTCONF. The following transaction
features are not directly provided in RESTCONF: features are not directly provided in RESTCONF:
o datastore locking (full or partial) o datastore locking (full or partial)
o candidate datastore o candidate datastore
o startup datastore o startup datastore
o validate operation o validate operation
o confirmed-commit procedure o confirmed-commit procedure
RESTCONF is not intended to replace NETCONF, but rather provide an RESTCONF is not intended to replace NETCONF, but rather provide an
additional simplified interface that follows REST principles and is additional simplified interface that follows REST principles and is
compatible with a resource-oriented device abstraction. compatible with a resource-oriented device abstraction.
The following figure shows the system components: The following figure shows the system components:
+-----------+ +-----------------+ +-----------+ +-----------------+
| WEB app | <-------> | | | Web app | <-------> | |
+-----------+ HTTP | network device | +-----------+ HTTP | network device |
| | | |
+-----------+ | +-----------+ | +-----------+ | +-----------+ |
| NMS app | <-------> | | datastore | | | NMS app | <-------> | | datastore | |
+-----------+ NETCONF | +-----------+ | +-----------+ NETCONF | +-----------+ |
+-----------------+ +-----------------+
1.3. Data Model Driven API 1.2. Data Model Driven API
RESTCONF combines the simplicity of the HTTP protocol with the RESTCONF combines the simplicity of the HTTP protocol with the
predictability and automation potential of a schema-driven API. predictability and automation potential of a schema-driven API.
Using YANG, a client can predict all resource endpoints, much like Using YANG, a client can predict all resource endpoints, much like
using URI Templates [RFC6570], but in a more holistic manner. This using URI Templates [RFC6570], but in a more holistic manner. This
strategy obviates the need for responses provided by the server to strategy obviates the need for responses provided by the server to
contain HATEOAS links, originally described in Roy Fielding's contain HATEOAS links, originally described in Roy Fielding's
doctoral dissertation [rest-dissertation]. doctoral dissertation [rest-dissertation].
A REST client using HATEOAS principles would not use any data In contrast, a REST client using HATEOAS principles would not use any
modeling language to define the application-specific content of the data modeling language to define the application-specific content of
API. The client would discover each new child resource as it the API. The client would need to discover each new child resource
traverses the URIs returned as Location IDs to discover the server as it traverses the URIs to discover the server capabilities. This
capabilities. This approach has 3 significant weaknesses with approach has the following significant weaknesses with regards to
regards to control of complex networking devices: control of complex networking devices:
o inefficient performance: configuration APIs will be quite complex o inefficient performance: configuration APIs will be quite complex
and may require thousands of protocol messages to discover all the and may require thousands of protocol messages to discover all the
schema information. Typically the data type information has to be schema information. Typically the data type information has to be
passed in the protocol messages, which is also wasteful overhead. passed in the protocol messages, which is also wasteful overhead.
o no data model richness: without a data model, the schema-level o no data model richness: without a data model, the schema-level
semantics and validation constraints are not available to the semantics and validation constraints are not available to the
application. application.
o no tool automation: API automation tools need some sort of content o no tool automation: API automation tools need some sort of content
schema to function. Such tools can automate various programming schema to function. Such tools can automate various programming
and documentation tasks related to specific data models. and documentation tasks related to specific data models.
Data model modules such as YANG modules serve as an "API contract" Data models such as YANG modules serve as an "API contract" that will
that will be honored by the server. An application designer can code be honored by the server. An application designer can code to the
to the data model, knowing in advance important details about the data model, knowing in advance important details about the exact
exact protocol operations and datastore content a conforming server protocol operations and datastore content a conforming server
implementation will support. implementation will support.
RESTCONF provides the YANG module capability information supported by RESTCONF provides the YANG module capability information supported by
the server, in case the client wants to use it. The URIs for custom the server, in case the client wants to use it. The URIs for custom
protocol operations and datastore content are predictable, based on protocol operations and datastore content are predictable, based on
the YANG module definitions. the YANG module definitions.
Operational experience with CLI and SNMP indicates that operators Operational experience with CLI and SNMP indicates that operators
learn the 'location' of specific service or device related data and learn the 'location' of specific service or device related data and
do not expect such information to be arbitrary and discovered each do not expect such information to be arbitrary and discovered each
time the client opens a management session to a server. time the client opens a management session to a server.
The RESTCONF protocol operates on a conceptual datastore defined with The RESTCONF protocol operates on a conceptual datastore defined with
the YANG data modeling language. The server lists each YANG module the YANG data modeling language. The server lists each YANG module
it supports under "/modules" defined in the "ietf-yang-library" YANG it supports using the "ietf-yang-library" YANG module, defined in
module. [I-D.ietf-netconf-yang-library].
The conceptual datastore contents, data-model-specific operations and The conceptual datastore contents, data-model-specific operations and
notification events are identified by this set of YANG module notification events are identified by this set of YANG modules. All
resources. All RESTCONF content identified as either a data RESTCONF content identified as either a data resource, operation
resource, operation resource, or event stream resource is defined resource, or event stream resource is defined with the YANG language.
with the YANG language.
The classification of data as configuration or non-configuration is The classification of data as configuration or non-configuration is
derived from the YANG "config" statement. Data ordering behavior is derived from the YANG "config" statement. Data ordering behavior is
derived from the YANG "ordered-by" statement. derived from the YANG "ordered-by" statement.
The RESTCONF datastore editing model is simple and direct, similar to The RESTCONF datastore editing model is simple and direct, similar to
the behavior of the ":writable-running" capability in NETCONF. Each the behavior of the ":writable-running" capability in NETCONF. Each
RESTCONF edit of a datastore resource is activated upon successful RESTCONF edit of a datastore resource is activated upon successful
completion of the transaction. completion of the transaction.
1.4. Terminology 1.3. Terminology
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14, [RFC2119]. 14, [RFC2119].
1.4.1. NETCONF 1.3.1. NETCONF
The following terms are defined in [RFC6241]: The following terms are defined in [RFC6241]:
o candidate configuration datastore o candidate configuration datastore
o client o client
o configuration data
o configuration data
o datastore o datastore
o configuration datastore o configuration datastore
o protocol operation o protocol operation
o running configuration datastore o running configuration datastore
o server o server
o startup configuration datastore o startup configuration datastore
o state data o state data
o user o user
1.4.2. HTTP 1.3.2. HTTP
The following terms are defined in [RFC2616]:
o entity tag The following terms are defined in [RFC3986]:
o fragment o fragment
o header line o path
o message body o query
o method The following terms are defined in [RFC7230]:
o path o header
o query o message-body
o request o request-line
o request URI o request URI
o response body o status-line
The following terms are defined in [RFC7231]:
o method
o request
o resource o resource
1.4.3. YANG The following terms are defined in [RFC7232]:
o entity tag
1.3.3. YANG
The following terms are defined in [RFC6020]: The following terms are defined in [RFC6020]:
o container o container
o data node o data node
o key leaf o key leaf
o leaf o leaf
skipping to change at page 9, line 31 skipping to change at page 9, line 33
o presence container (or P-container) o presence container (or P-container)
o RPC operation (now called protocol operation) o RPC operation (now called protocol operation)
o non-presence container (or NP-container) o non-presence container (or NP-container)
o ordered-by system o ordered-by system
o ordered-by user o ordered-by user
1.4.4. Terms 1.3.4. Terms
The following terms are used within this document: The following terms are used within this document:
o API resource: a resource with the media type "application/ o API resource: a resource with the media type "application/
yang.api+xml" or "application/yang.api+json". API resources can yang.api+xml" or "application/yang.api+json".
only be edited by the server.
o collection resource: a resource with the media type "application/
yang.collection+xml" or "application/yang.collection+json".
Contains a set of data resources.
o data resource: a resource with the media type "application/ o data resource: a resource with the media type "application/
yang.data+xml" or "application/yang.data+json". Containers, yang.data+xml" or "application/yang.data+json". Containers,
leafs, list entries and anyxml nodes can be data resources. leafs, list entries and anyxml nodes can be data resources.
o datastore resource: a resource with the media type "application/ o datastore resource: a resource with the media type "application/
yang.datastore+xml" or "application/yang.datastore+json". yang.datastore+xml" or "application/yang.datastore+json".
Represents a configuration datastore. Represents a datastore.
o edit operation: a RESTCONF operation on a data resource using the o edit operation: a RESTCONF operation on a data resource using
POST, PUT, PATCH, or DELETE method. either a POST, PUT, PATCH, or DELETE method.
o event stream resource: This resource represents an SSE (Server- o event stream resource: This resource represents an SSE (Server-
Sent Events) event stream. The content consists of text using the Sent Events) event stream. The content consists of text using the
media type "text/event-stream", as defined by the HTML5 media type "text/event-stream", as defined by the HTML5
specification. Each event represents one <notification> message specification. Each event represents one <notification> message
generated by the server. It contains a conceptual system or data- generated by the server. It contains a conceptual system or data-
model specific event that is delivered within a notification event model specific event that is delivered within a notification event
stream. Also called a "stream resource". stream. Also called a "stream resource".
o media-type: HTTP uses Internet media types [RFC2046] in the
Content-Type and Accept header fields in order to provide open and
extensible data typing and type negotiation.
o operation: the conceptual RESTCONF operation for a message, o operation: the conceptual RESTCONF operation for a message,
derived from the HTTP method, request URI, headers, and message derived from the HTTP method, request URI, headers, and message-
body. body.
o operation resource: a resource with the media type "application/ o operation resource: a resource with the media type "application/
yang.operation+xml" or "application/yang.operation+json". yang.operation+xml" or "application/yang.operation+json".
o patch: a generic PATCH request on the target datastore or data o patch: a generic PATCH request on the target datastore or data
resource. The media type of the message body content will resource. The media type of the message-body content will
identify the patch type in use. identify the patch type in use.
o plain patch: a PATCH request where the media type is "application/ o plain patch: a specific PATCH request type that can be used for
yang.data+xml" or "application/yang.data+json". simple merge operations.
o query parameter: a parameter (and its value if any), encoded o query parameter: a parameter (and its value if any), encoded
within the query component of the request URI. within the query component of the request URI.
o RESTCONF capability: An optional RESTCONF protocol feature
supported by the server, which is identified by an IANA registered
NETCONF Capability URI, and advertised with an entry in the
"capability" leaf-list in Section 9.3.
o retrieval request: a request using the GET or HEAD methods. o retrieval request: a request using the GET or HEAD methods.
o target resource: the resource that is associated with a particular o target resource: the resource that is associated with a particular
message, identified by the "path" component of the request URI. message, identified by the "path" component of the request URI.
o unified datastore: A conceptual representation of the device o unified datastore: A conceptual representation of the device
running configuration. The server will hide all NETCONF datastore running configuration. The server will hide all NETCONF datastore
details for edit operations, such as the ":candidate" and details for edit operations, such as the ":candidate" and
":startup" capabilities. ":startup" capabilities.
skipping to change at page 11, line 5 skipping to change at page 11, line 10
the client with the GET method. the client with the GET method.
o stream list: the set of data resource instances that describe the o stream list: the set of data resource instances that describe the
event stream resources available from the server. This event stream resources available from the server. This
information is defined in the "ietf-restconf-monitoring" module as information is defined in the "ietf-restconf-monitoring" module as
the "stream" list. It can be retrieved using the target resource the "stream" list. It can be retrieved using the target resource
"{+restconf}/data/ietf-restconf-monitoring:restconf-state/streams/ "{+restconf}/data/ietf-restconf-monitoring:restconf-state/streams/
stream". The stream list contains information about each stream, stream". The stream list contains information about each stream,
such as the URL to retrieve the event stream data. such as the URL to retrieve the event stream data.
1.4.5. URI Template 1.3.5. URI Template
Throughout this document, the URI template [RFC6570] syntax Throughout this document, the URI template [RFC6570] syntax
"{+restconf}" is used to refer to the RESTCONF API entry point "{+restconf}" is used to refer to the RESTCONF API entry point
outside of an example. See @path-resolution@ for details. outside of an example. See Section 3.1 for details.
All of the examples in this document assume "/restconf" as the For simplicity, all of the examples in this document assume
discovered RESTCONF API root path. "/restconf" as the discovered RESTCONF API root path.
1.4.6. Tree Diagrams 1.3.6. Tree Diagrams
A simplified graphical representation of the data model is used in A simplified graphical representation of the data model is used in
this document. The meaning of the symbols in these diagrams is as this document. The meaning of the symbols in these diagrams is as
follows: follows:
o Brackets "[" and "]" enclose list keys. o Brackets "[" and "]" enclose list keys.
o Abbreviations before data node names: "rw" means configuration o Abbreviations before data node names: "rw" means configuration
data (read-write) and "ro" state data (read-only). data (read-write) and "ro" state data (read-only).
o Symbols after data node names: "?" means an optional node, "!" o Symbols after data node names: "?" means an optional node, "!"
means a presence container, and "*" denotes a list and leaf-list. means a presence container, and "*" denotes a list and leaf-list.
o Parentheses enclose choice and case nodes, and case nodes are also o Parentheses enclose choice and case nodes, and case nodes are also
marked with a colon (":"). marked with a colon (":").
o Ellipsis ("...") stands for contents of subtrees that are not o Ellipsis ("...") stands for contents of subtrees that are not
shown. shown.
2. Resources 2. Transport Protocol Requirements
2.1. Integrity and Confidentiality
HTTP [RFC7230] is an application layer protocol that may be layered
on any reliable transport-layer protocol. RESTCONF is defined on top
of HTTP, but due to the sensitive nature of the information conveyed,
RESTCONF requires that the transport-layer protocol provides both
data integrity and confidentiality, such as are provided by the TLS
protocol [RFC5246].
2.2. HTTPS with X.509v3 Certificates
Given the nearly ubiquitous support for HTTP over TLS [RFC7230],
RESTCONF implementations MUST support the "https" URI scheme, which
has the IANA assigned default port 443. Consistent with the
exclusive use of X.509v3 certificates for NETCONF over TLS
[draft-ietf-netconf-rfc5539bis-07], use of certificates in RESTCONF
is also limited to X.509v3 certificates.
2.3. Certificate Validation
When presented an X.509 certificate, the RESTCONF peer MUST use X.509
certificate path validation [RFC5280] to verify the integrity of the
certificate. The presented X.509 certificate MAY also be considered
valid if it matches a locally configured certificate fingerprint. If
X.509 certificate path validation fails and the presented X.509
certificate does not match a locally configured certificate
fingerprint, the connection MUST be terminated as defined in
[RFC5246].
2.4. Authenticated Server Identity
The RESTCONF client MUST carefully examine the certificate presented
by the RESTCONF server to determine if it meets the client's
expectations. If the RESTCONF client has external information as to
the expected identity of the RESTCONF server, the hostname check MAY
be omitted. Otherwise, the RESTCONF client MUST check its
understanding of the RESTCONF server hostname against the server's
identity as presented in the server certificate message. Matching is
performed according to the rules and guidelines defined in [RFC6125].
If the match fails, the RESTCONF client MUST either ask for explicit
user confirmation or terminate the connection with an indication that
the RESTCONF server's identity is suspect.
2.5. Authenticated Client Identity
The RESTCONF server MUST authenticate the client access to any
protected resource using HTTP Authentication [RFC7235]. If the
RESTCONF client is not authenticated to access a resource, the server
MUST send a response with status code 401 (Unauthorized) and a WWW-
Authenticate header field containing at least one challenge
applicable to the target resource. The RESTCONF server MAY advertise
support for any number of authentication schemes but, in order to
ensure interoperability, the RESTCONF server MUST advertise at least
one of the following authentication schemes:
o Basic [draft-ietf-httpauth-basicauth-update-03]
o Digest [draft-ietf-httpauth-digest-09]
o ClientCertificate [draft-thomson-httpbis-cant-01]
These authentication schemes are selected due to their similarity to
authentication schemes supported by NETCONF. In particular, the
Basic and Digest authentication schemes both directly provide an
identity and verification of a shared secret, much like NETCONF over
SSH, when using the SSH "password" authentication method [RFC4252].
Similarly, the ClientCertificate authentication scheme is much like
NETCONF over TLS's use of X.509 client-certificates. When using the
ClientCertificate authentication scheme, the RESTCONF server MUST
verify the identity of the RESTCONF client using the algorithm
defined in section 7 of [draft-ietf-netconf-rfc5539bis-07].
The RESTCONF client identity determined from any HTTP authentication
scheme is hereafter known as the "RESTCONF username" and subject to
the NETCONF Access Control Module (NACM) [RFC6536].
3. Resources
The RESTCONF protocol operates on a hierarchy of resources, starting The RESTCONF protocol operates on a hierarchy of resources, starting
with the top-level API resource itself. Each resource represents a with the top-level API resource itself (Section 3.1). Each resource
manageable component within the device. represents a manageable component within the device.
A resource can be considered a collection of conceptual data and the A resource can be considered a collection of conceptual data and the
set of allowed methods on that data. It can contain nested child set of allowed methods on that data. It can contain nested child
resources. The child resource types and methods allowed on them are resources. The child resource types and methods allowed on them are
data-model specific. data-model specific.
A resource has its own media type identifier, represented by the A resource has its own media type identifier, represented by the
"Content-Type" header in the HTTP response message. A resource can "Content-Type" header in the HTTP response message. A resource can
contain zero or more nested resources. A resource can be created and contain zero or more nested resources. A resource can be created and
deleted independently of its parent resource, as long as the parent deleted independently of its parent resource, as long as the parent
resource exists. resource exists.
All RESTCONF resources are defined in this document except datastore All RESTCONF resources are defined in this document except specific
contents, protocol operations, and notification events. The syntax datastore contents, protocol operations, and notification events.
and semantics for these resource types are defined in YANG modules. The syntax and semantics for these resource types are defined in YANG
modules.
The RESTCONF resources are accessed via a set of URIs defined in this The RESTCONF resources are accessed via a set of URIs defined in this
document. The set of YANG modules supported by the server will document. The set of YANG modules supported by the server will
determine the data model specific operations, top-level data node determine the data model specific operations, top-level data node
resources, and notification event messages supported by the server. resources, and notification event messages supported by the server.
The resources used in the RESTCONF protocol are identified by the The RESTCONF protocol does not include a resource discovery
"path" component in the request URI. Each operation is performed on mechanism. Instead, the definitions within the YANG modules
a target resource. advertised by the server are used to construct a predictable
operation or data resource identifier.
2.1. RESTCONF Resource Types 3.1. Root Resource Discovery
The RESTCONF protocol defines a set of application specific media In line with the best practices defined by [RFC7320], RESTCONF
types to identify each of the available resource types. The enables deployments to specify where the RESTCONF API is located.
following resource types are defined in RESTCONF: When first connecting to a RESTCONF server, a RESTCONF client MUST
determine the root of the RESTCONF API. The client discovers this by
getting the "/.well-known/host-meta" resource ([RFC6415]) and using
the <Link> element containing the "restconf" attribute :
+------------+-----------------------------+ Request
| Resource | Media Type | -------
+------------+-----------------------------+ GET /.well-known/host-meta users HTTP/1.1
| API | application/yang.api | Host: example.com
| Collection | application/yang.collection | Accept: application/xrd+xml
| Datastore | application/yang.datastore |
| Data | application/yang.data |
| Errors | application/yang.errors |
| Operation | application/yang.operation |
| Schema | application/yang |
+------------+-----------------------------+
RESTCONF Media Types Response
--------
HTTP/1.1 200 OK
Content-Type: application/xrd+xml
Content-Length: nnn
2.2. Resource Discovery <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'>
<Link rel='restconf' href='/restconf'/>
</XRD>
A client SHOULD start by retrieving the top-level API resource, using Once discovering the RESTCONF API root, the client MUST prepend it to
the entry point URI defined in Section 4.2. any subsequent request to a RESTCONF resource. For instance, using
the "/restconf" path discovered above, the client can now determine
the operations supported by the the server; e.g. in this example a
custom "play" operation is supported:
The RESTCONF protocol does not include a resource discovery Request
mechanism. Instead, the definitions within the YANG modules -------
advertised by the server are used to construct a predictable GET /restconf/operations HTTP/1.1
operation or data resource identifier. Host: example.com
Accept: application/yang.api+json
The "depth" query parameter (see Section 3.8.3) can be used to Response
control how many descendant levels should be included when retrieving --------
child resources. This parameter can be used with the GET method to HTTP/1.1 200 OK
discover child resources within a particular resource. Date: Mon, 23 Apr 2012 17:01:00 GMT
Server: example-server
Cache-Control: no-cache
Pragma: no-cache
Last-Modified: Sun, 22 Apr 2012 01:00:14 GMT
Content-Type: application/yang.api+json
2.3. API Resource { "operations" : { "play" : [ null ] } }
3.2. RESTCONF Resource Types
The RESTCONF protocol defines a set of application specific media
types to identify each of the available resource types. The
following resource types are defined in RESTCONF:
+-----------+---------------------------------+
| Resource | Media Type |
+-----------+---------------------------------+
| API | application/yang.api+xml |
| | application/yang.api+json |
| Datastore | application/yang.datastore+xml |
| | application/yang.datastore+json |
| Data | application/yang.data+xml |
| | application/yang.data+json |
| Errors | application/yang.errors+xml |
| | application/yang.errors+json |
| Operation | application/yang.operation+xml |
| | application/yang.operation+json |
| Schema | application/yang |
+-----------+---------------------------------+
RESTCONF Media Types
3.3. API Resource
The API resource contains the state and access points for the The API resource contains the state and access points for the
RESTCONF features. It is the top-level resource and has the media RESTCONF features. It is the top-level resource located at
type "application/yang.api+xml" or "application/yang.api+json". {+restconf} and has the media type "application/yang.api+xml" or
"application/yang.api+json".
YANG Tree Diagram for "application/yang.api" Resource Type: YANG Tree Diagram for an API Resource:
+--rw restconf +--rw restconf
+--rw data +--rw data
+--rw operations +--rw operations
The "restconf" grouping definition in the "ietf-restconf" module The "application/yang.api" restconf-media-type extension in the
defined in Section 7 is used to specify the structure and syntax of "ietf-restconf" module defined in Section 8 is used to specify the
the conceptual child resources within the API resource. structure and syntax of the conceptual child resources within the API
resource.
This resource has the following child resources: This resource has the following child resources:
+----------------+--------------------------------+ +----------------+--------------------------------+
| Child Resource | Description | | Child Resource | Description |
+----------------+--------------------------------+ +----------------+--------------------------------+
| data | Contains all data resources | | data | Contains all data resources |
| operations | Data-model specific operations | | operations | Data-model specific operations |
+----------------+--------------------------------+ +----------------+--------------------------------+
RESTCONF API Resource RESTCONF API Resource
2.3.1. {+restconf}/data 3.3.1. {+restconf}/data
This mandatory resource represents the combined configuration and This mandatory resource represents the combined configuration and
operational data resources that can be accessed by a client. It operational data resources that can be accessed by a client. It
cannot be created or deleted by the client. The datastore resource cannot be created or deleted by the client. The datastore resource
type is defined in Section 2.4. type is defined in Section 3.4.
Example: Example:
This example request by the client would retrieve only the non- This example request by the client would retrieve only the non-
configuration data nodes that exist within the "library" resource, configuration data nodes that exist within the "library" resource,
using the "content" query parameter (see Section 3.8.2). using the "content" query parameter (see Section 4.8.3).
GET /restconf/data/example-jukebox:jukebox/library GET /restconf/data/example-jukebox:jukebox/library
?content=nonconfig HTTP/1.1 ?content=nonconfig HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond: The server might respond:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:01:30 GMT Date: Mon, 23 Apr 2012 17:01:30 GMT
Server: example-server Server: example-server
Cache-Control: no-cache Cache-Control: no-cache
Pragma: no-cache Pragma: no-cache
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
{ {
"example-jukebox:library" : { "example-jukebox:library" : {
"artist-count" : 42, "artist-count" : 42,
"album-count" : 59, "album-count" : 59,
"song-count" : 374 "song-count" : 374
} }
} }
2.3.2. {+restconf}/operations 3.3.2. {+restconf}/operations
This optional resource is a container that provides access to the This optional resource is a container that provides access to the
data-model specific protocol operations supported by the server. The data-model specific protocol operations supported by the server. The
server MAY omit this resource if no data-model specific operations server MAY omit this resource if no data-model specific operations
are advertised. are advertised.
Any data-model specific operations defined in the YANG modules Any data-model specific operations defined in the YANG modules
advertised by the server MAY be available as child nodes of this advertised by the server MAY be available as child nodes of this
resource. resource.
Operation resources are defined in Section 2.7. Operation resources are defined in Section 3.6.
2.4. Datastore Resource 3.4. Datastore Resource
The "{+restconf}/data" subtree represents the datastore resource The "{+restconf}/data" subtree represents the datastore resource
type, which is a collection of configuration and operational data type, which is a collection of configuration and operational data
nodes. nodes.
A "unified datastore" interface is used to simplify resource editing A "unified datastore" interface is used to simplify resource editing
for the client. The RESTCONF unified datastore is a conceptual for the client. The RESTCONF unified datastore is a conceptual
interface to the native configuration datastores that are present on interface to the native configuration datastores that are present on
the device. the device.
skipping to change at page 15, line 12 skipping to change at page 18, line 12
persistence are handled by the server and not controlled by the persistence are handled by the server and not controlled by the
client. client.
A datastore resource can only be written directly with the PATCH A datastore resource can only be written directly with the PATCH
method. Only the configuration data resources within the datastore method. Only the configuration data resources within the datastore
resource can be edited directly with all methods. resource can be edited directly with all methods.
Each RESTCONF edit of a datastore resource is saved to non-volatile Each RESTCONF edit of a datastore resource is saved to non-volatile
storage in an implementation-specific matter by the server. There is storage in an implementation-specific matter by the server. There is
no guarantee that configuration changes are saved immediately, or no guarantee that configuration changes are saved immediately, or
that the saved configuration is always a mirror of the running that the saved configuration is always a mirror of the NETCONF
configuration. running datastore, if the server also supports NETCONF.
2.4.1. Edit Collision Detection 3.4.1. Edit Collision Detection
Two "edit collision detection" mechanisms are provided in RESTCONF, Two "edit collision detection" mechanisms are provided in RESTCONF,
for datastore and data resources. for datastore and data resources.
2.4.1.1. Timestamp 3.4.1.1. Timestamp
The last change time is maintained and the "Last-Modified" and "Date" The last change time is maintained and the "Last-Modified"
headers are returned in the response for a retrieval request. The ([RFC7232], section 2.2) header is returned in the response for a
"If-Unmodified-Since" header can be used in edit operation requests retrieval request. The "If-Unmodified-Since" header can be used in
to cause the server to reject the request if the resource has been edit operation requests to cause the server to reject the request if
modified since the specified timestamp. the resource has been modified since the specified timestamp.
The server MUST maintain a last-modified timestamp for this resource, The server MUST maintain a last-modified timestamp for the top-level
and return the "Last-Modified" header when this resource is retrieved {+restconf}/data resource and SHOULD maintain last-modified
with the GET or HEAD methods. Only changes to configuration data timestamps for descendant resources. For all resources, the server
resources within the datastore affect this timestamp. MUST return the "Last-Modified" header when the resource is retrieved
with the GET or HEAD methods. If the server does not maintain a
timestamp for a resource, it MUST return the timestamp of the
resource's ancestor, a process that may recurse up to the top-level
{+restconf}/data resource. Only changes to configuration data
resources within the datastore affect the timestamp.
2.4.1.2. Entity tag 3.4.1.2. Entity tag
A unique opaque string is maintained and the "ETag" header is A unique opaque string is maintained and the "ETag" ([RFC7232],
returned in the response for a retrieval request. The "If-Match" section 2.3) header is returned in the response for a retrieval
header can be used in edit operation requests to cause the server to request. The "If-Match" header can be used in edit operation
reject the request if the resource entity tag does not match the requests to cause the server to reject the request if the resource
specified value. entity tag does not match the specified value.
The server MUST maintain a resource entity tag for this resource, and The server MUST maintain an entity tag for the top-level
return the "ETag" header when this resource is retrieved with the GET {+restconf}/data resource and SHOULD maintain entity tags for
or HEAD methods. The resource entity tag MUST be changed to a new descendant resources. For all resources, the server MUST return the
previously unused value if changes to any configuration data "ETag" header when the resource is retrieved with the GET or HEAD
resources within the datastore are made. methods. If the server does not maintain an entity tag for a
resource, it MUST return the entity tag of the resource's ancestor, a
process that may recurse up to the top-level {+restconf}/data
resource. Only changes to configuration data resources within the
datastore affect the entity tag.
2.5. Data Resource 3.5. Data Resource
A data resource represents a YANG data node that is a descendant node A data resource represents a YANG data node that is a descendant node
of a datastore resource. Containers, leafs, list entries and anyxml of a datastore resource. Each YANG-defined data node can be uniquely
nodes are data resources. targeted by the request-line of an HTTP operation. Containers,
leafs, list entries and anyxml nodes are data resources.
The representation maintained for each data resource is the YANG
defined subtree for that node. HTTP operations on a data resource
affect both the targeted data node and all its descendants, if any.
For configuration data resources, the server MAY maintain a last- For configuration data resources, the server MAY maintain a last-
modified timestamp for the resource, and return the "Last-Modified" modified timestamp for the resource, and return the "Last-Modified"
header when it is retrieved with the GET or HEAD methods. If header when it is retrieved with the GET or HEAD methods. If
maintained, the resource timestamp MUST be set to the current time maintained, the resource timestamp MUST be set to the current time
whenever the resource or any configuration resource within the whenever the resource or any configuration resource within the
resource is altered. resource is altered.
For configuration data resources, the server MAY maintain a resource For configuration data resources, the server MAY maintain a resource
entity tag for the resource, and return the "ETag" header when it is entity tag for the resource, and return the "ETag" header when it is
skipping to change at page 16, line 25 skipping to change at page 19, line 38
maintained, the resource entity tag MUST be updated whenever the maintained, the resource entity tag MUST be updated whenever the
resource or any configuration resource within the resource is resource or any configuration resource within the resource is
altered. altered.
A data resource can be retrieved with the GET method. Data resources A data resource can be retrieved with the GET method. Data resources
are accessed via the "{+restconf}/data" entry point. This sub-tree are accessed via the "{+restconf}/data" entry point. This sub-tree
is used to retrieve and edit data resources. is used to retrieve and edit data resources.
A configuration data resource can be altered by the client with some A configuration data resource can be altered by the client with some
or all of the edit operations, depending on the target resource and or all of the edit operations, depending on the target resource and
the specific operation. Refer to Section 3 for more details on edit the specific operation. Refer to Section 4 for more details on edit
operations. operations.
The resource definition version for a data resource is identified by The resource definition version for a data resource is identified by
the revision date of the YANG module containing the YANG definition the revision date of the YANG module containing the YANG definition
for the data resource, specified in the "{+restconf}/modules" sub- for the data resource.
tree.
2.5.1. Encoding YANG Instance Identifiers in the Request URI 3.5.1. Encoding Data Resource Identifiers in the Request URI
In YANG, data nodes are named with an absolute XPath expression, In YANG, data nodes are named with an absolute XPath expression,
defined in [XPath] , starting from the document root to the target defined in [XPath], starting from the document root to the target
resource. In RESTCONF, URL encoded Location header expressions are resource. In RESTCONF, URL encoded path expressions are used
used instead. instead.
The YANG "instance-identifier" (i-i) data type is represented in
RESTCONF with the path expression format defined in this section.
+-------+-------------------------------------------+
| Name | Comments |
+-------+-------------------------------------------+
| point | Insertion point is always a full i-i |
| path | Request URI path is a full or partial i-i |
+-------+-------------------------------------------+
RESTCONF instance-identifier Type Conversion
The "path" component of the request URI contains the absolute path
expression that identifies the target resource.
A predictable location for a data resource is important, since A predictable location for a data resource is important, since
applications will code to the YANG data model module, which uses applications will code to the YANG data model module, which uses
static naming and defines an absolute path location for all data static naming and defines an absolute path location for all data
nodes. nodes.
A RESTCONF data resource identifier is not an XPath expression. It A RESTCONF data resource identifier is not an XPath expression. It
is encoded from left to right, starting with the top-level data node, is encoded from left to right, starting with the top-level data node,
according to the "api-path" rule in Section 2.5.1.1. The node name according to the "api-path" rule in Section 3.5.1.1. The node name
of each ancestor of the target resource node is encoded in order, of each ancestor of the target resource node is encoded in order,
ending with the node name for the target resource. ending with the node name for the target resource.
If a data node in the path expression is a YANG list node, then the If a data node in the path expression is a YANG list node, then the
key values for the list (if any) MUST be encoded according to the key values for the list (if any) MUST be encoded according to the
following rules. following rules.
o The key leaf values for a data resource representing a YANG list o The key leaf values for a data resource representing a YANG list
MUST be encoded using one path segment [RFC3986]. MUST be encoded using one path segment [RFC3986].
skipping to change at page 17, line 42 skipping to change at page 20, line 39
specified in the YANG "key" statement, with a comma separating specified in the YANG "key" statement, with a comma separating
them. them.
o All the components in the "key" statement MUST be encoded. o All the components in the "key" statement MUST be encoded.
Partial instance identifiers are not supported. Partial instance identifiers are not supported.
o Quoted strings are supported in the key leaf values. Quoted o Quoted strings are supported in the key leaf values. Quoted
strings MUST be used to express empty strings. (example: strings MUST be used to express empty strings. (example:
list=foo,'',baz). list=foo,'',baz).
o The "list-instance" ABNF rule defined in Section 2.5.1.1 o The "list-instance" ABNF rule defined in Section 3.5.1.1
represents the syntax of a list instance identifier. represents the syntax of a list instance identifier.
o Resource URI values returned in Location headers for data o Resource URI values returned in Location headers for data
resources MUST identify the module name, even if there are no resources MUST identify the module name, even if there are no
conflicting local names when the resource is created. This conflicting local names when the resource is created. This
ensures the correct resource will be identified even if the server ensures the correct resource will be identified even if the server
loads a new module that the old client does not know about. loads a new module that the old client does not know about.
Examples: Examples:
container top { container top {
list list1 { list list1 {
key "key1 key2 key3"; key "key1 key2 key3";
...
list list2 {
key "key4 key5";
... ...
leaf X { type string; } list list2 {
key "key4 key5";
...
leaf X { type string; }
}
} }
} }
For the above YANG definition, URI with key leaf values will be For the above YANG definition, URI with key leaf values will be
encoded as follows (line wrapped for display purposes only): encoded as follows (line wrapped for display purposes only):
/restconf/data/example-top:top/list1=key1val,key2val,key3val3/ /restconf/data/example-top:top/list1=key1val,key2val,key3val3/
list2=key4val,key5val/X list2=key4val,key5val/X
2.5.1.1. ABNF For Data Resource Identifiers 3.5.1.1. ABNF For Data Resource Identifiers
The "api-path" ABNF syntax is used to construct RESTCONF path The "api-path" ABNF syntax is used to construct RESTCONF path
identifiers: identifiers:
api-path = "/" | api-path = "/" |
("/" api-identifier ("/" api-identifier
0*("/" (api-identifier | list-instance ))) 0*("/" (api-identifier | list-instance )))
api-identifier = [module-name ":"] identifier api-identifier = [module-name ":"] identifier ;; note 1
module-name = identifier module-name = identifier
list-instance = api-identifier "=" key-value ["," key-value]* list-instance = api-identifier "=" key-value ["," key-value]*
key-value = string key-value = string
string = <a quoted or unquoted or empty string> string = <a quoted or unquoted or empty string>
;; An identifier MUST NOT start with ;; An identifier MUST NOT start with
;; (('X'|'x') ('M'|'m') ('L'|'l')) ;; (('X'|'x') ('M'|'m') ('L'|'l'))
identifier = (ALPHA / "_") identifier = (ALPHA / "_")
*(ALPHA / DIGIT / "_" / "-" / ".") *(ALPHA / DIGIT / "_" / "-" / ".")
2.5.2. Defaults Handling Note 1: The syntax for "api-identifier" MUST conform to the JSON
identifier encoding rules in section 4 of
[I-D.ietf-netmod-yang-json].
NETCONF has a rather complex model for handling default values for 3.5.2. Defaults Handling
leafs. RESTCONF attempts to avoid this complexity by restricting the
operations that can be applied to a resource. Applications that RESTCONF requires that a server report its default handling mode (see
require full control of defaults might consider NETCONF instead of Section 4.8.2 for details). If the optional "with-defaults" query
RESTCONF. parameter is supported by the server, a client may use it to control
retrieval of default values (see Section 4.8.11 for details).
If the target of a GET method is a data node that represents a leaf If the target of a GET method is a data node that represents a leaf
that has a default value, and the leaf has not been given a value that has a default value, and the leaf has not been given a value
yet, the server MUST return the default value that is in use by the yet, the server MUST return the default value that is in use by the
server. server.
If the target of a GET method is a data node that represents a If the target of a GET method is a data node that represents a
container or list that has any child resources with default values, container or list that has any child resources with default values,
for the child resources that have not been given value yet, the for the child resources that have not been given value yet, the
server MAY return the default values that are in use by the server. server MAY return the default values that are in use by the server,
in accordance with its reported default handing mode and query
2.6. Collection Resource parameters passed by the client.
A collection resource contains a set of data resources. It is used
to represent a all instances or a subset of all instances in a YANG
list or leaf-list.
A collection resource can be retrieved with the GET method,
optionally with the query parameters "limit" (Section 3.8.7) and
"offset" (Section 3.8.8).
The "ietf-restconf" YANG module contains the "collection" grouping
which specifies the syntax of a collection resource.
2.7. Operation Resource 3.6. Operation Resource
An operation resource represents an protocol operation defined with An operation resource represents a protocol operation defined with
the YANG "rpc" statement. the YANG "rpc" statement.
All operation resources share the same module namespace as any top- All operation resources share the same module namespace as any top-
level data resources, so the name of an operation resource cannot level data resources, so the name of an operation resource cannot
conflict with the name of a top-level data resource defined within conflict with the name of a top-level data resource defined within
the same module. the same module.
If 2 different YANG modules define the same "rpc" identifier, then If 2 different YANG modules define the same "rpc" identifier, then
the module name MUST be used in the request URI. For example, if the module name MUST be used in the request URI. For example, if
"module-A" and "module-B" both defined a "reset" operation, then "module-A" and "module-B" both defined a "reset" operation, then
invoking the operation from "module-A" would be requested as follows: invoking the operation from "module-A" would be requested as follows:
POST /restconf/operations/module-A:reset HTTP/1.1 POST /restconf/operations/module-A:reset HTTP/1.1
Server example.com Server example.com
Any usage of an operation resource from the same module, with the Any usage of an operation resource from the same module, with the
same name, refers to the same "rpc" statement definition. This same name, refers to the same "rpc" statement definition. This
behavior can be used to design protocol operations that perform the behavior can be used to design protocol operations that perform the
same general function on different resource types. same general function on different resource types.
If the "rpc" statement has an "input" section, then a message body If the "rpc" statement has an "input" section, then a message-body
MAY be sent by the client in the request, otherwise the request MAY be sent by the client in the request, otherwise the request
message MUST NOT include a message body. If the "rpc" statement has message MUST NOT include a message-body. If the "rpc" statement has
an "output" section, then a message body MAY be sent by the server in an "output" section, then a message-body MAY be sent by the server in
the response. Otherwise the server MUST NOT include a message body the response, otherwise the response message MUST NOT include a
in the response message, and MUST send a "204 No Content" Status-Line message-body in the response message, and MUST send a "204 No
instead. Content" status-line instead.
2.7.1. Encoding Operation Input Parameters 3.6.1. Encoding Operation Input Parameters
If the "rpc" statement has an "input" section, then the "input" node If the "rpc" statement has an "input" section, then the "input" node
is provided in the message body, corresponding to the YANG data is provided in the message-body, corresponding to the YANG data
definition statements within the "input" section. definition statements within the "input" section.
Example: Example:
The following YANG definition is used for the examples in this The following YANG definition is used for the examples in this
section. section.
rpc reboot { rpc reboot {
input { input {
leaf delay { leaf delay {
skipping to change at page 21, line 5 skipping to change at page 24, line 5
"language" : "en-US" "language" : "en-US"
} }
} }
The server might respond: The server might respond:
HTTP/1.1 204 No Content HTTP/1.1 204 No Content
Date: Mon, 25 Apr 2012 11:01:00 GMT Date: Mon, 25 Apr 2012 11:01:00 GMT
Server: example-server Server: example-server
2.7.2. Encoding Operation Output Parameters 3.6.2. Encoding Operation Output Parameters
If the "rpc" statement has an "output" section, then the "output" If the "rpc" statement has an "output" section, then the "output"
node is provided in the message body, corresponding to the YANG data node is provided in the message-body, corresponding to the YANG data
definition statements within the "output" section. definition statements within the "output" section.
Example: Example:
The following YANG definition is used for the examples in this The following YANG definition is used for the examples in this
section. section.
rpc get-reboot-info { rpc get-reboot-info {
output { output {
leaf reboot-time { leaf reboot-time {
skipping to change at page 21, line 31 skipping to change at page 24, line 31
} }
leaf message { type string; } leaf message { type string; }
leaf language { type string; } leaf language { type string; }
} }
} }
The client might send the following POST request message: The client might send the following POST request message:
POST /restconf/operations/example-ops:get-reboot-info HTTP/1.1 POST /restconf/operations/example-ops:get-reboot-info HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.operation+json, Accept: application/yang.operation+json
application/yang.errors+json
The server might respond: The server might respond:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 25 Apr 2012 11:10:30 GMT Date: Mon, 25 Apr 2012 11:10:30 GMT
Server: example-server Server: example-server
Content-Type: application/yang.operation+json Content-Type: application/yang.operation+json
{ {
"example-ops:output" : { "example-ops:output" : {
"reboot-time" : 30, "reboot-time" : 30,
"message" : "Going down for system maintenance", "message" : "Going down for system maintenance",
"language" : "en-US" "language" : "en-US"
} }
} }
2.8. Schema Resource 3.7. Schema Resource
If the server supports the "schema" leaf within the API then the The server can optionally support retrieval of the YANG modules it
client can retrieve the YANG schema text for the associated YANG supports. To retrieve a YANG module, a client first needs to get the
module or submodule, using the GET method. First the client needs to URL for retrieving the schema.
retrieve the URL for retrieving the schema.
The client might send the following GET request message: The client might send the following GET request message:
GET /restconf/data/ietf-yang-library:modules/module= GET /restconf/data/ietf-yang-library:modules/module=
example-jukebox,2014-07-03/schema HTTP/1.1 example-jukebox,2014-07-03/schema HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond: The server might respond:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 25 Apr 2012 11:10:30 GMT Date: Mon, 25 Apr 2012 11:10:30 GMT
Server: example-server Server: example-server
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
{ {
"ietf-yang-library:schema": "ietf-yang-library:schema":
"http://example.com/mymodules/example-jukebox/2014-07-03" "https://example.com/mymodules/example-jukebox/2014-07-03"
} }
Next the client needs to retrieve the actual YANG schema. Next the client needs to retrieve the actual YANG schema.
The client might send the following GET request message: The client might send the following GET request message:
GET http://example.com/mymodules/example-jukebox/2014-07-03 GET https://example.com/mymodules/example-jukebox/2014-07-03
HTTP/1.1 HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang, application/yang.errors+json Accept: application/yang
The server might respond: The server might respond:
module example-jukebox { module example-jukebox {
namespace "http://example.com/ns/example-jukebox"; namespace "http://example.com/ns/example-jukebox";
prefix "jbox"; prefix "jbox";
// rest of YANG module content deleted... // rest of YANG module content deleted...
} }
2.9. Stream Resource 3.8. Event Stream Resource
A "stream" resource represents a source for system generated event An "event stream" resource represents a source for system generated
notifications. Each stream is created and modified by the server event notifications. Each stream is created and modified by the
only. A client can retrieve a stream resource or initiate a long- server only. A client can retrieve a stream resource or initiate a
poll server sent event stream, using the procedure specified in long-poll server sent event stream, using the procedure specified in
Section 5.3. Section 6.3.
A notification stream functions according to the NETCONF A notification stream functions according to the NETCONF
Notifications specification [RFC5277]. The available streams can be Notifications specification [RFC5277]. The available streams can be
retrieved from the stream list, which specifies the syntax and retrieved from the stream list, which specifies the syntax and
semantics of a stream resource. semantics of a stream resource.
2.10. Errors Resource 3.9. Errors Media Type
An "errors" resource is a collection of error information that is An "errors" media type is a collection of error information that is
sent as the message body in a server response message, if an error sent as the message-body in a server response message, if an error
occurs while processing a request message. occurs while processing a request message. It is not considered a
resource type because no instances can be retrieved with a GET
request.
The "ietf-restconf" YANG module contains the "errors" grouping which The "ietf-restconf" YANG module contains the "application/
specifies the syntax and semantics of an errors resource. RESTCONF yang.errors" restconf-media-type extension which specifies the syntax
error handling behavior is defined in Section 6. and semantics of an "errors" media type. RESTCONF error handling
behavior is defined in Section 7.
3. Operations 4. Operations
The RESTCONF protocol uses HTTP methods to identify the CRUD The RESTCONF protocol uses HTTP methods to identify the CRUD
operation requested for a particular resource. operation requested for a particular resource.
The following table shows how the RESTCONF operations relate to The following table shows how the RESTCONF operations relate to
NETCONF protocol operations: NETCONF protocol operations:
+----------+-------------------------------------+ +----------+-------------------------------------+
| RESTCONF | NETCONF | | RESTCONF | NETCONF |
+----------+-------------------------------------+ +----------+-------------------------------------+
skipping to change at page 24, line 4 skipping to change at page 26, line 44
| POST | <edit-config> (operation="create") | | POST | <edit-config> (operation="create") |
| PUT | <edit-config> (operation="replace") | | PUT | <edit-config> (operation="replace") |
| PATCH | <edit-config> (operation="merge") | | PATCH | <edit-config> (operation="merge") |
| DELETE | <edit-config> (operation="delete") | | DELETE | <edit-config> (operation="delete") |
+----------+-------------------------------------+ +----------+-------------------------------------+
Table 1: CRUD Methods in RESTCONF Table 1: CRUD Methods in RESTCONF
The NETCONF "remove" operation attribute is not supported by the HTTP The NETCONF "remove" operation attribute is not supported by the HTTP
DELETE method. The resource must exist or the DELETE method will DELETE method. The resource must exist or the DELETE method will
fail. The PATCH method is equivalent to a "merge" operation for a fail. The PATCH method is equivalent to a "merge" operation when
plain patch. using a plain patch (see Section 4.6.1), other media-types may
provide more granular control.
Access control mechanisms may be used to limit what operations can be Access control mechanisms may be used to limit what operations can be
used. In particular, RESTCONF is compatible with the NETCONF Access used. In particular, RESTCONF is compatible with the NETCONF Access
Control Model (NACM) [RFC6536], as there is a specific mapping Control Model (NACM) [RFC6536], as there is a specific mapping
between RESTCONF and NETCONF operations, defined in Table 1. The between RESTCONF and NETCONF operations, defined in Table 1. The
resource path needs to be converted internally by the server to the resource path needs to be converted internally by the server to the
corresponding YANG instance-identifier. Using this information, the corresponding YANG instance-identifier. Using this information, the
server can apply the NACM access control rules to RESTCONF messages. server can apply the NACM access control rules to RESTCONF messages.
The server MUST NOT allow any operation to any resources that the The server MUST NOT allow any operation to any resources that the
client is not authorized to access. client is not authorized to access.
Implementation of all methods (except PATCH) are defined in Implementation of all methods (except PATCH) are defined in
[RFC2616]. This section defines the RESTCONF protocol usage for each [RFC7231]. This section defines the RESTCONF protocol usage for each
HTTP method. HTTP method.
3.1. OPTIONS 4.1. OPTIONS
The OPTIONS method is sent by the client to discover which methods The OPTIONS method is sent by the client to discover which methods
are supported by the server for a specific resource. If supported, are supported by the server for a specific resource (e.g., GET, POST,
it SHOULD be implemented for all media types. DELETE, etc.).
The server SHOULD implement this method, however the same information The server SHOULD implement this method, however the same information
could be extracted from the YANG modules and the RESTCONF protocol could be extracted from the YANG modules and the RESTCONF protocol
specification. specification.
If the PATCH method is supported, then the "Accept-Patch" header MUST If the PATCH method is supported, then the "Accept-Patch" header MUST
be supported, as defined in [RFC5789]. be supported and returned in the response to the OPTIONS request, as
defined in [RFC5789].
3.2. HEAD 4.2. HEAD
The HEAD method is sent by the client to retrieve just the headers The HEAD method is sent by the client to retrieve just the headers
that would be returned for the comparable GET method, without the that would be returned for the comparable GET method, without the
response body. It is supported for all resource types, except response message-body. It is supported for all resource types,
operation resources. except operation resources.
The request MUST contain a request URI that contains at least the The request MUST contain a request URI that contains at least the
entry point component. The same query parameters supported by the entry point component. The same query parameters supported by the
GET method are supported by the HEAD method. GET method are supported by the HEAD method.
The access control behavior is enforced as if the method was GET The access control behavior is enforced as if the method was GET
instead of HEAD. The server MUST respond the same as if the method instead of HEAD. The server MUST respond the same as if the method
was GET instead of HEAD, except that no response body is included. was GET instead of HEAD, except that no response message-body is
included.
3.3. GET 4.3. GET
The GET method is sent by the client to retrieve data and meta-data The GET method is sent by the client to retrieve data and meta-data
for a resource. It is supported for all resource types, except for a resource. It is supported for all resource types, except
operation resources. The request MUST contain a request URI that operation resources. The request MUST contain a request URI that
contains at least the entry point component. contains at least the entry point component.
The server MUST NOT return any data resources for which the user does The server MUST NOT return any data resources for which the user does
not have read privileges. If the user is not authorized to read the not have read privileges. If the user is not authorized to read the
target resource, an error response containing a "403 Forbidden" or target resource, an error response containing a "403 Forbidden" or
"404 Not Found" Status-Line is returned to the client. "404 Not Found" status-line is returned to the client.
If the user is authorized to read some but not all of the target If the user is authorized to read some but not all of the target
resource, the unauthorized content is omitted from the response resource, the unauthorized content is omitted from the response
message body, and the authorized content is returned to the client. message-body, and the authorized content is returned to the client.
Example: Example:
The client might request the response headers for a JSON The client might request the response headers for a JSON
representation of the "library" resource: representation of the "library" resource:
GET /restconf/data/example-jukebox:jukebox/ GET /restconf/data/example-jukebox:jukebox/
library/artist=Foo%20Fighters/album HTTP/1.1 library/artist=Foo%20Fighters/album HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond: The server might respond:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:02:40 GMT Date: Mon, 23 Apr 2012 17:02:40 GMT
Server: example-server Server: example-server
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
Cache-Control: no-cache Cache-Control: no-cache
Pragma: no-cache Pragma: no-cache
ETag: a74eefc993a2b ETag: a74eefc993a2b
skipping to change at page 26, line 5 skipping to change at page 28, line 45
{ {
"example-jukebox:album" : [ "example-jukebox:album" : [
{ {
"name" : "Wasting Light", "name" : "Wasting Light",
"genre" : "example-jukebox:alternative", "genre" : "example-jukebox:alternative",
"year" : 2011 "year" : 2011
} }
] ]
} }
3.4. POST 4.4. POST
The POST method is sent by the client to create a data resource or The POST method is sent by the client to create a data resource or
invoke an operation resource. The server uses the target resource invoke an operation resource. The server uses the target resource
media type to determine how to process the request. media type to determine how to process the request.
+-----------+------------------------------------------------+ +-----------+------------------------------------------------+
| Type | Description | | Type | Description |
+-----------+------------------------------------------------+ +-----------+------------------------------------------------+
| Datastore | Create a top-level configuration data resource | | Datastore | Create a top-level configuration data resource |
| Data | Create a configuration data child resource | | Data | Create a configuration data child resource |
| Operation | Invoke a protocol operation | | Operation | Invoke a protocol operation |
+-----------+------------------------------------------------+ +-----------+------------------------------------------------+
Resource Types that Support POST Resource Types that Support POST
3.4.1. Create Resource Mode 4.4.1. Create Resource Mode
If the target resource type is a datastore or data resource, then the If the target resource type is a datastore or data resource, then the
POST is treated as a request to create a resource or child resource. POST is treated as a request to create a top-level resource or child
The message body is expected to contain the content of a child resource, respectively. The message-body is expected to contain the
resource to create within the parent (target resource). content of a child resource to create within the parent (target
resource). The data-model for the child tree is the subtree is
defined by YANG for the child resource.
The "insert" and "point" query parameters are supported by the POST The "insert" and "point" query parameters are supported by the POST
method for datastore and data resource types, as specified in the method for datastore and data resource types, as specified in the
YANG definition in Section 7. YANG definition in Section 8.
If the POST method succeeds, a "201 Created" Status-Line is returned If the POST method succeeds, a "201 Created" status-line is returned
and there is no response message body. A "Location" header and there is no response message-body. A "Location" header
identifying the child resource that was created MUST be present in identifying the child resource that was created MUST be present in
the response in this case. the response in this case.
If the user is not authorized to create the target resource, an error If the user is not authorized to create the target resource, an error
response containing a "403 Forbidden" or "404 Not Found" Status-Line response containing a "403 Forbidden" or "404 Not Found" status-line
is returned to the client. All other error responses are handled is returned to the client. All other error responses are handled
according to the procedures defined in Section 6. according to the procedures defined in Section 7.
Example: Example:
To create a new "jukebox" resource, the client might send: To create a new "jukebox" resource, the client might send:
POST /restconf/data HTTP/1.1 POST /restconf/data HTTP/1.1
Host: example.com Host: example.com
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
{ "example-jukebox:jukebox" : [null] } { "example-jukebox:jukebox" : [null] }
If the resource is created, the server might respond as follows: If the resource is created, the server might respond as follows:
HTTP/1.1 201 Created HTTP/1.1 201 Created
Date: Mon, 23 Apr 2012 17:01:00 GMT Date: Mon, 23 Apr 2012 17:01:00 GMT
Server: example-server Server: example-server
Location: http://example.com/restconf/data/example-jukebox:jukebox Location: https://example.com/restconf/data/example-jukebox:jukebox
Last-Modified: Mon, 23 Apr 2012 17:01:00 GMT Last-Modified: Mon, 23 Apr 2012 17:01:00 GMT
ETag: b3a3e673be2 ETag: b3a3e673be2
Refer to Appendix D.2.1 for more resource creation examples. Refer to Appendix D.2.1 for more resource creation examples.
3.4.2. Invoke Operation Mode 4.4.2. Invoke Operation Mode
If the target resource type is an operation resource, then the POST If the target resource type is an operation resource, then the POST
method is treated as a request to invoke that operation. The message method is treated as a request to invoke that operation. The
body (if any) is processed as the operation input parameters. Refer message-body (if any) is processed as the operation input parameters.
to Section 2.7 for details on operation resources. Refer to Section 3.6 for details on operation resources.
If the POST request succeeds, a "200 OK" Status-Line is returned if If the POST request succeeds, a "200 OK" status-line is returned if
there is a response message body, and a "204 No Content" Status-Line there is a response message-body, and a "204 No Content" status-line
is returned if there is no response message body. is returned if there is no response message-body.
If the user is not authorized to invoke the target operation, an If the user is not authorized to invoke the target operation, an
error response containing a "403 Forbidden" or "404 Not Found" error response containing a "403 Forbidden" or "404 Not Found"
Status-Line is returned to the client. All other error responses are status-line is returned to the client. All other error responses are
handled according to the procedures defined in Section 6. handled according to the procedures defined in Section 7.
Example: Example:
In this example, the client is invoking the "play" operation defined In this example, the client is invoking the "play" operation defined
in the "example-jukebox" YANG module. in the "example-jukebox" YANG module.
A client might send a "play" request as follows: A client might send a "play" request as follows:
POST /restconf/operations/example-jukebox:play HTTP/1.1 POST /restconf/operations/example-jukebox:play HTTP/1.1
Host: example.com Host: example.com
skipping to change at page 28, line 5 skipping to change at page 31, line 5
"song-number" : 2 "song-number" : 2
} }
} }
The server might respond: The server might respond:
HTTP/1.1 204 No Content HTTP/1.1 204 No Content
Date: Mon, 23 Apr 2012 17:50:00 GMT Date: Mon, 23 Apr 2012 17:50:00 GMT
Server: example-server Server: example-server
3.5. PUT 4.5. PUT
The PUT method is sent by the client to create or replace the target The PUT method is sent by the client to create or replace the target
resource. resource.
The only target resource media type that supports PUT is the data The only target resource media type that supports PUT is the data
resource. The message body is expected to contain the content used resource. The message-body is expected to contain the content used
to create or replace the target resource. to create or replace the target resource.
The "insert" (Section 3.8.5) and "point" (Section 3.8.6) query The "insert" (Section 4.8.6) and "point" (Section 4.8.7) query
parameters are supported by the PUT method for data resources. parameters are supported by the PUT method for data resources.
Consistent with [RFC2616], if the PUT request creates a new resource, Consistent with [RFC7231], if the PUT request creates a new resource,
a "201 Created" Status-Line is returned. If an existing resource is a "201 Created" status-line is returned. If an existing resource is
modified, either "200 OK" or "204 No Content" are returned. modified, either "200 OK" or "204 No Content" are returned.
If the user is not authorized to create or replace the target If the user is not authorized to create or replace the target
resource an error response containing a "403 Forbidden" or "404 Not resource an error response containing a "403 Forbidden" or "404 Not
Found" Status-Line is returned to the client. All other error Found" status-line is returned to the client. All other error
responses are handled according to the procedures defined in responses are handled according to the procedures defined in
Section 6. Section 7.
Example: Example:
An "album" child resource defined in the "example-jukebox" YANG An "album" child resource defined in the "example-jukebox" YANG
module is replaced or created if it does not already exist. module is replaced or created if it does not already exist.
To replace the "album" resource contents, the client might send as To replace the "album" resource contents, the client might send as
follows. Note that the request URI header line is wrapped for follows. Note that the request-line is wrapped for display purposes
display purposes only: only:
PUT /restconf/data/example-jukebox:jukebox/ PUT /restconf/data/example-jukebox:jukebox/
library/artist=Foo%20Fighters/album=Wasting%20Light HTTP/1.1 library/artist=Foo%20Fighters/album=Wasting%20Light HTTP/1.1
Host: example.com Host: example.com
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
{ {
"example-jukebox:album" : { "example-jukebox:album" : {
"name" : "Wasting Light", "name" : "Wasting Light",
"genre" : "example-jukebox:alternative", "genre" : "example-jukebox:alternative",
skipping to change at page 29, line 11 skipping to change at page 32, line 11
} }
If the resource is updated, the server might respond: If the resource is updated, the server might respond:
HTTP/1.1 204 No Content HTTP/1.1 204 No Content
Date: Mon, 23 Apr 2012 17:04:00 GMT Date: Mon, 23 Apr 2012 17:04:00 GMT
Server: example-server Server: example-server
Last-Modified: Mon, 23 Apr 2012 17:04:00 GMT Last-Modified: Mon, 23 Apr 2012 17:04:00 GMT
ETag: b27480aeda4c ETag: b27480aeda4c
3.6. PATCH 4.6. PATCH
RESTCONF uses the HTTP PATCH method defined in [RFC5789] to provide RESTCONF uses the HTTP PATCH method defined in [RFC5789] to provide
an extensible framework for resource patching mechanisms. It is an extensible framework for resource patching mechanisms. It is
optional to implement by the server. Each patch type needs a unique optional to implement by the server. Each patch type needs a unique
media type. Zero or more PATCH media types MAY be supported by the media type. Zero or more PATCH media types MAY be supported by the
server. server. The media types supported by a server can be discovered by
the client by sending an OPTIONS request (see Section 4.1).
A plain patch is used to create or update a child resource within the If the target resource instance does not exist, the server MUST NOT
target resource. If the target resource instance does not exist, the create it.
server MUST NOT create it.
If the PATCH request succeeds, a "200 OK" Status-Line is returned if If the PATCH request succeeds, a "200 OK" status-line is returned if
there is a message body, and "204 No Content" is returned if no there is a message-body, and "204 No Content" is returned if no
response message body is sent. response message-body is sent.
If the user is not authorized to alter the target resource an error If the user is not authorized to alter the target resource an error
response containing a "403 Forbidden" or "404 Not Found" Status-Line response containing a "403 Forbidden" or "404 Not Found" status-line
is returned to the client. All other error responses are handled is returned to the client. All other error responses are handled
according to the procedures defined in Section 6. according to the procedures defined in Section 7.
4.6.1. Plain Patch
The plain patch mechanism merges the contents of the message body
with the target resource. If the target resource is a datastore
resource (see Section 3.4), the message body MUST be either
application/yang.datastore+xml or application/yang.datastore+json.
If then the target resource is a data resource (see Section 3.5),
then the message body MUST be either application/yang.data+xml or
application/yang.data+json.
Plain patch can used to create or update, but not delete, a child
resource within the target resource. Please see
[I-D.ietf-netconf-yang-patch] for an alternate media-type supporting
more granular control.
Example: Example:
To replace just the "year" field in the "album" resource (instead of To replace just the "year" field in the "album" resource (instead of
replacing the entire resource with the PUT method), the client might replacing the entire resource with the PUT method), the client might
send a plain patch as follows. Note that the request URI header line send a plain patch as follows. Note that the request-line is wrapped
is wrapped for display purposes only: for display purposes only:
PATCH /restconf/data/example-jukebox:jukebox/ PATCH /restconf/data/example-jukebox:jukebox/
library/artist=Foo%20Fighters/album=Wasting%20Light HTTP/1.1 library/artist=Foo%20Fighters/album=Wasting%20Light HTTP/1.1
Host: example.com Host: example.com
If-Match: b8389233a4c
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
{ {
"example-jukebox:album" : { "example-jukebox:album" : {
"genre" : "example-jukebox:rock",
"year" : 2011 "year" : 2011
} }
} }
If the field is updated, the server might respond: If the field is updated, the server might respond:
HTTP/1.1 204 No Content HTTP/1.1 204 No Content
Date: Mon, 23 Apr 2012 17:49:30 GMT Date: Mon, 23 Apr 2012 17:49:30 GMT
Server: example-server Server: example-server
Last-Modified: Mon, 23 Apr 2012 17:49:30 GMT Last-Modified: Mon, 23 Apr 2012 17:49:30 GMT
skipping to change at page 30, line 20 skipping to change at page 33, line 34
The XML encoding for the same request might be: The XML encoding for the same request might be:
PATCH /restconf/data/example-jukebox:jukebox/ PATCH /restconf/data/example-jukebox:jukebox/
library/artist=Foo%20Fighters/album=Wasting%20Light HTTP/1.1 library/artist=Foo%20Fighters/album=Wasting%20Light HTTP/1.1
Host: example.com Host: example.com
If-Match: b8389233a4c If-Match: b8389233a4c
Content-Type: application/yang.data+xml Content-Type: application/yang.data+xml
<album xmlns="http://example.com/ns/example-jukebox"> <album xmlns="http://example.com/ns/example-jukebox">
<genre>example-jukebox:rock</genre>
<year>2011</year> <year>2011</year>
</album> </album>
3.7. DELETE 4.7. DELETE
The DELETE method is used to delete the target resource. If the The DELETE method is used to delete the target resource. If the
DELETE request succeeds, a "204 No Content" Status-Line is returned, DELETE request succeeds, a "204 No Content" status-line is returned,
and there is no response message body. and there is no response message-body.
If the user is not authorized to delete the target resource then an If the user is not authorized to delete the target resource then an
error response containing a "403 Forbidden" or "404 Not Found" error response containing a "403 Forbidden" or "404 Not Found"
Status-Line is returned to the client. All other error responses are status-line is returned to the client. All other error responses are
handled according to the procedures defined in Section 6. handled according to the procedures defined in Section 7.
Example: Example:
To delete a resource such as the "album" resource, the client might To delete a resource such as the "album" resource, the client might
send: send:
DELETE /restconf/data/example-jukebox:jukebox/ DELETE /restconf/data/example-jukebox:jukebox/
library/artist=Foo%20Fighters/album=Wasting%20Light HTTP/1.1 library/artist=Foo%20Fighters/album=Wasting%20Light HTTP/1.1
Host: example.com Host: example.com
If the resource is deleted, the server might respond: If the resource is deleted, the server might respond:
HTTP/1.1 204 No Content HTTP/1.1 204 No Content
Date: Mon, 23 Apr 2012 17:49:40 GMT Date: Mon, 23 Apr 2012 17:49:40 GMT
Server: example-server Server: example-server
3.8. Query Parameters 4.8. Query Parameters
Each RESTCONF operation allows zero or more query parameters to be Each RESTCONF operation allows zero or more query parameters to be
present in the request URI. The specific parameters that are allowed present in the request URI. The specific parameters that are allowed
depends on the resource type, and sometimes the specific target depends on the resource type, and sometimes the specific target
resource used, in the request. resource used, in the request.
+------------+----------+-------------------------------------------+ +---------------+---------+-----------------------------------------+
| Name | Methods | Description | | Name | Methods | Description |
+------------+----------+-------------------------------------------+ +---------------+---------+-----------------------------------------+
| content | GET | Select config and/or non-config data | | content | GET | Select config and/or non-config data |
| | | resources | | | | resources |
| depth | GET | Request limited sub-tree depth in the | | depth | GET | Request limited sub-tree depth in the |
| | | reply content | | | | reply content |
| filter | GET | Boolean notification filter for event- | | fields | GET | Request a subset of the target resource |
| | | stream resources | | | | contents |
| insert | POST, | Insertion mode for user-ordered data | | filter | GET | Boolean notification filter for event |
| | PUT | resources | | | | stream resources |
| limit | GET | Number of entries to return for | | insert | POST, | Insertion mode for user-ordered data |
| | | collection resources | | | PUT | resources |
| offset | GET | Starting point for collection resources | | point | POST, | Insertion point for user-ordered data |
| point | POST, | Insertion point for user-ordered data | | | PUT | resources |
| | PUT | resources | | start-time | GET | Replay buffer start time for event |
| select | GET | Request a subset of the target resource | | | | stream resources |
| | | contents | | stop-time | GET | Replay buffer stop time for event |
| start-time | GET | Replay buffer start time for event-stream | | | | stream resources |
| | | resources | | with-defaults | GET | Control retrieval of default values |
| stop-time | GET | Replay buffer stop time for event-stream | +---------------+---------+-----------------------------------------+
| | | resources |
+------------+----------+-------------------------------------------+
RESTCONF Query Parameters RESTCONF Query Parameters
Query parameters can be given in any order. Each parameter can Query parameters can be given in any order. Each parameter can
appear at most once in a request URI. A default value may apply if appear at most once in a request URI. A default value may apply if
the parameter is missing. the parameter is missing.
Refer to Appendix D.3 for examples of query parameter usage. Refer to Appendix D.3 for examples of query parameter usage.
If vendors define additional query parameters, they SHOULD use a If vendors define additional query parameters, they SHOULD use a
prefix (such as the enterprise or organization name) for query prefix (such as the enterprise or organization name) for query
parameter names in order to avoid collisions with other parameters. parameter names in order to avoid collisions with other parameters.
3.8.1. Query Parameter URIs 4.8.1. Query Parameter URIs
A new set of NETCONF Capability URNs are defined to identify the A new set of RESTCONF Capability URIs are defined to identify the
specific query parameters supported by the server. specific query parameters and protocol features supported by the
server.
+---------+-------------------------------------------------+ +--------------+----------------------------------------------------+
| Name | URI | | Name | URI |
+---------+-------------------------------------------------+ +--------------+----------------------------------------------------+
| content | urn:ietf:params:restconf:capability:content:1.0 | | defaults | urn:ietf:params:restconf:capability:defaults:1.0 |
| depth | urn:ietf:params:restconf:capability:depth:1.0 | | depth | urn:ietf:params:restconf:capability:depth:1.0 |
| filter | urn:ietf:params:restconf:capability:filter:1.0 | | fields | urn:ietf:params:restconf:capability:fields:1.0 |
| insert | urn:ietf:params:restconf:capability:insert:1.0 | | filter | urn:ietf:params:restconf:capability:filter:1.0 |
| page | urn:ietf:params:restconf:capability:page:1.0 | | insert | urn:ietf:params:restconf:capability:insert:1.0 |
| select | urn:ietf:params:restconf:capability:select:1.0 | | replay | urn:ietf:params:restconf:capability:replay:1.0 |
| replay | urn:ietf:params:restconf:capability:replay:1.0 | | with- | urn:ietf:params:restconf:capability:with- |
+---------+-------------------------------------------------+ | defaults | defaults:1.0 |
+--------------+----------------------------------------------------+
RESTCONF Query Parameter URIs RESTCONF Query Parameter URIs
3.8.2. The "content" Query Parameter 4.8.2. The "defaults" Protocol Capability URI
This URI identifies the defaults handling mode that is used by the
server for processing default leafs in the unified datastore. A
parameter named "basic-mode" is required for this capability URI.
The "basic-mode" definitions are specified in the "With-Defaults
Capability for NETCONF" [RFC6243].
This protocol capability URI MUST be supported by the server, and the
MUST be listed in the "capability" leaf-list in Section 9.3.
+------------+------------------------------------------------------+
| Value | Description |
+------------+------------------------------------------------------+
| report-all | No data nodes are considered default |
| trim | Values set to the YANG default-stmt value are |
| | default |
| explicit | Values set by the client are never considered |
| | default |
+------------+------------------------------------------------------+
If the "basic-mode" is set to "report-all" then the server MUST
adhere to the defaults handling behavior defined in section 2.1 of
[RFC6243].
If the "basic-mode" is set to "trim" then the server MUST adhere to
the defaults handling behavior defined in section 2.2 of [RFC6243].
If the "basic-mode" is set to "explicit" then the server MUST adhere
to the defaults handling behavior defined in section 2.3 of
[RFC6243].
Example: (split for display purposes only)
urn:ietf:params:restconf:capability:defaults:1.0?
basic-mode=explicit
4.8.3. The "content" Query Parameter
The "content" parameter controls how descendant nodes of the The "content" parameter controls how descendant nodes of the
requested data nodes will be processed in the reply. requested data nodes will be processed in the reply.
The allowed values are: The allowed values are:
+-----------+-----------------------------------------------------+ +-----------+-----------------------------------------------------+
| Value | Description | | Value | Description |
+-----------+-----------------------------------------------------+ +-----------+-----------------------------------------------------+
| config | Return only configuration descendant data nodes | | config | Return only configuration descendant data nodes |
skipping to change at page 32, line 43 skipping to change at page 36, line 44
This parameter is only allowed for GET methods on datastore and data This parameter is only allowed for GET methods on datastore and data
resources. A 400 Bad Request error is returned if used for other resources. A 400 Bad Request error is returned if used for other
methods or resource types. methods or resource types.
The default value is determined by the "config" statement value of The default value is determined by the "config" statement value of
the requested data nodes. If the "config" value is "false", then the the requested data nodes. If the "config" value is "false", then the
default for the "content" parameter is "nonconfig". If "config" is default for the "content" parameter is "nonconfig". If "config" is
"true" then the default for the "content" parameter is "config". "true" then the default for the "content" parameter is "config".
If this query parameter is supported by the server, then the This query parameter MUST be supported by the server.
"content" query parameter URI MUST be listed in the "capability"
leaf-list in Section 8.3.
3.8.3. The "depth" Query Parameter 4.8.4. The "depth" Query Parameter
The "depth" parameter is used to specify the number of nest levels The "depth" parameter is used to specify the number of nest levels
returned in a response for a GET method. The first nest-level returned in a response for a GET method. The first nest-level
consists of the requested data node itself. Any child nodes which consists of the requested data node itself. Any child nodes which
are contained within a parent node have a depth value that is 1 are contained within a parent node have a depth value that is 1
greater than its parent. greater than its parent.
The value of the "depth" parameter is either an integer between 1 and The value of the "depth" parameter is either an integer between 1 and
65535, or the string "unbounded". "unbounded" is the default. 65535, or the string "unbounded". "unbounded" is the default.
skipping to change at page 33, line 21 skipping to change at page 37, line 21
data resources. A 400 Bad Request error is returned if it used for data resources. A 400 Bad Request error is returned if it used for
other methods or resource types. other methods or resource types.
By default, the server will include all sub-resources within a By default, the server will include all sub-resources within a
retrieved resource, which have the same resource type as the retrieved resource, which have the same resource type as the
requested resource. Only one level of sub-resources with a different requested resource. Only one level of sub-resources with a different
media type than the target resource will be returned. media type than the target resource will be returned.
If this query parameter is supported by the server, then the "depth" If this query parameter is supported by the server, then the "depth"
query parameter URI MUST be listed in the "capability" leaf-list in query parameter URI MUST be listed in the "capability" leaf-list in
Section 8.3. Section 9.3.
3.8.4. The "select" Query Parameter 4.8.5. The "fields" Query Parameter
The "select" query parameter is used to optionally identify data The "fields" query parameter is used to optionally identify data
nodes within the target resource to be retrieved in a GET method. nodes within the target resource to be retrieved in a GET method.
The client can use this parameter to retrieve a subset of all nodes The client can use this parameter to retrieve a subset of all nodes
in a resource. in a resource.
A value of the "select" query parameter matches the following rule: A value of the "fields" query parameter matches the following rule:
select-expr = path '(' select-expr / '*' ')' / fields-expr = path '(' fields-expr / '*' ')' /
path ';' select-expr / path ';' fields-expr /
path path
path = api-identifier [ '/' path ] path = api-identifier [ '/' path ]
"api-identifier" is defined in Section 2.5.1.1. "api-identifier" is defined in Section 3.5.1.1.
";" is used to select multiple nodes. For example, to retrieve only ";" is used to select multiple nodes. For example, to retrieve only
the "genre" and "year" of an album, use: "select=genre;year". the "genre" and "year" of an album, use: "fields=genre;year".
Parentheses are used to specify sub-selectors of a node. For Parentheses are used to specify sub-selectors of a node. For
example, to retrieve only the "label" and "catalogue-number" of an example, to retrieve only the "label" and "catalogue-number" of an
album, use: "select=admin(label;catalogue-number)". album, use: "fields=admin(label;catalogue-number)".
"/" is used in a path to retrieve a child node of a node. For "/" is used in a path to retrieve a child node of a node. For
example, to retrieve only the "label" of an album, use: example, to retrieve only the "label" of an album, use:
"select=admin/label". "fields=admin/label".
This parameter is only allowed for GET methods on api, datastore, and This parameter is only allowed for GET methods on api, datastore, and
data resources. A 400 Bad Request error is returned if used for data resources. A 400 Bad Request error is returned if used for
other methods or resource types. other methods or resource types.
If this query parameter is supported by the server, then the "select" If this query parameter is supported by the server, then the "fields"
query parameter URI MUST be listed in the "capability" leaf-list in query parameter URI MUST be listed in the "capability" leaf-list in
Section 8.3. Section 9.3.
3.8.5. The "insert" Query Parameter 4.8.6. The "insert" Query Parameter
The "insert" parameter is used to specify how a resource should be The "insert" parameter is used to specify how a resource should be
inserted within a user-ordered list. inserted within a user-ordered list.
The allowed values are: The allowed values are:
+--------+----------------------------------------------------------+ +--------+----------------------------------------------------------+
| Value | Description | | Value | Description |
+--------+----------------------------------------------------------+ +--------+----------------------------------------------------------+
| first | Insert the new data as the new first entry. | | first | Insert the new data as the new first entry. |
skipping to change at page 34, line 44 skipping to change at page 38, line 44
also only supported if the target resource is a data resource, and also only supported if the target resource is a data resource, and
that data represents a YANG list or leaf-list that is ordered by the that data represents a YANG list or leaf-list that is ordered by the
user. user.
If the values "before" or "after" are used, then a "point" query If the values "before" or "after" are used, then a "point" query
parameter for the insertion parameter MUST also be present, or a 400 parameter for the insertion parameter MUST also be present, or a 400
Bad Request error is returned. Bad Request error is returned.
If this query parameter is supported by the server, then the "insert" If this query parameter is supported by the server, then the "insert"
query parameter URI MUST be listed in the "capability" leaf-list in query parameter URI MUST be listed in the "capability" leaf-list in
Section 8.3. The "point" query parameter MUST also be supported by Section 9.3. The "point" query parameter MUST also be supported by
the server. the server.
3.8.6. The "point" Query Parameter 4.8.7. The "point" Query Parameter
The "point" parameter is used to specify the insertion point for a The "point" parameter is used to specify the insertion point for a
data resource that is being created or moved within a user ordered data resource that is being created or moved within a user ordered
list or leaf-list. list or leaf-list.
The value of the "point" parameter is of type The value of the "point" parameter is of type
"data-resource-identifier", defined in the "ietf-restconf" YANG "data-resource-identifier", defined in the "ietf-restconf" YANG
module Section 7. module Section 8.
This parameter is only supported for the POST and PUT methods. It is This parameter is only supported for the POST and PUT methods. It is
also only supported if the target resource is a data resource, and also only supported if the target resource is a data resource, and
that data represents a YANG list or leaf-list that is ordered by the that data represents a YANG list or leaf-list that is ordered by the
user. user.
If the "insert" query parameter is not present, or has a value other If the "insert" query parameter is not present, or has a value other
than "before" or "after", then a 400 Bad Request error is returned. than "before" or "after", then a 400 Bad Request error is returned.
This parameter contains the instance identifier of the resource to be This parameter contains the instance identifier of the resource to be
used as the insertion point for a POST or PUT method. used as the insertion point for a POST or PUT method.
If the server includes the "insert" query parameter URI in the If the server includes the "insert" query parameter URI in the
"capability" leaf-list in Section 8.3, then the "point" query "capability" leaf-list in Section 9.3, then the "point" query
parameter MUST be supported.
3.8.7. The "limit" Query Parameter
The "limit" parameter is used to restrict the number of data
resources to return in response to GET requests on collection
resources.
The value of the "limit" parameter is either an integer greater than
or equal to 1, or the string "unbounded". The string "unbounded" is
the default value.
If the server includes the "page" query parameter URI in the
"capability" leaf-list in Section 8.3, then the "limit" query
parameter MUST be supported.
3.8.8. The "offset" Query Parameter
The "offset" parameter is used to specify the first data resource to
return in response to GET requests on collection resources.
Resources instances are numbered with consecutive integers from 1 to
the number of resource instances.
The value of the "offset" parameter is an integer greater than or
equal to 1. The default value is 1.
If the server includes the "page" query parameter URI in the
"capability" leaf-list in Section 8.3, then the "offset" query
parameter MUST be supported. parameter MUST be supported.
3.8.9. The "filter" Query Parameter 4.8.8. The "filter" Query Parameter
The "filter" parameter is used to indicate which subset of all The "filter" parameter is used to indicate which subset of all
possible events are of interest. If not present, all events not possible events are of interest. If not present, all events not
precluded by other parameters will be sent. precluded by other parameters will be sent.
This parameter is only allowed for GET methods on a text/event-stream This parameter is only allowed for GET methods on a text/event-stream
data resource. A 400 Bad Request error is returned if used for other data resource. A 400 Bad Request error is returned if used for other
methods or resource types. methods or resource types.
The format of this parameter is an XPath 1.0 expression, and is The format of this parameter is an XPath 1.0 expression, and is
skipping to change at page 36, line 37 skipping to change at page 40, line 7
o The context node is the root node. o The context node is the root node.
The filter is used as defined in [RFC5277], section 3.6. If the The filter is used as defined in [RFC5277], section 3.6. If the
boolean result of the expression is true when applied to the boolean result of the expression is true when applied to the
conceptual "notification" document root, then the notification event conceptual "notification" document root, then the notification event
is delivered to the client. is delivered to the client.
If this query parameter is supported by the server, then the "filter" If this query parameter is supported by the server, then the "filter"
query parameter URI MUST be listed in the "capability" leaf-list in query parameter URI MUST be listed in the "capability" leaf-list in
Section 8.3. Section 9.3.
3.8.10. The "start-time" Query Parameter 4.8.9. The "start-time" Query Parameter
The "start-time" parameter is used to trigger the notification replay The "start-time" parameter is used to trigger the notification replay
feature and indicate that the replay should start at the time feature and indicate that the replay should start at the time
specified. If the stream does not support replay, per the specified. If the stream does not support replay, per the
"replay-support" attribute returned by stream list entry for the "replay-support" attribute returned by stream list entry for the
stream resource, then the server MUST return the HTTP error code 400 stream resource, then the server MUST return the HTTP error code 400
Bad Request. Bad Request.
The value of the "start-time" parameter is of type "date-and-time", The value of the "start-time" parameter is of type "date-and-time",
defined in the "ietf-yang" YANG module [RFC6991]. defined in the "ietf-yang" YANG module [RFC6991].
skipping to change at page 37, line 17 skipping to change at page 40, line 33
methods or resource types. methods or resource types.
If this parameter is not present, then a replay subscription is not If this parameter is not present, then a replay subscription is not
being requested. It is not valid to specify start times that are being requested. It is not valid to specify start times that are
later than the current time. If the value specified is earlier than later than the current time. If the value specified is earlier than
the log can support, the replay will begin with the earliest the log can support, the replay will begin with the earliest
available notification. available notification.
If this query parameter is supported by the server, then the "replay" If this query parameter is supported by the server, then the "replay"
query parameter URI MUST be listed in the "capability" leaf-list in query parameter URI MUST be listed in the "capability" leaf-list in
Section 8.3. The "stop-time" query parameter MUST also be supported Section 9.3. The "stop-time" query parameter MUST also be supported
by the server. by the server.
If the "replay-support" leaf is present in the "stream" entry If the "replay-support" leaf is present in the "stream" entry
(defined in Section 8.3) then the server MUST support the (defined in Section 9.3) then the server MUST support the
"start-time" and "stop-time" query parameters for that stream. "start-time" and "stop-time" query parameters for that stream.
3.8.11. The "stop-time" Query Parameter 4.8.10. The "stop-time" Query Parameter
The "stop-time" parameter is used with the replay feature to indicate The "stop-time" parameter is used with the replay feature to indicate
the newest notifications of interest. This parameter MUST be used the newest notifications of interest. This parameter MUST be used
with and have a value later than the "start-time" parameter. with and have a value later than the "start-time" parameter.
The value of the "stop-time" parameter is of type "date-and-time", The value of the "stop-time" parameter is of type "date-and-time",
defined in the "ietf-yang" YANG module [RFC6991]. defined in the "ietf-yang" YANG module [RFC6991].
This parameter is only allowed for GET methods on a text/event-stream This parameter is only allowed for GET methods on a text/event-stream
data resource. A 400 Bad Request error is returned if used for other data resource. A 400 Bad Request error is returned if used for other
methods or resource types. methods or resource types.
If this parameter is not present, the notifications will continue If this parameter is not present, the notifications will continue
until the subscription is terminated. Values in the future are until the subscription is terminated. Values in the future are
valid. valid.
If this query parameter is supported by the server, then the "replay" If this query parameter is supported by the server, then the "replay"
query parameter URI MUST be listed in the "capability" leaf-list in query parameter URI MUST be listed in the "capability" leaf-list in
Section 8.3. The "start-time" query parameter MUST also be supported Section 9.3. The "start-time" query parameter MUST also be supported
by the server. by the server.
If the "replay-support" leaf is present in the "stream" entry If the "replay-support" leaf is present in the "stream" entry
(defined in Section 8.3) then the server MUST support the (defined in Section 9.3) then the server MUST support the
"start-time" and "stop-time" query parameters for that stream. "start-time" and "stop-time" query parameters for that stream.
4. Messages 4.8.11. The "with-defaults" Query Parameter
The "with-defaults" parameter is used to specify how information
about default data nodes should be returned in response to GET
requests on data resources.
If the server supports this capability, then it MUST implement the
behavior in section 4.5.1 of [RFC6243], except applied to the
RESTCONF GET operation, instead of the NETCONF operations.
+-------------------+-----------------------------------------------+
| Value | Description |
+-------------------+-----------------------------------------------+
| report-all | All data nodes are reported |
| trim | Data nodes set to the YANG default are not |
| | reported |
| explicit | Data nodes set by the client are not reported |
| report-all-tagged | All data nodes are reported and defaults are |
| | tagged |
+-------------------+-----------------------------------------------+
If the "with-defaults" parameter is set to "report-all" then the
server MUST adhere to the defaults reporting behavior defined in
section 3.1 of [RFC6243].
If the "with-defaults" parameter is set to "trim" then the server
MUST adhere to the defaults reporting behavior defined in section 3.2
of [RFC6243].
If the "with-defaults" parameter is set to "explicit" then the server
MUST adhere to the defaults reporting behavior defined in section 3.3
of [RFC6243].
If the "with-defaults" parameter is set to "report-all-tagged" then
the server MUST adhere to the defaults reporting behavior defined in
section 3.4 of [RFC6243].
If the "with-defaults" parameter is not present then the server MUST
adhere to the defaults reporting behavior defined in its "basic-mode"
parameter for the "defaults" protocol capability URI, defined in
Section 4.8.2.
If the server includes the "with-defaults" query parameter URI in the
"capability" leaf-list in Section 9.3, then the "with-defaults" query
parameter MUST be supported.
5. Messages
The RESTCONF protocol uses HTTP entities for messages. A single HTTP The RESTCONF protocol uses HTTP entities for messages. A single HTTP
message corresponds to a single protocol method. Most messages can message corresponds to a single protocol method. Most messages can
perform a single task on a single resource, such as retrieving a perform a single task on a single resource, such as retrieving a
resource or editing a resource. The exception is the PATCH method, resource or editing a resource. The exception is the PATCH method,
which allows multiple datastore edits within a single message. which allows multiple datastore edits within a single message.
4.1. Request URI Structure 5.1. Request URI Structure
Resources are represented with URIs following the structure for Resources are represented with URIs following the structure for
generic URIs in [RFC3986]. generic URIs in [RFC3986].
A RESTCONF operation is derived from the HTTP method and the request A RESTCONF operation is derived from the HTTP method and the request
URI, using the following conceptual fields: URI, using the following conceptual fields:
<OP> /<restconf>/<path>?<query>#<fragment> <OP> /<restconf>/<path>?<query>#<fragment>
^ ^ ^ ^ ^ ^ ^ ^ ^ ^
skipping to change at page 38, line 36 skipping to change at page 42, line 49
M M O O I M M O O I
M=mandatory, O=optional, I=ignored M=mandatory, O=optional, I=ignored
<text> replaced by client with real values <text> replaced by client with real values
o method: the HTTP method identifying the RESTCONF operation o method: the HTTP method identifying the RESTCONF operation
requested by the client, to act upon the target resource specified requested by the client, to act upon the target resource specified
in the request URI. RESTCONF operation details are described in in the request URI. RESTCONF operation details are described in
Section 3. Section 4.
o entry: the root of the RESTCONF API configured on this HTTP o entry: the root of the RESTCONF API configured on this HTTP
server, discovered by getting the ".well-known/host-meta" server, discovered by getting the ".well-known/host-meta"
resource, as described in Section 4.2. resource, as described in Section 3.1.
o resource: the path expression identifying the resource that is o resource: the path expression identifying the resource that is
being accessed by the operation. If this field is not present, being accessed by the operation. If this field is not present,
then the target resource is the API itself, represented by the then the target resource is the API itself, represented by the
media type "application/yang.api". media type "application/yang.api".
o query: the set of parameters associated with the RESTCONF message. o query: the set of parameters associated with the RESTCONF message.
These have the familiar form of "name=value" pairs. All query These have the familiar form of "name=value" pairs. All query
parameters are optional to implement by the server and optional to parameters are optional to implement by the server and optional to
use by the client. Each query parameter is identified by a URI. use by the client. Each query parameter is identified by a URI.
The server MUST list the query parameter URIs it supports in the The server MUST list the query parameter URIs it supports in the
"capabilities" list defined in Section 8.3. "capabilities" list defined in Section 9.3.
There is a specific set of parameters defined, although the server There is a specific set of parameters defined, although the server
MAY choose to support query parameters not defined in this document. MAY choose to support query parameters not defined in this document.
The contents of the any query parameter value MUST be encoded The contents of the any query parameter value MUST be encoded
according to [RFC2396], section 3.4. Any reserved characters MUST be according to [RFC2396], section 3.4. Any reserved characters MUST be
encoded with escape sequences, according to [RFC2396], section 2.4. encoded with escape sequences, according to [RFC2396], section 2.4.
o fragment: This field is not used by the RESTCONF protocol. o fragment: This field is not used by the RESTCONF protocol.
When new resources are created by the client, a "Location" header is When new resources are created by the client, a "Location" header is
returned, which identifies the path of the newly created resource. returned, which identifies the path of the newly created resource.
The client MUST use this exact path identifier to access the resource The client MUST use this exact path identifier to access the resource
once it has been created. once it has been created.
The "target" of an operation is a resource. The "path" field in the The "target" of an operation is a resource. The "path" field in the
request URI represents the target resource for the operation. request URI represents the target resource for the operation.
4.2. RESTCONF Path Resolution 5.2. Message Headers
In line the best practices defined by [get-off-my-lawn], RESTCONF
enables deployments to specify where the RESTCONF API is located.
When first connecting to a RESTCONF server, a RESTCONF client MUST
determine the root of the RESTCONF API. The client discovers this by
getting the "/.well-known/host-meta" resource ([RFC6415]) and using
the <Link> element containing the "restconf" attribute :
Request
-------
GET /.well-known/host-meta users HTTP/1.1
Host: example.com
Accept: application/xrd+xml
Response
--------
HTTP/1.1 200 OK
Content-Type: application/xrd+xml
Content-Length: nnn
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'>
<Link rel='restconf' href='/restconf'/>
</XRD>
Once discovering the RESTCONF API root, the client MUST prepend it to
any subsequent request to a RESTCONF resource. For instance, using
the "/restconf" path discovered above, the client can now determine
the operations supported by the the server:
Request
-------
GET /restconf/operations HTTP/1.1
Host: example.com
Accept: application/yang.api+json,
application/yang.errors+json
Response
--------
HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:01:00 GMT
Server: example-server
Cache-Control: no-cache
Pragma: no-cache
Last-Modified: Sun, 22 Apr 2012 01:00:14 GMT
Content-Type: application/yang.api+json
{ "operations" : { "play" : [ null ] } }
4.3. Message Headers
There are several HTTP header lines utilized in RESTCONF messages. There are several HTTP header lines utilized in RESTCONF messages.
Messages are not limited to the HTTP headers listed in this section. Messages are not limited to the HTTP headers listed in this section.
HTTP defines which header lines are required for particular HTTP defines which header lines are required for particular
circumstances. Refer to each operation definition section in circumstances. Refer to each operation definition section in
Section 3 for examples on how particular headers are used. Section 4 for examples on how particular headers are used.
There are some request headers that are used within RESTCONF, usually There are some request headers that are used within RESTCONF, usually
applied to data resources. The following tables summarize the applied to data resources. The following tables summarize the
headers most relevant in RESTCONF message requests: headers most relevant in RESTCONF message requests:
+---------------------+---------------------------------------------+ +---------------------+---------------------------------------------+
| Name | Description | | Name | Description |
+---------------------+---------------------------------------------+ +---------------------+---------------------------------------------+
| Accept | Response Content-Types that are acceptable | | Accept | Response Content-Types that are acceptable |
| Content-Type | The media type of the request body | | Content-Type | The media type of the request body |
skipping to change at page 41, line 13 skipping to change at page 44, line 29
RESTCONF Request Headers RESTCONF Request Headers
The following tables summarize the headers most relevant in RESTCONF The following tables summarize the headers most relevant in RESTCONF
message responses: message responses:
+---------------+---------------------------------------------------+ +---------------+---------------------------------------------------+
| Name | Description | | Name | Description |
+---------------+---------------------------------------------------+ +---------------+---------------------------------------------------+
| Allow | Valid actions when 405 error returned | | Allow | Valid actions when 405 error returned |
| Cache-Control | The cache control parameters for the response | | Cache-Control | The cache control parameters for the response |
| Content-Type | The media type of the response body | | Content-Type | The media type of the response message-body |
| Date | The date and time the message was sent | | Date | The date and time the message was sent |
| ETag | An identifier for a specific version of a | | ETag | An identifier for a specific version of a |
| | resource | | | resource |
| Last-Modified | The last modified date and time of a resource | | Last-Modified | The last modified date and time of a resource |
| Location | The resource identifier for a newly created | | Location | The resource identifier for a newly created |
| | resource | | | resource |
+---------------+---------------------------------------------------+ +---------------+---------------------------------------------------+
RESTCONF Response Headers RESTCONF Response Headers
4.4. Message Encoding 5.3. Message Encoding
RESTCONF messages are encoded in HTTP according to RFC 2616. The RESTCONF messages are encoded in HTTP according to [RFC7230]. The
"utf-8" character set is used for all messages. RESTCONF message "utf-8" character set is used for all messages. RESTCONF message
content is sent in the HTTP message body. content is sent in the HTTP message-body.
Content is encoded in either JSON or XML format. A server MUST Content is encoded in either JSON or XML format. A server MUST
support XML encoding and MAY support JSON encoding. XML encoding support XML encoding and MAY support JSON encoding. XML encoding
rules for data nodes are defined in [RFC6020]. The same encoding rules for data nodes are defined in [RFC6020]. The same encoding
rules are used for all XML content. JSON encoding rules are defined rules are used for all XML content. JSON encoding rules are defined
in [I-D.ietf-netmod-json]. This encoding is valid JSON, but also has in [I-D.ietf-netmod-yang-json]. This encoding is valid JSON, but
special encoding rules to identify module namespaces and provide also has special encoding rules to identify module namespaces and
consistent type processing of YANG data. provide consistent type processing of YANG data.
Request input content encoding format is identified with the Content- Request input content encoding format is identified with the Content-
Type header. This field MUST be present if a message body is sent by Type header. This field MUST be present if a message-body is sent by
the client. the client.
Response output content encoding format is identified with the Accept Response output content encoding format is identified with the Accept
header in the request, or if is not specified, the request input header in the request, or if is not specified, the request input
encoding format is used. If there was no request input, then the encoding format is used. If there was no request input, then the
default output encoding is XML. File extensions encoded in the default output encoding is XML. File extensions encoded in the
request are not used to identify format encoding. request are not used to identify format encoding.
4.5. RESTCONF Meta-Data 5.4. RESTCONF Meta-Data
The RESTCONF protocol needs to retrieve the same meta-data that is The RESTCONF protocol needs to retrieve the same meta-data that is
used in the NETCONF protocol. Information about default leafs, last- used in the NETCONF protocol. Information about default leafs, last-
modified timestamps, etc. are commonly used to annotate modified timestamps, etc. are commonly used to annotate
representations of the datastore contents. This meta-data is not representations of the datastore contents. This meta-data is not
defined in the YANG schema because it applies to the datastore, and defined in the YANG schema because it applies to the datastore, and
is common across all data nodes. is common across all data nodes.
This information is encoded as attributes in XML. JSON encoding of This information is encoded as attributes in XML. JSON encoding of
meta-data is defined in [I-D.lhotka-netmod-yang-metadata]. meta-data is defined in [I-D.lhotka-netmod-yang-metadata].
4.6. Return Status 5.5. Return Status
Each message represents some sort of resource access. An HTTP Each message represents some sort of resource access. An HTTP
"Status-Line" header line is returned for each request. If a 4xx or "status-line" header line is returned for each request. If a 4xx or
5xx range status code is returned in the Status-Line, then the error 5xx range status code is returned in the status-line, then the error
information will be returned in the response, according to the format information will be returned in the response, according to the format
defined in Section 6.1. defined in Section 7.1.
4.7. Message Caching 5.6. Message Caching
Since the datastore contents change at unpredictable times, responses Since the datastore contents change at unpredictable times, responses
from a RESTCONF server generally SHOULD NOT be cached. from a RESTCONF server generally SHOULD NOT be cached.
The server SHOULD include a "Cache-Control" header in every response The server SHOULD include a "Cache-Control" header in every response
that specifies whether the response should be cached. A "Pragma" that specifies whether the response should be cached. A "Pragma"
header specifying "no-cache" MAY also be sent in case the header specifying "no-cache" MAY also be sent in case the
"Cache-Control" header is not supported. "Cache-Control" header is not supported.
Instead of using HTTP caching, the client SHOULD track the "ETag" Instead of using HTTP caching, the client SHOULD track the "ETag"
and/or "Last-Modified" headers returned by the server for the and/or "Last-Modified" headers returned by the server for the
datastore resource (or data resource if the server supports it). A datastore resource (or data resource if the server supports it). A
retrieval request for a resource can include the "If-None-Match" and/ retrieval request for a resource can include the "If-None-Match" and/
or "If-Modified-Since" headers, which will cause the server to return or "If-Modified-Since" headers, which will cause the server to return
a "304 Not Modified" Status-Line if the resource has not changed. a "304 Not Modified" status-line if the resource has not changed.
The client MAY use the HEAD method to retrieve just the message The client MAY use the HEAD method to retrieve just the message
headers, which SHOULD include the "ETag" and "Last-Modified" headers, headers, which SHOULD include the "ETag" and "Last-Modified" headers,
if this meta-data is maintained for the target resource. if this meta-data is maintained for the target resource.
5. Notifications 6. Notifications
The RESTCONF protocol supports YANG-defined event notifications. The The RESTCONF protocol supports YANG-defined event notifications. The
solution preserves aspects of NETCONF Event Notifications [RFC5277] solution preserves aspects of NETCONF Event Notifications [RFC5277]
while utilizing the Server-Sent Events [W3C.CR-eventsource-20121211] while utilizing the Server-Sent Events [W3C.CR-eventsource-20121211]
transport strategy. transport strategy.
5.1. Server Support 6.1. Server Support
A RESTCONF server is not required to support RESTCONF notifications. A RESTCONF server is not required to support RESTCONF notifications.
Clients may determine if a server supports RESTCONF notifications by Clients may determine if a server supports RESTCONF notifications by
using the HTTP operation OPTIONS, HEAD, or GET on the stream list. using the HTTP operation OPTIONS, HEAD, or GET on the stream list.
The server does not support RESTCONF notifications if an HTTP error The server does not support RESTCONF notifications if an HTTP error
code is returned (e.g., 404 Not Found). code is returned (e.g., 404 Not Found).
5.2. Event Streams 6.2. Event Streams
A RESTCONF server that supports notifications will populate a stream A RESTCONF server that supports notifications will populate a stream
resource for each notification delivery service access point. A resource for each notification delivery service access point. A
RESTCONF client can retrieve the list of supported event streams from RESTCONF client can retrieve the list of supported event streams from
a RESTCONF server using the GET operation on the stream list. a RESTCONF server using the GET operation on the stream list.
The "restconf-state/streams" container definition in the The "restconf-state/streams" container definition in the
"ietf-restconf-monitoring" module (defined in Section 8.3) is used to "ietf-restconf-monitoring" module (defined in Section 9.3) is used to
specify the structure and syntax of the conceptual child resources specify the structure and syntax of the conceptual child resources
within the "streams" resource. within the "streams" resource.
For example: For example:
The client might send the following request: The client might send the following request:
GET /restconf/data/ietf-restconf-monitoring:restconf-state/ GET /restconf/data/ietf-restconf-monitoring:restconf-state/
streams HTTP/1.1 streams HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+xml, Accept: application/yang.data+xml
application/yang.errors+xml
The server might send the following response: The server might send the following response:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Type: application/yang.api+xml Content-Type: application/yang.api+xml
<streams <streams
xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring"> xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring">
<stream> <stream>
<name>NETCONF</name> <name>NETCONF</name>
<description>default NETCONF event stream <description>default NETCONF event stream
</description> </description>
<replay-support>true</replay-support> <replay-support>true</replay-support>
<replay-log-creation-time> <replay-log-creation-time>
2007-07-08T00:00:00Z 2007-07-08T00:00:00Z
</replay-log-creation-time> </replay-log-creation-time>
<encoding> <encoding>
<type>xml</type> <type>xml</type>
<events>http://example.com/streams/NETCONF</events> <events>https://example.com/streams/NETCONF</events>
</encoding> </encoding>
<encoding> <encoding>
<type>json</type> <type>json</type>
<events>http://example.com/streams/NETCONF-JSON</events> <events>https://example.com/streams/NETCONF-JSON</events>
</encoding> </encoding>
</stream> </stream>
<stream> <stream>
<name>SNMP</name> <name>SNMP</name>
<description>SNMP notifications</description> <description>SNMP notifications</description>
<replay-support>false</replay-support> <replay-support>false</replay-support>
<encoding> <encoding>
<type>xml</type> <type>xml</type>
<events>http://example.com/streams/SNMP</events> <events>https://example.com/streams/SNMP</events>
</encoding> </encoding>
</stream> </stream>
<stream> <stream>
<name>syslog-critical</name> <name>syslog-critical</name>
<description>Critical and higher severity <description>Critical and higher severity
</description> </description>
<replay-support>true</replay-support> <replay-support>true</replay-support>
<replay-log-creation-time> <replay-log-creation-time>
2007-07-01T00:00:00Z 2007-07-01T00:00:00Z
</replay-log-creation-time> </replay-log-creation-time>
<encoding> <encoding>
<type>xml</type> <type>xml</type>
<events> <events>
http://example.com/streams/syslog-critical https://example.com/streams/syslog-critical
</events> </events>
</encoding> </encoding>
</stream> </stream>
</streams> </streams>
5.3. Subscribing to Receive Notifications 6.3. Subscribing to Receive Notifications
RESTCONF clients can determine the URL for the subscription resource RESTCONF clients can determine the URL for the subscription resource
(to receive notifications) by sending an HTTP GET request for the (to receive notifications) by sending an HTTP GET request for the
"events" leaf with the stream list entry. The value returned by the "events" leaf with the stream list entry. The value returned by the
server can be used for the actual notification subscription. server can be used for the actual notification subscription.
The client will send an HTTP GET request for the URL returned by the The client will send an HTTP GET request for the URL returned by the
server with the "Accept" type "text/event-stream". server with the "Accept" type "text/event-stream".
The server will treat the connection as an event stream, using the The server will treat the connection as an event stream, using the
skipping to change at page 45, line 28 skipping to change at page 48, line 28
The server MAY support query parameters for a GET method on this The server MAY support query parameters for a GET method on this
resource. These parameters are specific to each notification stream. resource. These parameters are specific to each notification stream.
For example: For example:
The client might send the following request: The client might send the following request:
GET /restconf/data/ietf-restconf-monitoring:restconf-state/ GET /restconf/data/ietf-restconf-monitoring:restconf-state/
streams/stream=NETCONF/encoding=xml/events HTTP/1.1 streams/stream=NETCONF/encoding=xml/events HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+xml, Accept: application/yang.data+xml
application/yang.errors+xml
The server might send the following response: The server might send the following response:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Type: application/yang.api+xml Content-Type: application/yang.api+xml
<events <events
xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring"> xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring">
http://example.com/streams/NETCONF https://example.com/streams/NETCONF
</events> </events>
The RESTCONF client can then use this URL value to start monitoring The RESTCONF client can then use this URL value to start monitoring
the event stream: the event stream:
GET /streams/NETCONF HTTP/1.1 GET /streams/NETCONF HTTP/1.1
Host: example.com Host: example.com
Accept: text/event-stream Accept: text/event-stream
Cache-Control: no-cache Cache-Control: no-cache
Connection: keep-alive Connection: keep-alive
skipping to change at page 46, line 12 skipping to change at page 49, line 12
A RESTCONF client MAY request the server compress the events using A RESTCONF client MAY request the server compress the events using
the HTTP header field "Accept-Encoding". For instance: the HTTP header field "Accept-Encoding". For instance:
GET /streams/NETCONF HTTP/1.1 GET /streams/NETCONF HTTP/1.1
Host: example.com Host: example.com
Accept: text/event-stream Accept: text/event-stream
Cache-Control: no-cache Cache-Control: no-cache
Connection: keep-alive Connection: keep-alive
Accept-Encoding: gzip, deflate Accept-Encoding: gzip, deflate
5.3.1. NETCONF Event Stream 6.3.1. NETCONF Event Stream
The server SHOULD support the "NETCONF" notification stream defined The server SHOULD support the "NETCONF" notification stream defined
in [RFC5277]. For this stream, RESTCONF notification subscription in [RFC5277]. For this stream, RESTCONF notification subscription
requests MAY specify parameters indicating the events it wishes to requests MAY specify parameters indicating the events it wishes to
receive. These query parameters are optional to implement, and only receive. These query parameters are optional to implement, and only
available if the server supports them. available if the server supports them.
+------------+---------+-------------------------+ +------------+---------+-------------------------+
| Name | Section | Description | | Name | Section | Description |
+------------+---------+-------------------------+ +------------+---------+-------------------------+
| start-time | 3.8.10 | replay event start time | | start-time | 4.8.9 | replay event start time |
| stop-time | 3.8.11 | replay event stop time | | stop-time | 4.8.10 | replay event stop time |
| filter | 3.8.9 | boolean content filter | | filter | 4.8.8 | boolean content filter |
+------------+---------+-------------------------+ +------------+---------+-------------------------+
NETCONF Stream Query Parameters NETCONF Stream Query Parameters
The semantics and syntax for these query parameters are defined in The semantics and syntax for these query parameters are defined in
the sections listed above. The YANG encoding MUST be converted to the sections listed above. The YANG encoding MUST be converted to
URL-encoded string for use in the request URI. URL-encoded string for use in the request URI.
Refer to Appendix D.3.8 for filter parameter examples. Refer to Appendix D.3.6 for filter parameter examples.
5.4. Receiving Event Notifications 6.4. Receiving Event Notifications
RESTCONF notifications are encoded according to the definition of the RESTCONF notifications are encoded according to the definition of the
event stream. The NETCONF stream defined in [RFC5277] is encoded in event stream. The NETCONF stream defined in [RFC5277] is encoded in
XML format. XML format.
The structure of the event data is based on the "notification" The structure of the event data is based on the "notification"
element definition in section 4 of [RFC5277]. It MUST conform to the element definition in section 4 of [RFC5277]. It MUST conform to the
"notification" YANG container definition in Section 7. schema for the "notification" element in section 4 of [RFC5277],
except the XML namespace for this element is defined as:
urn:ietf:params:xml:ns:yang:ietf-restconf
For JSON encoding purposes, the module name is "ietf-restconf".
An example SSE notification encoded using XML: An example SSE notification encoded using XML:
data: <notification data: <notification
data: xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf"> data: xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf">
data: <event-time>2013-12-21T00:01:00Z</event-time> data: <event-time>2013-12-21T00:01:00Z</event-time>
data: <event xmlns="http://example.com/event/1.0"> data: <event xmlns="http://example.com/event/1.0">
data: <event-class>fault</event-class> data: <event-class>fault</event-class>
data: <reporting-entity> data: <reporting-entity>
data: <card>Ethernet0</card> data: <card>Ethernet0</card>
skipping to change at page 48, line 12 skipping to change at page 51, line 12
and, if it does, RESTCONF clients SHOULD use it. A RESTCONF server and, if it does, RESTCONF clients SHOULD use it. A RESTCONF server
SHOULD NOT send the "event" or "id" fields, as there are no SHOULD NOT send the "event" or "id" fields, as there are no
meaningful values that could be used for them that would not be meaningful values that could be used for them that would not be
redundant to the contents of the notification itself. RESTCONF redundant to the contents of the notification itself. RESTCONF
servers that do not send the "id" field also do not need to support servers that do not send the "id" field also do not need to support
the HTTP header "Last-Event-Id". RESTCONF servers that do send the the HTTP header "Last-Event-Id". RESTCONF servers that do send the
"id" field MUST still support the "startTime" query parameter as the "id" field MUST still support the "startTime" query parameter as the
preferred means for a client to specify where to restart the event preferred means for a client to specify where to restart the event
stream. stream.
6. Error Reporting 7. Error Reporting
HTTP Status-Lines are used to report success or failure for RESTCONF HTTP status-lines are used to report success or failure for RESTCONF
operations. The <rpc-error> element returned in NETCONF error operations. The <rpc-error> element returned in NETCONF error
responses contains some useful information. This error information responses contains some useful information. This error information
is adapted for use in RESTCONF, and error information is returned for is adapted for use in RESTCONF, and error information is returned for
"4xx" class of status codes. "4xx" class of status codes.
The following table summarizes the return status codes used The following table summarizes the return status codes used
specifically by RESTCONF operations: specifically by RESTCONF operations:
+---------------------------+---------------------------------------+ +---------------------------+---------------------------------------+
| Status-Line | Description | | Status-Line | Description |
+---------------------------+---------------------------------------+ +---------------------------+---------------------------------------+
| 100 Continue | POST accepted, 201 should follow | | 100 Continue | POST accepted, 201 should follow |
| 200 OK | Success with response body | | 200 OK | Success with response message-body |
| 201 Created | POST to create a resource success | | 201 Created | POST to create a resource success |
| 202 Accepted | POST to create a resource accepted | | 202 Accepted | POST to create a resource accepted |
| 204 No Content | Success without response body | | 204 No Content | Success without response message-body |
| 304 Not Modified | Conditional operation not done | | 304 Not Modified | Conditional operation not done |
| 400 Bad Request | Invalid request message | | 400 Bad Request | Invalid request message |
| 403 Forbidden | Access to resource denied | | 403 Forbidden | Access to resource denied |
| 404 Not Found | Resource target or resource node not | | 404 Not Found | Resource target or resource node not |
| | found | | | found |
| 405 Method Not Allowed | Method not allowed for target | | 405 Method Not Allowed | Method not allowed for target |
| | resource | | | resource |
| 409 Conflict | Resource or lock in use | | 409 Conflict | Resource or lock in use |
| 412 Precondition Failed | Conditional method is false | | 412 Precondition Failed | Conditional method is false |
| 413 Request Entity Too | too-big error | | 413 Request Entity Too | too-big error |
skipping to change at page 49, line 37 skipping to change at page 52, line 37
| data-exists | 409 | | data-exists | 409 |
| data-missing | 409 | | data-missing | 409 |
| operation-not-supported | 501 | | operation-not-supported | 501 |
| operation-failed | 500 | | operation-failed | 500 |
| partial-operation | 500 | | partial-operation | 500 |
| malformed-message | 400 | | malformed-message | 400 |
+-------------------------+-------------+ +-------------------------+-------------+
Mapping from error-tag to status code Mapping from error-tag to status code
6.1. Error Response Message 7.1. Error Response Message
When an error occurs for a request message on a data resource or an When an error occurs for a request message on a data resource or an
operation resource, and a "4xx" class of status codes (except for operation resource, and a "4xx" class of status codes (except for
status code "403 Forbidden"), then the server SHOULD send a response status code "403 Forbidden"), then the server SHOULD send a response
body containing the information described by the "errors" container message-body containing the information described by the "errors"
definition within the YANG module Section 7. The Content-Type of container definition within the YANG module Section 8. The Content-
this response message MUST be application/yang.errors. Type of this response message MUST be application/yang.errors (see
example below).
The client MAY specify the desired encoding for error messages by
specifying the appropriate media-type in the Accept header. If no
error media is specified, the server MUST assume that "application/
yang.errors+xml" was specified. All of the examples in this
document, except for the one below, assume the default XML encoding
will be returned if there is an error.
YANG Tree Diagram for <errors> Data: YANG Tree Diagram for <errors> Data:
+--ro errors +--ro errors
+--ro error +--ro error
+--ro error-type enumeration +--ro error-type enumeration
+--ro error-tag string +--ro error-tag string
+--ro error-app-tag? string +--ro error-app-tag? string
+--ro (error-node)? +--ro (error-node)?
| +--:(error-path) | +--:(error-path)
| | +--ro error-path? instance-identifier | | +--ro error-path? instance-identifier
| +--:(error-urlpath) | +--:(error-urlpath)
| +--ro error-urlpath? data-resource-identifier | +--ro error-urlpath? data-resource-identifier
+--ro error-message? string +--ro error-message? string
+--ro error-info +--ro error-info
The semantics and syntax for RESTCONF error messages are defined in The semantics and syntax for RESTCONF error messages are defined in
the "errors" YANG grouping in Section 7. the "application/yang.errors" restconf-media-type extension in
Section 8.
Examples: Examples:
The following example shows an error returned for an "lock-denied" The following example shows an error returned for an "lock-denied"
error on a datastore resource. error that can occur if a NETCONF client has locked a datastore. The
RESTCONF client is attempting to delete a data resource. Note that
an Accept header is used to specify the desired encoding for the
error message. This example's use of the Accept header is especially
notable since the DELETE method typically doesn't return a message-
body and hence Accept headers are typically not passed.
POST /restconf/operations/example-ops:lock-datastore HTTP/1.1 DELETE /restconf/data/example-jukebox:jukebox/
library/artist=Foo%20Fighters/album=Wasting%20Light HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.errors+json
The server might respond: The server might respond:
HTTP/1.1 409 Conflict HTTP/1.1 409 Conflict
Date: Mon, 23 Apr 2012 17:11:00 GMT Date: Mon, 23 Apr 2012 17:11:00 GMT
Server: example-server Server: example-server
Content-Type: application/yang.errors+json Content-Type: application/yang.errors+json
{ {
"ietf-restconf:errors": { "ietf-restconf:errors": {
skipping to change at page 51, line 20 skipping to change at page 54, line 41
HTTP/1.1 409 Conflict HTTP/1.1 409 Conflict
Date: Mon, 23 Apr 2012 17:11:00 GMT Date: Mon, 23 Apr 2012 17:11:00 GMT
Server: example-server Server: example-server
Content-Type: application/yang.errors+json Content-Type: application/yang.errors+json
{ {
"ietf-restconf:errors": { "ietf-restconf:errors": {
"error": { "error": {
"error-type": "protocol", "error-type": "protocol",
"error-tag": "data-exists", "error-tag": "data-exists",
"error-urlpath": "http://example.com/restconf/data/ "error-urlpath": "https://example.com/restconf/data/
example-jukebox:jukebox", example-jukebox:jukebox",
"error-message": "error-message":
"Data already exists, cannot create new resource" "Data already exists, cannot create new resource"
} }
} }
} }
7. RESTCONF module 8. RESTCONF module
The "ietf-restconf" module defines conceptual definitions within
groupings, which are not meant to be implemented as datastore
contents by a server. The "restconf" container is not intended to be
implemented as a top-level data node (under the "/restconf/data"
entry point).
The "ietf-yang-types" module from [RFC6991] is used by this module The "ietf-restconf" module defines conceptual definitions within an
for some type definitions. extension and two groupings, which are not meant to be implemented as
datastore contents by a server. E.g., the "restconf" container is
not intended to be implemented as a top-level data node (under the
"/restconf/data" entry point).
RFC Ed.: update the date below with the date of RFC publication and RFC Ed.: update the date below with the date of RFC publication and
remove this note. remove this note.
<CODE BEGINS> file "ietf-restconf@2014-10-25.yang" <CODE BEGINS> file "ietf-restconf@2015-01-30.yang"
module ietf-restconf { module ietf-restconf {
namespace "urn:ietf:params:xml:ns:yang:ietf-restconf"; namespace "urn:ietf:params:xml:ns:yang:ietf-restconf";
prefix "rc"; prefix "rc";
import ietf-yang-types { prefix yang; }
organization organization
"IETF NETCONF (Network Configuration) Working Group"; "IETF NETCONF (Network Configuration) Working Group";
contact contact
"WG Web: <http://tools.ietf.org/wg/netconf/> "WG Web: <http://tools.ietf.org/wg/netconf/>
WG List: <mailto:netconf@ietf.org> WG List: <mailto:netconf@ietf.org>
WG Chair: Bert Wijnen
<mailto:bertietf@bwijnen.net>
WG Chair: Mehmet Ersue WG Chair: Mehmet Ersue
<mailto:mehmet.ersue@nsn.com> <mailto:mehmet.ersue@nsn.com>
WG Chair: Mahesh Jethanandani
<mailto:mjethanandani@gmail.com>
Editor: Andy Bierman Editor: Andy Bierman
<mailto:andy@yumaworks.com> <mailto:andy@yumaworks.com>
Editor: Martin Bjorklund Editor: Martin Bjorklund
<mailto:mbj@tail-f.com> <mailto:mbj@tail-f.com>
Editor: Kent Watsen Editor: Kent Watsen
<mailto:kwatsen@juniper.net>"; <mailto:kwatsen@juniper.net>";
description description
"This module contains conceptual YANG specifications "This module contains conceptual YANG specifications
for the message and error content that is used in for basic RESTCONF media type definitions used in
RESTCONF protocol messages. A conceptual container RESTCONF protocol messages.
representing the RESTCONF API nodes is also defined
for the media type application/yang.api.
Note that the YANG definitions within this module do not Note that the YANG definitions within this module do not
represent configuration data of any kind. represent configuration data of any kind.
The YANG grouping statements provide a normative syntax The 'restconf-media-type' YANG extension statement
for XML and JSON message encoding purposes. provides a normative syntax for XML and JSON message
encoding purposes.
Copyright (c) 2014 IETF Trust and the persons identified as Copyright (c) 2015 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
(http://trustee.ietf.org/license-info). (http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see This version of this YANG module is part of RFC XXXX; see
the RFC itself for full legal notices."; the RFC itself for full legal notices.";
// RFC Ed.: replace XXXX with actual RFC number and remove this // RFC Ed.: replace XXXX with actual RFC number and remove this
// note. // note.
// RFC Ed.: remove this note // RFC Ed.: remove this note
// Note: extracted from draft-ietf-netconf-restconf-03.txt // Note: extracted from draft-ietf-netconf-restconf-04.txt
// RFC Ed.: update the date below with the date of RFC publication // RFC Ed.: update the date below with the date of RFC publication
// and remove this note. // and remove this note.
revision 2014-10-25 { revision 2015-01-30 {
description description
"Initial revision."; "Initial revision.";
reference reference
"RFC XXXX: RESTCONF Protocol."; "RFC XXXX: RESTCONF Protocol.";
} }
extension restconf-media-type {
argument media-type-id {
yin-element true;
}
description
"This extension is used to specify a YANG data structure which
represents a conceptual RESTCONF media type template.
Data definition statements within this extension specify
the 'generic syntax' for the specific media type.
YANG is mapped to specific encoding formats outside the
scope of this extension statement. RFC 6020 defines XML
encoding rules for all RESTCONF media types that use
the '+xml' suffix. draft-ietf-netmod-yang-json defines
JSON encoding rules for all RESTCONF media types that
use the '+json' suffix.
The 'media-type-id' parameter value identifies the media type
that is being defined. It contains the string associated
with the generic media type, i.e., no suffix is specified.
This extension is ignored unless it appears as a top-level
statement. It SHOULD contain data definition statements
that result in exactly one container data node definition.
This allows compliant translation to an XML instance
document for each media type.
The module name and namespace value for the YANG module using
the extension statement is assigned to instance document data
conforming to the data definition statements within
this extension.
The sub-statements of this extension MUST follow the
'data-def-stmt' rule in the YANG ABNF.
The XPath document root is the extension statement itself,
such that the child nodes of the document root are
represented by the data-def-stmt sub-statements within
this extension. This conceptual document is the context
for the following YANG statements:
- must-stmt
- when-stmt
- path-stmt
- min-elements-stmt
- max-elements-stmt
- mandatory-stmt
- unique-stmt
- ordered-by
- instance-identifier data type
The following data-def-stmt sub-statements have special
meaning when used within a restconf-resource extension
statement.
- The list-stmt is not required to have a key-stmt defined.
- The if-feature-stmt is ignored if present.
- The config-stmt is ignored if present.
- The available identity values for any 'identityref'
leaf or leaf-list nodes is limited to the module
containing this extension statement, and the modules
imported into that module.
";
}
rc:restconf-media-type "application/yang.errors" {
uses errors;
}
rc:restconf-media-type "application/yang.api" {
uses restconf;
}
typedef data-resource-identifier { typedef data-resource-identifier {
type string { type string {
length "1 .. max"; length "1 .. max";
} }
description description
"Contains a Data Resource Identifier formatted string "Contains a Data Resource Identifier formatted string
to identify a specific data resource instance. to identify a specific data resource instance.
The document root for all data resources is a The document root for all data resources is a
datastore resource container. Each top-level YANG datastore resource container. Each top-level YANG
data nodes supported by the server will be represented data nodes supported by the server will be represented
skipping to change at page 56, line 37 skipping to change at page 61, line 34
POST /restconf/operations/show-log-errors POST /restconf/operations/show-log-errors
leaf show-log-errors { leaf show-log-errors {
type empty; type empty;
} }
"; ";
} }
} // container restconf } // container restconf
} // grouping restconf } // grouping restconf
grouping collection {
description
"Conceptual container representing the
application/yang.collection resource type.";
container collection {
description
"Container representing the application/yang.collection
resource type.";
}
} // grouping collection
grouping notification {
description
"Contains the notification message wrapper definition.";
container notification {
description
"RESTCONF notification message wrapper.";
leaf event-time {
type yang:date-and-time;
mandatory true;
description
"The time the event was generated by the
event source.";
reference
"RFC 5277, section 4, <eventTime> element.";
}
/* The YANG-specific notification container is encoded
* after the 'event-time' element. The format
* corresponds to the notificationContent element
* in RFC 5277, section 4. For example:
*
* module example-one {
* ...
* notification event1 { ... }
*
* }
*
* Encoded as element 'event1' in the namespace
* for module 'example-one'.
*/
}
} // grouping notification
} }
<CODE ENDS> <CODE ENDS>
8. RESTCONF Monitoring 9. RESTCONF Monitoring
The "ietf-restconf-monitoring" module provides information about the The "ietf-restconf-monitoring" module provides information about the
RESTCONF protocol capabilities and notification event streams RESTCONF protocol capabilities and notification event streams
available from the server. Implementation is mandatory for RESTCONF available from the server. Implementation is mandatory for RESTCONF
servers, if any protocol capabilities or notification event streams servers, if any protocol capabilities or notification event streams
are supported. are supported.
YANG Tree Diagram for "ietf-restconf-monitoring" module: YANG Tree Diagram for "ietf-restconf-monitoring" module:
+--ro restconf-state +--ro restconf-state
skipping to change at page 58, line 18 skipping to change at page 62, line 18
+--ro streams +--ro streams
+--ro stream* [name] +--ro stream* [name]
+--ro name string +--ro name string
+--ro description? string +--ro description? string
+--ro replay-support? boolean +--ro replay-support? boolean
+--ro replay-log-creation-time? yang:date-and-time +--ro replay-log-creation-time? yang:date-and-time
+--ro encoding* [type] +--ro encoding* [type]
+--ro type string +--ro type string
+--ro events inet:uri +--ro events inet:uri
8.1. restconf-state/capabilities 9.1. restconf-state/capabilities
This mandatory container holds the RESTCONF protocol capability URIs This mandatory container holds the RESTCONF protocol capability URIs
supported by the server. supported by the server.
The server MUST maintain a last-modified timestamp for this The server MUST maintain a last-modified timestamp for this
container, and return the "Last-Modified" header when this data node container, and return the "Last-Modified" header when this data node
is retrieved with the GET or HEAD methods. is retrieved with the GET or HEAD methods.
The server SHOULD maintain an entity-tag for this container, and The server SHOULD maintain an entity-tag for this container, and
return the "ETag" header when this data node is retrieved with the return the "ETag" header when this data node is retrieved with the
GET or HEAD methods. GET or HEAD methods.
8.2. restconf-state/streams 9.2. restconf-state/streams
This optional container provides access to the notification event This optional container provides access to the notification event
streams supported by the server. The server MAY omit this container streams supported by the server. The server MAY omit this container
if no notification event streams are supported. if no notification event streams are supported.
The server will populate this container with a stream list entry for The server will populate this container with a stream list entry for
each stream type it supports. Each stream contains a leaf called each stream type it supports. Each stream contains a leaf called
"events" which contains a URI that represents an event stream "events" which contains a URI that represents an event stream
resource. resource.
Stream resources are defined in Section 2.9. Notifications are Stream resources are defined in Section 3.8. Notifications are
defined in Section 5. defined in Section 6.
8.3. RESTCONF Monitoring Module 9.3. RESTCONF Monitoring Module
The "ietf-restconf-monitoring" module defines monitoring information The "ietf-restconf-monitoring" module defines monitoring information
for the RESTCONF protocol. for the RESTCONF protocol.
The "ietf-yang-types" and "ietf-inet-types" modules from [RFC6991] The "ietf-yang-types" and "ietf-inet-types" modules from [RFC6991]
are used by this module for some type definitions. are used by this module for some type definitions.
RFC Ed.: update the date below with the date of RFC publication and RFC Ed.: update the date below with the date of RFC publication and
remove this note. remove this note.
<CODE BEGINS> file "ietf-restconf-monitoring@2014-10-25.yang" <CODE BEGINS> file "ietf-restconf-monitoring@2015-01-30.yang"
module ietf-restconf-monitoring { module ietf-restconf-monitoring {
namespace "urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring"; namespace "urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring";
prefix "rcmon"; prefix "rcmon";
import ietf-yang-types { prefix yang; } import ietf-yang-types { prefix yang; }
import ietf-inet-types { prefix inet; } import ietf-inet-types { prefix inet; }
organization organization
"IETF NETCONF (Network Configuration) Working Group"; "IETF NETCONF (Network Configuration) Working Group";
contact contact
"WG Web: <http://tools.ietf.org/wg/netconf/> "WG Web: <http://tools.ietf.org/wg/netconf/>
WG List: <mailto:netconf@ietf.org> WG List: <mailto:netconf@ietf.org>
WG Chair: Bert Wijnen
<mailto:bertietf@bwijnen.net>
WG Chair: Mehmet Ersue WG Chair: Mehmet Ersue
<mailto:mehmet.ersue@nsn.com> <mailto:mehmet.ersue@nsn.com>
WG Chair: Mahesh Jethanandani
<mailto:mjethanandani@gmail.com>
Editor: Andy Bierman Editor: Andy Bierman
<mailto:andy@yumaworks.com> <mailto:andy@yumaworks.com>
Editor: Martin Bjorklund Editor: Martin Bjorklund
<mailto:mbj@tail-f.com> <mailto:mbj@tail-f.com>
Editor: Kent Watsen Editor: Kent Watsen
<mailto:kwatsen@juniper.net>"; <mailto:kwatsen@juniper.net>";
description description
"This module contains monitoring information for the "This module contains monitoring information for the
RESTCONF protocol. RESTCONF protocol.
Copyright (c) 2014 IETF Trust and the persons identified as Copyright (c) 2015 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
(http://trustee.ietf.org/license-info). (http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see This version of this YANG module is part of RFC XXXX; see
the RFC itself for full legal notices."; the RFC itself for full legal notices.";
// RFC Ed.: replace XXXX with actual RFC number and remove this // RFC Ed.: replace XXXX with actual RFC number and remove this
// note. // note.
// RFC Ed.: remove this note // RFC Ed.: remove this note
// Note: extracted from draft-ietf-netconf-restconf-03.txt // Note: extracted from draft-ietf-netconf-restconf-04.txt
// RFC Ed.: update the date below with the date of RFC publication // RFC Ed.: update the date below with the date of RFC publication
// and remove this note. // and remove this note.
revision 2014-10-25 { revision 2015-01-30 {
description description
"Initial revision."; "Initial revision.";
reference reference
"RFC XXXX: RESTCONF Protocol."; "RFC XXXX: RESTCONF Protocol.";
} }
container restconf-state { container restconf-state {
config false; config false;
description description
"Contains RESTCONF protocol monitoring information."; "Contains RESTCONF protocol monitoring information.";
skipping to change at page 62, line 30 skipping to change at page 66, line 30
} }
} }
} }
} }
} }
} }
<CODE ENDS> <CODE ENDS>
9. YANG Module Library 10. YANG Module Library
The "ietf-yang-library" module provides information about the YANG The "ietf-yang-library" module defined in
[I-D.ietf-netconf-yang-library] provides information about the YANG
modules and submodules used by the RESTCONF server. Implementation modules and submodules used by the RESTCONF server. Implementation
is mandatory for RESTCONF servers. All YANG modules and submodules is mandatory for RESTCONF servers. All YANG modules and submodules
used by the server MUST be identified in the YANG module library. used by the server MUST be identified in the YANG module library.
YANG Tree Diagram for "ietf-yang-library" module: 10.1. modules
+--ro modules
+--ro module-set-id? string
+--ro module* [name revision]
+--ro name yang:yang-identifier
+--ro revision union
+--ro schema? inet:uri
+--ro namespace inet:uri
+--ro feature* yang:yang-identifier
+--ro deviation* yang:yang-identifier
+--ro conformance boolean
+--ro submodules
+--ro submodule* [name revision]
+--ro name yang:yang-identifier
+--ro revision union
+--ro schema? inet:uri
9.1. modules
This mandatory container holds the identifiers for the YANG data This mandatory container holds the identifiers for the YANG data
model modules supported by the server. model modules supported by the server.
The server MUST maintain a last-modified timestamp for this The server MUST maintain a last-modified timestamp for this
container, and return the "Last-Modified" header when this data node container, and return the "Last-Modified" header when this data node
is retrieved with the GET or HEAD methods. is retrieved with the GET or HEAD methods.
The server SHOULD maintain an entity-tag for this container, and The server SHOULD maintain an entity-tag for this container, and
return the "ETag" header when this data node is retrieved with the return the "ETag" header when this data node is retrieved with the
GET or HEAD methods. GET or HEAD methods.
9.1.1. modules/module 10.1.1. modules/module
This mandatory list contains one entry for each YANG data model This mandatory list contains one entry for each YANG data model
module supported by the server. There MUST be an instance of this module supported by the server. There MUST be an instance of this
list for every YANG module that is used by the server. list for every YANG module that is used by the server.
The contents of the "module" list are defined in the "module" YANG The contents of this list are defined in the "module" YANG list
list statement in Section 9.2. statement in [I-D.ietf-netconf-yang-library].
The server MAY maintain a last-modified timestamp for each instance The server MAY maintain a last-modified timestamp for each instance
of this list entry, and return the "Last-Modified" header when this of this list entry, and return the "Last-Modified" header when this
data node is retrieved with the GET or HEAD methods. If not data node is retrieved with the GET or HEAD methods. If not
supported then the timestamp for the parent "modules" container MAY supported then the timestamp for the parent "modules" container MAY
be used instead. be used instead.
The server MAY maintain an entity-tag for each instance of this list The server MAY maintain an entity-tag for each instance of this list
entry, and return the "ETag" header when this data node is retrieved entry, and return the "ETag" header when this data node is retrieved
with the GET or HEAD methods. If not supported then the timestamp with the GET or HEAD methods. If not supported then the timestamp
for the parent "modules" container MAY be used instead. for the parent "modules" container MAY be used instead.
9.2. YANG Library Module 11. IANA Considerations
The "ietf-yang-library" module defines monitoring information for the
YANG modules used by a RESTCONF server.
The "ietf-yang-types" and "ietf-inet-types" modules from [RFC6991]
are used by this module for some type definitions.
RFC Ed.: update the date below with the date of RFC publication and
remove this note.
<CODE BEGINS> file "ietf-yang-library@2014-10-25.yang"
module ietf-yang-library {
namespace "urn:ietf:params:xml:ns:yang:ietf-yang-library";
prefix "yanglib";
import ietf-yang-types { prefix yang; }
import ietf-inet-types { prefix inet; }
organization
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG Web: <http://tools.ietf.org/wg/netconf/>
WG List: <mailto:netconf@ietf.org>
WG Chair: Bert Wijnen
<mailto:bertietf@bwijnen.net>
WG Chair: Mehmet Ersue
<mailto:mehmet.ersue@nsn.com>
Editor: Andy Bierman
<mailto:andy@yumaworks.com>
Editor: Martin Bjorklund
<mailto:mbj@tail-f.com>
Editor: Kent Watsen
<mailto:kwatsen@juniper.net>";
description
"This module contains monitoring information about the YANG
modules and submodules that are used within a RESTCONF
server.
Copyright (c) 2014 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see
the RFC itself for full legal notices.";
// RFC Ed.: replace XXXX with actual RFC number and remove this
// note.
// RFC Ed.: remove this note
// Note: extracted from draft-ietf-netconf-restconf-03.txt
// RFC Ed.: update the date below with the date of RFC publication
// and remove this note.
revision 2014-10-25 {
description
"Initial revision.";
reference
"RFC XXXX: RESTCONF Protocol.";
}
typedef revision-identifier {
type string {
pattern '\d{4}-\d{2}-\d{2}';
}
description
"Represents a specific date in YYYY-MM-DD format.
TBD: make pattern more precise to exclude leading zeros.";
}
grouping module {
description
"The module data structure is represented as a grouping
so it can be reused in configuration or another monitoring
data structure.";
grouping common-leafs {
description
"Common parameters for YANG modules and submodules.";
leaf name {
type yang:yang-identifier;
description "The YANG module or submodule name.";
}
leaf revision {
type union {
type revision-identifier;
type string { length 0; }
}
description
"The YANG module or submodule revision date.
An empty string is used if no revision statement
is present in the YANG module or submodule.";
}
leaf schema {
type inet:uri;
description
"Contains a URL that represents the YANG schema
resource for this module or submodule.
This leaf will only be present if there is a URL
available for retrieval of the schema for this entry.";
}
}
list module {
key "name revision";
description
"Each entry represents one module currently
supported by the server.";
uses common-leafs;
leaf namespace {
type inet:uri;
mandatory true;
description
"The XML namespace identifier for this module.";
}
leaf-list feature {
type yang:yang-identifier;
description
"List of YANG feature names from this module that are
supported by the server.";
}
leaf-list deviation {
type yang:yang-identifier;
description
"List of YANG deviation module names used by this
server to modify the conformance of the module
associated with this entry.";
}
leaf conformance {
type boolean;
mandatory true;
description
"If 'true', then the server is claiming conformance to
the YANG module identified in this entry.
If 'false', then the server is not claiming any
conformance for the YANG module identified by this
entry. The module may be needed for reusable definitions
such as extensions, features, identifies, typedefs,
or groupings.";
}
container submodules {
description
"Contains information about all the submodules used
by the parent module entry";
list submodule {
key "name revision";
description
"Each entry represents one submodule within the
parent module.";
uses common-leafs;
}
}
} // list module
} // grouping module
container modules {
config false;
description
"Contains YANG module monitoring information.";
leaf module-set-id {
type string;
description
"Contains a server-specific identifier representing
the current set of modules and submodules. The
server MUST change the value of this leaf if the
information represented by the 'module' list instances
has changed.";
}
uses module;
}
}
<CODE ENDS>
10. IANA Considerations
10.1. The "restconf" Relation Type 11.1. The "restconf" Relation Type
This specification registers the "restconf" relation type in the Link This specification registers the "restconf" relation type in the Link
Relation Type Registry defined by [RFC5988]: Relation Type Registry defined by [RFC5988]:
Relation Name: restconf Relation Name: restconf
Description: Identifies the root of RESTCONF API as configured Description: Identifies the root of RESTCONF API as configured
on this HTTP server. The "restconf" relation on this HTTP server. The "restconf" relation
defines the root of the API defined in RFCXXXX. defines the root of the API defined in RFCXXXX.
Subsequent revisions of RESTCONF will use alternate Subsequent revisions of RESTCONF will use alternate
relation values to support protocol versioning. relation values to support protocol versioning.
Reference: RFC XXXX Reference: RFC XXXX
` `
10.2. YANG Module Registry 11.2. YANG Module Registry
This document registers three URIs in the IETF XML registry This document registers two URIs in the IETF XML registry [RFC3688].
[RFC3688]. Following the format in RFC 3688, the following Following the format in RFC 3688, the following registration is
registration is requested to be made. requested to be made.
URI: urn:ietf:params:xml:ns:yang:ietf-restconf URI: urn:ietf:params:xml:ns:yang:ietf-restconf
Registrant Contact: The NETMOD WG of the IETF. Registrant Contact: The NETMOD WG of the IETF.
XML: N/A, the requested URI is an XML namespace. XML: N/A, the requested URI is an XML namespace.
URI: urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring URI: urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring
Registrant Contact: The NETMOD WG of the IETF. Registrant Contact: The NETMOD WG of the IETF.
XML: N/A, the requested URI is an XML namespace. XML: N/A, the requested URI is an XML namespace.
URI: urn:ietf:params:xml:ns:yang:ietf-yang-library This document registers two YANG modules in the YANG Module Names
Registrant Contact: The NETMOD WG of the IETF.
XML: N/A, the requested URI is an XML namespace.
This document registers three YANG modules in the YANG Module Names
registry [RFC6020]. registry [RFC6020].
name: ietf-restconf name: ietf-restconf
namespace: urn:ietf:params:xml:ns:yang:ietf-restconf namespace: urn:ietf:params:xml:ns:yang:ietf-restconf
prefix: rc prefix: rc
// RFC Ed.: replace XXXX with RFC number and remove this note // RFC Ed.: replace XXXX with RFC number and remove this note
reference: RFC XXXX reference: RFC XXXX
name: ietf-restconf-monitoring name: ietf-restconf-monitoring
namespace: urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring namespace: urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring
prefix: rcmon prefix: rcmon
// RFC Ed.: replace XXXX with RFC number and remove this note // RFC Ed.: replace XXXX with RFC number and remove this note
reference: RFC XXXX reference: RFC XXXX
name: ietf-yang-library 11.3. application/yang Media Sub Types
namespace: urn:ietf:params:xml:ns:yang:ietf-yang-library
prefix: yanglib
// RFC Ed.: replace XXXX with RFC number and remove this note
reference: RFC XXXX
10.3. application/yang Media Sub Types
The parent MIME media type for RESTCONF resources is application/ The parent MIME media type for RESTCONF resources is application/
yang, which is defined in [RFC6020]. This document defines the yang, which is defined in [RFC6020]. This document defines the
following sub-types for this media type. following sub-types for this media type.
- api - api
- data - data
- datastore - datastore
- collection
- errors - errors
- operation - operation
- stream - stream
Type name: application Type name: application
Subtype name: yang.xxx Subtype name: yang.xxx
Required parameters: TBD Required parameters: TBD
skipping to change at page 70, line 5 skipping to change at page 69, line 29
Encoding considerations: TBD Encoding considerations: TBD
Security considerations: TBD Security considerations: TBD
Interoperability considerations: TBD Interoperability considerations: TBD
// RFC Ed.: replace XXXX with RFC number and remove this note // RFC Ed.: replace XXXX with RFC number and remove this note
Published specification: RFC XXXX Published specification: RFC XXXX
10.4. NETCONF Capability URNs 11.4. RESTCONF Capability URNs
This document registers several capability identifiers in "Network [Note to RFC Editor:
Configuration Protocol (NETCONF) Capability URNs" registry The RESTCONF Protocol Capability Registry does not yet exist;
Need to ask IANA to create it; remove this note for publication
]
This document registers several capability identifiers in "RESTCONF
Protocol Capability URNs" registry
Index Index
Capability Identifier Capability Identifier
------------------------ ------------------------
:content :defaults
urn:ietf:params:restconf:capability:content:1.0 urn:ietf:params:restconf:capability:defaults:1.0
:depth :depth
urn:ietf:params:restconf:capability:depth:1.0 urn:ietf:params:restconf:capability:depth:1.0
:fields
urn:ietf:params:restconf:capability:fields:1.0
:filter :filter
urn:ietf:params:restconf:capability:filter:1.0 urn:ietf:params:restconf:capability:filter:1.0
:insert :insert
urn:ietf:params:restconf:capability:insert:1.0 urn:ietf:params:restconf:capability:insert:1.0
:page
urn:ietf:params:restconf:capability:page:1.0
:select
urn:ietf:params:restconf:capability:select:1.0
:replay :replay
urn:ietf:params:restconf:capability:replay:1.0 urn:ietf:params:restconf:capability:replay:1.0
11. Security Considerations :with-defaults
urn:ietf:params:restconf:capability:with-defaults:1.0
12. Security Considerations
This section provides security considerations for the resources This section provides security considerations for the resources
defined by the RESTCONF protocol. Security considerations for HTTPS defined by the RESTCONF protocol. Security considerations for HTTPS
are defined in [RFC2818]. Security considerations for the content are defined in [RFC2818]. Security considerations for the content
manipulated by RESTCONF can be found in the documents defining data manipulated by RESTCONF can be found in the documents defining data
models. models.
This document does not specify an authentication scheme, but it does This document does not specify an authentication scheme, but it does
require that an authenticated NETCONF username be associated with require that an authenticated NETCONF username be associated with
each HTTP request. The authentication scheme MAY be implemented in each HTTP request. The authentication scheme MAY be implemented in
the underlying transport layer (e.g., client certificates) or within the underlying transport layer (e.g., client certificates) or within
the HTTP layer (e.g., Basic Auth, OAuth, etc.). RESTCONF does not the HTTP layer (e.g., Basic Auth, OAuth, etc.). RESTCONF does not
itself define an authentication mechanism, authentication MUST occur itself define an authentication mechanism, authentication MUST occur
in a lower layer. Implementors SHOULD provide a comprehensive in a lower layer. Implementors SHOULD provide a comprehensive
authorization scheme with RESTCONF and ensure that the resulting authorization scheme with RESTCONF and ensure that the resulting
NETCONF username is made available to the RESTCONF server. NETCONF username is made available to the RESTCONF server.
Authorization of individual user access to operations and data MAY be Authorization of individual user access to operations and data MAY be
configured via NETCONF Access Control Model (NACM) [RFC6536], as configured via NETCONF Access Control Model (NACM) [RFC6536], as
specified in Section 3. Other authorization models MAY be used, but specified in Section 4. Other authorization models MAY be used, but
are outside of the scope of this document. are outside of the scope of this document.
Configuration information is by its very nature sensitive. Its Configuration information is by its very nature sensitive. Its
transmission in the clear and without integrity checking leaves transmission in the clear and without integrity checking leaves
devices open to classic eavesdropping and false data injection devices open to classic eavesdropping and false data injection
attacks. Configuration information often contains passwords, user attacks. Configuration information often contains passwords, user
names, service descriptions, and topological information, all of names, service descriptions, and topological information, all of
which are sensitive. Because of this, this protocol SHOULD be which are sensitive. Because of this, this protocol SHOULD be
implemented carefully with adequate attention to all manner of attack implemented carefully with adequate attention to all manner of attack
one might expect to experience with other management interfaces. one might expect to experience with other management interfaces.
Different environments may well allow different rights prior to and Different environments may well allow different rights prior to and
then after authentication. When an operation is not properly then after authentication. When an operation is not properly
authorized, the RESTCONF server MUST return HTTP error status code authorized, the RESTCONF server MUST return HTTP error status code
401 Unauthorized. Note that authorization information can be 401 Unauthorized. Note that authorization information can be
exchanged in the form of configuration information, which is all the exchanged in the form of configuration information, which is all the
more reason to ensure the security of the connection. more reason to ensure the security of the connection.
12. Acknowledgements 13. Acknowledgements
The authors would like to thank for following for lively discussions The authors would like to thank the following people for their
on list and in the halls (ordered by last name): Rex Fernando contributions to this document: Ladislav Lhotka, Juergen
Schoenwaelder, Rex Fernando, Robert Wilton, and Jonathan Hansford.
13. References 14. References
13.1. Normative References 14.1. Normative References
[I-D.ietf-netmod-json] [I-D.ietf-netconf-yang-library]
Lhotka, L., "Modeling JSON Text with YANG", draft-ietf- Bierman, A., Bjorklund, M., and K. Watsen, "YANG Module
netmod-yang-json-01 (work in progress), October 2014. Library", draft-ietf-netconf-yang-library-00 (work in
progress), January 2015.
[I-D.ietf-netmod-yang-json]
Lhotka, L., "JSON Encoding of Data Modeled with YANG",
draft-ietf-netmod-yang-json-02 (work in progress),
November 2014.
[I-D.lhotka-netmod-yang-metadata] [I-D.lhotka-netmod-yang-metadata]
Lhotka, L., "Defining and Using Metadata with YANG", Lhotka, L., "Defining and Using Metadata with YANG",
draft-lhotka-netmod-yang-metadata-00 (work in progress), draft-lhotka-netmod-yang-metadata-00 (work in progress),
September 2014. September 2014.
[RFC2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
Extensions (MIME) Part Two: Media Types", RFC 2046,
November 1996.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2246] Dierks, T. and C. Allen, "The TLS Protocol, Version 1.0",
RFC 2246, January 1999.
[RFC2396] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform [RFC2396] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifiers (URI): Generic Syntax", RFC 2396, Resource Identifiers (URI): Generic Syntax", RFC 2396,
August 1998. August 1998.
[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
[RFC2818] Rescorla, E., "The IETF XML Registry", RFC 2818, May 2000. [RFC2818] Rescorla, E., "The IETF XML Registry", RFC 2818, May 2000.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
January 2004. January 2004.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66, RFC Resource Identifier (URI): Generic Syntax", STD 66, RFC
3986, January 2005. 3986, January 2005.
[RFC4252] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH)
Authentication Protocol", RFC 4252, January 2006.
[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.2", RFC 5246, August 2008.
[RFC5277] Chisholm, S. and H. Trevino, "NETCONF Event [RFC5277] Chisholm, S. and H. Trevino, "NETCONF Event
Notifications", RFC 5277, July 2008. Notifications", RFC 5277, July 2008.
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
Housley, R., and T. Polk, "Internet X.509 Public Key Housley, R., and T. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 5280, May 2008. (CRL) Profile", RFC 5280, May 2008.
[RFC5789] Dusseault, L. and J. Snell, "PATCH Method for HTTP", RFC [RFC5789] Dusseault, L. and J. Snell, "PATCH Method for HTTP", RFC
5789, March 2010. 5789, March 2010.
[RFC5988] Nottingham, M., "Web Linking", RFC 5988, October 2010. [RFC5988] Nottingham, M., "Web Linking", RFC 5988, October 2010.
[RFC6020] Bjorklund, M., "YANG - A Data Modeling Language for the [RFC6020] Bjorklund, M., "YANG - A Data Modeling Language for the
Network Configuration Protocol (NETCONF)", RFC 6020, Network Configuration Protocol (NETCONF)", RFC 6020,
October 2010. October 2010.
[RFC6125] Saint-Andre, P. and J. Hodges, "Representation and
Verification of Domain-Based Application Service Identity
within Internet Public Key Infrastructure Using X.509
(PKIX) Certificates in the Context of Transport Layer
Security (TLS)", RFC 6125, March 2011.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, June 2011. (NETCONF)", RFC 6241, June 2011.
[RFC6243] Bierman, A. and B. Lengyel, "With-defaults Capability for
NETCONF", RFC 6243, June 2011.
[RFC6415] Hammer-Lahav, E. and B. Cook, "Web Host Metadata", RFC [RFC6415] Hammer-Lahav, E. and B. Cook, "Web Host Metadata", RFC
6415, October 2011. 6415, October 2011.
[RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration
Protocol (NETCONF) Access Control Model", RFC 6536, March Protocol (NETCONF) Access Control Model", RFC 6536, March
2012. 2012.
[RFC6570] Gregorio, J., Fielding, R., Hadley, M., Nottingham, M., [RFC6570] Gregorio, J., Fielding, R., Hadley, M., Nottingham, M.,
and D. Orchard, "URI Template", RFC 6570, March 2012. and D. Orchard, "URI Template", RFC 6570, March 2012.
[RFC6991] Schoenwaelder, J., "Common YANG Data Types", RFC 6991, [RFC6991] Schoenwaelder, J., "Common YANG Data Types", RFC 6991,
July 2013. July 2013.
[RFC7158] Bray, T., Ed., "The JSON Data Interchange Format", RFC [RFC7158] Bray, T., Ed., "The JSON Data Interchange Format", RFC
7158, March 2013. 7158, March 2013.
[RFC7230] Fielding, R. and J. Reschke, "Hypertext Transfer Protocol
(HTTP/1.1): Message Syntax and Routing", RFC 7230, June
2014.
[RFC7231] Fielding, R. and J. Reschke, "Hypertext Transfer Protocol
(HTTP/1.1): Semantics and Content", RFC 7231, June 2014.
[RFC7232] Fielding, R. and J. Reschke, "Hypertext Transfer Protocol
(HTTP/1.1): Conditional Requests", RFC 7232, June 2014.
[RFC7235] Fielding, R. and J. Reschke, "Hypertext Transfer Protocol
(HTTP/1.1): Authentication", RFC 7235, June 2014.
[RFC7320] Nottingham, M., "URI Design and Ownership", BCP 190, RFC
7320, July 2014.
[W3C.CR-eventsource-20121211] [W3C.CR-eventsource-20121211]
Hickson, I., "Server-Sent Events", World Wide Web Hickson, I., "Server-Sent Events", World Wide Web
Consortium CR CR-eventsource-20121211, December 2012, Consortium CR CR-eventsource-20121211, December 2012,
<http://www.w3.org/TR/2012/CR-eventsource-20121211>. <http://www.w3.org/TR/2012/CR-eventsource-20121211>.
[W3C.REC-xml-20081126] [W3C.REC-xml-20081126]
Yergeau, F., Maler, E., Paoli, J., Sperberg-McQueen, C., Yergeau, F., Maler, E., Paoli, J., Sperberg-McQueen, C.,
and T. Bray, "Extensible Markup Language (XML) 1.0 (Fifth and T. Bray, "Extensible Markup Language (XML) 1.0 (Fifth
Edition)", World Wide Web Consortium Recommendation REC- Edition)", World Wide Web Consortium Recommendation REC-
xml-20081126, November 2008, xml-20081126, November 2008,
<http://www.w3.org/TR/2008/REC-xml-20081126>. <http://www.w3.org/TR/2008/REC-xml-20081126>.
[get-off-my-lawn] [draft-ietf-httpauth-basicauth-update-03]
Nottingham, M., "URI Design and Ownership", Best Current Reschke, J., "The 'Basic' HTTP Authentication Scheme",
Practice draft-ietf-appsawg-uri-get-off-my-lawn-05, May draft-ietf-httpauth-basicauth-update-03 (work in
2014. progress), Dec 2014.
[draft-ietf-httpauth-digest-09]
Shekh-Yusef, R., Reschke, D., and S. Bremer, "HTTP Digest
Access Authentication", draft-ietf-httpauth-digest-09
(work in progress), Dec 2014.
[draft-ietf-netconf-rfc5539bis-07]
Badra, M., Luchuk, A., and J. Schoenwaelder, "Using the
NETCONF Protocol over Transport Layer Security (TLS) with
Mutual X.509 Authentication", draft-ietf-netconf-
rfc5539bis-07 (work in progress), Dec 2014.
[draft-thomson-httpbis-cant-01]
Thomson, M., "Client Authentication over New TLS
Connection", draft-thomson-httpbis-cant-01 (work in
progress), Jul 2014.
[rest-dissertation] [rest-dissertation]
Fielding, R., "Architectural Styles and the Design of Fielding, R., "Architectural Styles and the Design of
Network-based Software Architectures", 2000. Network-based Software Architectures", 2000.
13.2. Informative References 14.2. Informative References
[I-D.ietf-netconf-yang-patch]
Bierman, A., Bjorklund, M., and K. Watsen, "YANG Patch
Media Type", draft-ietf-netconf-yang-patch-03 (work in
progress), January 2015.
[XPath] Clark, J. and S. DeRose, "XML Path Language (XPath) [XPath] Clark, J. and S. DeRose, "XML Path Language (XPath)
Version 1.0", World Wide Web Consortium Recommendation Version 1.0", World Wide Web Consortium Recommendation
REC-xpath-19991116, November 1999, REC-xpath-19991116, November 1999,
<http://www.w3.org/TR/1999/REC-xpath-19991116>. <http://www.w3.org/TR/1999/REC-xpath-19991116>.
Appendix A. Change Log Appendix A. Change Log
-- RFC Ed.: remove this section before publication. -- RFC Ed.: remove this section before publication.
A.1. 02 - 03 The RESTCONF issue tracker can be found here: https://github.com/
netconf-wg/restconf/issues
A.1. 03 - 04
o renamed 'select' to 'fields' (#1)
o moved collection resource and page capability to draft-ietf-
netconf-restconf-collection-00 (#3)
o added mandatory "defaults" protocol capability URI (#4)
o added optional "with-defaults" query parameter URI (#4)
o clarified authentication procedure (#9)
o moved ietf-yang-library module to draft-ietf-netconf-yang-
library-00 (#13)
o clarified that JSON encoding of module name in a URI MUST follow
the netmod-yang-json encoding rules (#14)
o added restconf-media-type extension (#15)
o remove 'content" query parameter URI and made this parameter
mandatory (#16)
o clarified datastore usage
o changed lock-denied error example
o added with-defaults query parameter example
o added term "RESTCONF Capability"
o changed NETCONF Capability URI registry usage to new RESTCONF
Capability URI Registry usage
A.2. 02 - 03
o added collection resource o added collection resource
o added "page" query parameter capability o added "page" query parameter capability
o added "limit" and "offset" query parameters, which are available o added "limit" and "offset" query parameters, which are available
if the "page" capability is supported if the "page" capability is supported
o added "stream list" term o added "stream list" term
skipping to change at page 74, line 4 skipping to change at page 75, line 42
o added collection resource o added collection resource
o added "page" query parameter capability o added "page" query parameter capability
o added "limit" and "offset" query parameters, which are available o added "limit" and "offset" query parameters, which are available
if the "page" capability is supported if the "page" capability is supported
o added "stream list" term o added "stream list" term
o fixed bugs in some examples o fixed bugs in some examples
o added "encoding" list within the "stream" list to allow different o added "encoding" list within the "stream" list to allow different
<events> URLs for XML and JSON encoding. <events> URLs for XML and JSON encoding.
o made XML MUST implement and JSON MAY implement for servers o made XML MUST implement and JSON MAY implement for servers
o re-add JSON notification examples (previously removed) o re-add JSON notification examples (previously removed)
o updated JSON references o updated JSON references
A.2. 01 - 02 A.3. 01 - 02
o moved query parameter definitions from the YANG module back to the o moved query parameter definitions from the YANG module back to the
plain text sections plain text sections
o made all query parameters optional to implement o made all query parameters optional to implement
o defined query parameter capability URI o defined query parameter capability URI
o moved 'streams' to new YANG module (ietf-restconf-monitoring) o moved 'streams' to new YANG module (ietf-restconf-monitoring)
skipping to change at page 75, line 5 skipping to change at page 76, line 43
information is no longer in this resource information is no longer in this resource
o closed issue #1 'select parameter' since no objections to the o closed issue #1 'select parameter' since no objections to the
proposed syntax proposed syntax
o closed "encoding of list keys" issue since no objection to new o closed "encoding of list keys" issue since no objection to new
encoding of list keys in a target resource URI. encoding of list keys in a target resource URI.
o moved open issues list to the issue tracker on github o moved open issues list to the issue tracker on github
A.3. 00 - 01 A.4. 00 - 01
o fixed content=nonconfig example (non-config was incorrect) o fixed content=nonconfig example (non-config was incorrect)
o closed open issue 'message-id'. There is no need for a message-id o closed open issue 'message-id'. There is no need for a message-id
field, and RFC 2392 does not apply. field, and RFC 2392 does not apply.
o closed open issue 'server support verification'. The headers used o closed open issue 'server support verification'. The headers used
by RESTCONF are widely supported. by RESTCONF are widely supported.
o removed encoding rules from section on RESTCONF Meta-Data. This o removed encoding rules from section on RESTCONF Meta-Data. This
is now defined in "I-D.lhotka-netmod-json". is now defined in "I-D.lhotka-netmod-yang-json".
o added media type application/yang.errors to map to errors YANG o added media type application/yang.errors to map to errors YANG
grouping. Updated error examples to use new media type. grouping. Updated error examples to use new media type.
o closed open issue 'additional datastores'. Support may be added o closed open issue 'additional datastores'. Support may be added
in the future to identify new datastores. in the future to identify new datastores.
o closed open issue 'PATCH media type discovery'. The section on o closed open issue 'PATCH media type discovery'. The section on
PATCH has an added sentence on the Accept-Patch header. PATCH has an added sentence on the Accept-Patch header.
skipping to change at page 76, line 5 skipping to change at page 77, line 39
the RESTCONF API using the /.well-known/host-meta. the RESTCONF API using the /.well-known/host-meta.
o added an "error" media type to for structured error messages o added an "error" media type to for structured error messages
o added Secure Transport section requiring TLS o added Secure Transport section requiring TLS
o added Security Considerations section o added Security Considerations section
o removed all references to "REST-like" o removed all references to "REST-like"
A.4. bierman:restconf-04 to ietf:restconf-00 A.5. bierman:restconf-04 to ietf:restconf-00
o updated open issues section o updated open issues section
Appendix B. Open Issues Appendix B. Open Issues
-- RFC Ed.: remove this section before publication. -- RFC Ed.: remove this section before publication.
The RESTCONF issues are tracked on github.com: The RESTCONF issues are tracked on github.com:
https://github.com/netconf-wg/restconf/issues https://github.com/netconf-wg/restconf/issues
skipping to change at page 82, line 15 skipping to change at page 84, line 8
mandatory true; mandatory true;
description "Song number in playlist to play"; description "Song number in playlist to play";
} }
} }
} }
} }
Appendix D. RESTCONF Message Examples Appendix D. RESTCONF Message Examples
The examples within this document use the normative YANG module The examples within this document use the normative YANG module
defined in Section 7 and the non-normative example YANG module defined in Section 8 and the non-normative example YANG module
defined in Appendix C.1. defined in Appendix C.1.
This section shows some typical RESTCONF message exchanges. This section shows some typical RESTCONF message exchanges.
D.1. Resource Retrieval Examples D.1. Resource Retrieval Examples
D.1.1. Retrieve the Top-level API Resource D.1.1. Retrieve the Top-level API Resource
The client may start by retrieving the top-level API resource, using The client may start by retrieving the top-level API resource, using
the entry point URI "{+restconf}". the entry point URI "{+restconf}".
GET /restconf HTTP/1.1 GET /restconf HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.api+json, Accept: application/yang.api+json
application/yang.errors+json
The server might respond as follows: The server might respond as follows:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:01:00 GMT Date: Mon, 23 Apr 2012 17:01:00 GMT
Server: example-server Server: example-server
Content-Type: application/yang.api+json Content-Type: application/yang.api+json
{ {
"ietf-restconf:restconf": { "ietf-restconf:restconf": {
skipping to change at page 83, line 7 skipping to change at page 84, line 45
"play" : [ null ] "play" : [ null ]
} }
} }
} }
To request that the response content to be encoded in XML, the To request that the response content to be encoded in XML, the
"Accept" header can be used, as in this example request: "Accept" header can be used, as in this example request:
GET /restconf HTTP/1.1 GET /restconf HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.api+xml, Accept: application/yang.api+xml
application/yang.errors+xml
The server will return the same response either way, which might be The server will return the same response either way, which might be
as follows : as follows :
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:01:00 GMT Date: Mon, 23 Apr 2012 17:01:00 GMT
Server: example-server Server: example-server
Cache-Control: no-cache Cache-Control: no-cache
Pragma: no-cache Pragma: no-cache
Content-Type: application/yang.api+xml Content-Type: application/yang.api+xml
<restconf xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf"> <restconf xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf">
<data/> <data/>
<operations> <operations>
<play xmlns="http://example.com/ns/example-jukebox"/> <play xmlns="https://example.com/ns/example-jukebox"/>
</operations> </operations>
</restconf> </restconf>
D.1.2. Retrieve The Server Module Information D.1.2. Retrieve The Server Module Information
In this example the client is retrieving the modules information from In this example the client is retrieving the modules information from
the server in JSON format: the server in JSON format:
GET /restconf/data/ietf-yang-library:modules HTTP/1.1 GET /restconf/data/ietf-yang-library:modules HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond as follows. The server might respond as follows.
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:01:00 GMT Date: Mon, 23 Apr 2012 17:01:00 GMT
Server: example-server Server: example-server
Cache-Control: no-cache Cache-Control: no-cache
Pragma: no-cache Pragma: no-cache
Last-Modified: Sun, 22 Apr 2012 01:00:14 GMT Last-Modified: Sun, 22 Apr 2012 01:00:14 GMT
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
{ {
"ietf-yang-library:modules": { "ietf-yang-library:modules": {
"module": [ "module": [
{ {
"name" : "foo", "name" : "foo",
"revision" : "2012-01-02", "revision" : "2012-01-02",
"schema" : "http://example.com/mymodules/foo/2012-01-02", "schema" : "https://example.com/mymodules/foo/2012-01-02",
"namespace" : "http://example.com/ns/foo", "namespace" : "http://example.com/ns/foo",
"feature" : [ "feature1", "feature2" ], "feature" : [ "feature1", "feature2" ],
"conformance" : true "conformance" : true
}, },
{ {
"name" : "foo-types", "name" : "foo-types",
"revision" : "2012-01-05", "revision" : "2012-01-05",
"schema" : "schema" :
"http://example.com/mymodules/foo-types/2012-01-05",
"schema" : [null], "https://example.com/mymodules/foo-types/2012-01-05",
"namespace" : "http://example.com/ns/foo-types", "schema" : [null],
"conformance" : false "namespace" : "http://example.com/ns/foo-types",
}, "conformance" : false
{ },
"name" : "bar", {
"revision" : "2012-11-05", "name" : "bar",
"schema" : "http://example.com/mymodules/bar/2012-11-05", "revision" : "2012-11-05",
"namespace" : "http://example.com/ns/bar", "schema" : "https://example.com/mymodules/bar/2012-11-05",
"feature" : [ "bar-ext" ], "namespace" : "http://example.com/ns/bar",
"conformance" : true, "feature" : [ "bar-ext" ],
"submodule" : [ "conformance" : true,
{ "submodule" : [
"name" : "bar-submod1", {
"revision" : "2012-11-05", "name" : "bar-submod1",
"schema" : "revision" : "2012-11-05",
"http://example.com/mymodules/bar-submod1/2012-11-05" "schema" :
}, "https://example.com/mymodules/bar-submod1/2012-11-05"
{ },
"name" : "bar-submod2", {
"revision" : "2012-11-05", "name" : "bar-submod2",
"schema" : "revision" : "2012-11-05",
"http://example.com/mymodules/bar-submod2/2012-11-05" "schema" :
} "https://example.com/mymodules/bar-submod2/2012-11-05"
] }
} ]
] }
} ]
} }
}
D.1.3. Retrieve The Server Capability Information D.1.3. Retrieve The Server Capability Information
In this example the client is retrieving the capability information In this example the client is retrieving the capability information
from the server in JSON format, and the server supports all the from the server in JSON format, and the server supports all the
RESTCONF query parameters, plus one vendor parameter: RESTCONF query parameters, plus one vendor parameter:
GET /restconf/data/ietf-restconf-monitoring:restconf-state/ GET /restconf/data/ietf-restconf-monitoring:restconf-state/
capabilities HTTP/1.1 capabilities HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond as follows. The server might respond as follows.
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:02:00 GMT Date: Mon, 23 Apr 2012 17:02:00 GMT
Server: example-server Server: example-server
Cache-Control: no-cache Cache-Control: no-cache
Pragma: no-cache Pragma: no-cache
Last-Modified: Sun, 22 Apr 2012 01:00:14 GMT Last-Modified: Sun, 22 Apr 2012 01:00:14 GMT
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
{ {
"ietf-restconf-monitoring:capabilities": { "ietf-restconf-monitoring:capabilities": {
"capability": [ "capability": [
"urn:ietf:params:restconf:capability:content:1.0", "urn:ietf:params:restconf:capability:content:1.0",
"urn:ietf:params:restconf:capability:depth:1.0", "urn:ietf:params:restconf:capability:depth:1.0",
"urn:ietf:params:restconf:capability:fields:1.0",
"urn:ietf:params:restconf:capability:filter:1.0", "urn:ietf:params:restconf:capability:filter:1.0",
"urn:ietf:params:restconf:capability:insert:1.0", "urn:ietf:params:restconf:capability:insert:1.0",
"urn:ietf:params:restconf:capability:point:1.0", "urn:ietf:params:restconf:capability:point:1.0",
"urn:ietf:params:restconf:capability:select:1.0",
"urn:ietf:params:restconf:capability:start-time:1.0", "urn:ietf:params:restconf:capability:start-time:1.0",
"urn:ietf:params:restconf:capability:stop-time:1.0", "urn:ietf:params:restconf:capability:stop-time:1.0",
"http://example.com/capabilities/myparam" "http://example.com/capabilities/myparam"
] ]
} }
} }
D.2. Edit Resource Examples D.2. Edit Resource Examples
D.2.1. Create New Data Resources D.2.1. Create New Data Resources
skipping to change at page 86, line 12 skipping to change at page 88, line 8
} }
} }
If the resource is created, the server might respond as follows. If the resource is created, the server might respond as follows.
Note that the "Location" header line is wrapped for display purposes Note that the "Location" header line is wrapped for display purposes
only: only:
HTTP/1.1 201 Created HTTP/1.1 201 Created
Date: Mon, 23 Apr 2012 17:02:00 GMT Date: Mon, 23 Apr 2012 17:02:00 GMT
Server: example-server Server: example-server
Location: http://example.com/restconf/data/ Location: https://example.com/restconf/data/
example-jukebox:jukebox/library/artist=Foo%20Fighters example-jukebox:jukebox/library/artist=Foo%20Fighters
Last-Modified: Mon, 23 Apr 2012 17:02:00 GMT Last-Modified: Mon, 23 Apr 2012 17:02:00 GMT
ETag: b3830f23a4c ETag: b3830f23a4c
To create a new "album" resource for this artist within the "jukebox" To create a new "album" resource for this artist within the "jukebox"
resource, the client might send the following request. Note that the resource, the client might send the following request. Note that the
request URI header line is wrapped for display purposes only: request URI header line is wrapped for display purposes only:
POST /restconf/data/example-jukebox:jukebox/ POST /restconf/data/example-jukebox:jukebox/
library/artist=Foo%20Fighters HTTP/1.1 library/artist=Foo%20Fighters HTTP/1.1
skipping to change at page 86, line 41 skipping to change at page 88, line 37
} }
} }
If the resource is created, the server might respond as follows. If the resource is created, the server might respond as follows.
Note that the "Location" header line is wrapped for display purposes Note that the "Location" header line is wrapped for display purposes
only: only:
HTTP/1.1 201 Created HTTP/1.1 201 Created
Date: Mon, 23 Apr 2012 17:03:00 GMT Date: Mon, 23 Apr 2012 17:03:00 GMT
Server: example-server Server: example-server
Location: http://example.com/restconf/data/ Location: https://example.com/restconf/data/
example-jukebox:jukebox/library/artist=Foo%20Fighters/ example-jukebox:jukebox/library/artist=Foo%20Fighters/
album=Wasting%20Light album=Wasting%20Light
Last-Modified: Mon, 23 Apr 2012 17:03:00 GMT Last-Modified: Mon, 23 Apr 2012 17:03:00 GMT
ETag: b8389233a4c ETag: b8389233a4c
D.2.2. Detect Resource Entity Tag Change D.2.2. Detect Resource Entity Tag Change
In this example, the server just supports the mandatory datastore In this example, the server just supports the mandatory datastore
last-changed timestamp. The client has previously retrieved the last-changed timestamp. The client has previously retrieved the
"Last-Modified" header and has some value cached to provide in the "Last-Modified" header and has some value cached to provide in the
following request to patch an "album" list entry with key value following request to patch an "album" list entry with key value
"Wasting Light". Only the "year" field is being updated. "Wasting Light". Only the "year" field is being updated.
PATCH /restconf/data/example-jukebox:jukebox/ PATCH /restconf/data/example-jukebox:jukebox/
library/artist=Foo%20Fighters/album=Wasting%20Light/year library/artist=Foo%20Fighters/album=Wasting%20Light/year
HTTP/1.1 HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
If-Unmodified-Since: Mon, 23 Apr 2012 17:01:00 GMT If-Unmodified-Since: Mon, 23 Apr 2012 17:01:00 GMT
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
{ "example-jukebox:year" : "2011" } { "example-jukebox:year" : "2011" }
In this example the datastore resource has changed since the time In this example the datastore resource has changed since the time
specified in the "If-Unmodified-Since" header. The server might specified in the "If-Unmodified-Since" header. The server might
respond: respond:
HTTP/1.1 412 Precondition Failed HTTP/1.1 412 Precondition Failed
skipping to change at page 88, line 4 skipping to change at page 89, line 49
leaf name { type string; } leaf name { type string; }
leaf description { type string; } leaf description { type string; }
leaf event-count { leaf event-count {
type uint32; type uint32;
config false; config false;
} }
} }
} }
Example 1: content=all Example 1: content=all
To retrieve all the child resources, the "content" parameter is set To retrieve all the child resources, the "content" parameter is set
to "all". The client might send: to "all". The client might send:
GET /restconf/data/example-events:events?content=all GET /restconf/data/example-events:events?content=all
HTTP/1.1 HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond: The server might respond:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:11:30 GMT Date: Mon, 23 Apr 2012 17:11:30 GMT
Server: example-server Server: example-server
Cache-Control: no-cache Cache-Control: no-cache
Pragma: no-cache Pragma: no-cache
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
skipping to change at page 88, line 49 skipping to change at page 90, line 46
Example 2: content=config Example 2: content=config
To retrieve only the configuration child resources, the "content" To retrieve only the configuration child resources, the "content"
parameter is set to "config" or omitted since this is the default parameter is set to "config" or omitted since this is the default
value. Note that the "ETag" and "Last-Modified" headers are only value. Note that the "ETag" and "Last-Modified" headers are only
returned if the content parameter value is "config". returned if the content parameter value is "config".
GET /restconf/data/example-events:events?content=config GET /restconf/data/example-events:events?content=config
HTTP/1.1 HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond: The server might respond:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:11:30 GMT Date: Mon, 23 Apr 2012 17:11:30 GMT
Server: example-server Server: example-server
Last-Modified: Mon, 23 Apr 2012 13:01:20 GMT Last-Modified: Mon, 23 Apr 2012 13:01:20 GMT
ETag: eeeada438af ETag: eeeada438af
Cache-Control: no-cache Cache-Control: no-cache
Pragma: no-cache Pragma: no-cache
skipping to change at page 89, line 41 skipping to change at page 91, line 39
Example 3: content=nonconfig Example 3: content=nonconfig
To retrieve only the non-configuration child resources, the "content" To retrieve only the non-configuration child resources, the "content"
parameter is set to "nonconfig". Note that configuration ancestors parameter is set to "nonconfig". Note that configuration ancestors
(if any) and list key leafs (if any) are also returned. The client (if any) and list key leafs (if any) are also returned. The client
might send: might send:
GET /restconf/data/example-events:events?content=nonconfig GET /restconf/data/example-events:events?content=nonconfig
HTTP/1.1 HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond: The server might respond:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:11:30 GMT Date: Mon, 23 Apr 2012 17:11:30 GMT
Server: example-server Server: example-server
Cache-Control: no-cache Cache-Control: no-cache
Pragma: no-cache Pragma: no-cache
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
skipping to change at page 90, line 45 skipping to change at page 92, line 45
Example 1: depth=unbounded Example 1: depth=unbounded
To retrieve all the child resources, the "depth" parameter is not To retrieve all the child resources, the "depth" parameter is not
present or set to the default value "unbounded". Note that some present or set to the default value "unbounded". Note that some
strings are wrapped for display purposes only. strings are wrapped for display purposes only.
GET /restconf/data/example-jukebox:jukebox?depth=unbounded GET /restconf/data/example-jukebox:jukebox?depth=unbounded
HTTP/1.1 HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond: The server might respond:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:11:30 GMT Date: Mon, 23 Apr 2012 17:11:30 GMT
Server: example-server Server: example-server
Cache-Control: no-cache Cache-Control: no-cache
Pragma: no-cache Pragma: no-cache
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
skipping to change at page 91, line 46 skipping to change at page 93, line 45
} }
] ]
}, },
"playlist" : [ "playlist" : [
{ {
"name" : "Foo-One", "name" : "Foo-One",
"description" : "example playlist 1", "description" : "example playlist 1",
"song" : [ "song" : [
{ {
"index" : 1, "index" : 1,
"id" : "http://example.com/restconf/data/ "id" : "https://example.com/restconf/data/
example-jukebox:jukebox/library/artist= example-jukebox:jukebox/library/artist=
Foo%20Fighters/album/Wasting%20Light/ Foo%20Fighters/album/Wasting%20Light/
song/Rope" song/Rope"
}, },
{ {
"index" : 2, "index" : 2,
"id" : "http://example.com/restconf/data/ "id" : "https://example.com/restconf/data/
example-jukebox:jukebox/library/artist= example-jukebox:jukebox/library/artist=
Foo%20Fighters/album/Wasting%20Light/song/ Foo%20Fighters/album/Wasting%20Light/song/
Bridge%20Burning" Bridge%20Burning"
} }
] ]
} }
], ],
"player" : { "player" : {
"gap" : 0.5 "gap" : 0.5
} }
} }
} }
Example 2: depth=1 Example 2: depth=1
To determine if 1 or more resource instances exist for a given target To determine if 1 or more resource instances exist for a given target
resource, the value "1" is used. resource, the value "1" is used.
GET /restconf/data/example-jukebox:jukebox?depth=1 HTTP/1.1 GET /restconf/data/example-jukebox:jukebox?depth=1 HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond: The server might respond:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:11:30 GMT Date: Mon, 23 Apr 2012 17:11:30 GMT
Server: example-server Server: example-server
Cache-Control: no-cache Cache-Control: no-cache
Pragma: no-cache Pragma: no-cache
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
skipping to change at page 92, line 49 skipping to change at page 94, line 47
"example-jukebox:jukebox" : [null] "example-jukebox:jukebox" : [null]
} }
Example 3: depth=3 Example 3: depth=3
To limit the depth level to the target resource plus 2 child resource To limit the depth level to the target resource plus 2 child resource
layers the value "3" is used. layers the value "3" is used.
GET /restconf/data/example-jukebox:jukebox?depth=3 HTTP/1.1 GET /restconf/data/example-jukebox:jukebox?depth=3 HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond: The server might respond:
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:11:30 GMT Date: Mon, 23 Apr 2012 17:11:30 GMT
Server: example-server Server: example-server
Cache-Control: no-cache Cache-Control: no-cache
Pragma: no-cache Pragma: no-cache
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
skipping to change at page 93, line 32 skipping to change at page 95, line 30
"description" : "example playlist 1", "description" : "example playlist 1",
"song" : [ null ] "song" : [ null ]
} }
], ],
"player" : { "player" : {
"gap" : 0.5 "gap" : 0.5
} }
} }
} }
D.3.3. "select" Parameter D.3.3. "fields" Parameter
In this example the client is retrieving the API resource, but In this example the client is retrieving the API resource, but
selecting only the "name" and "revision" nodes from each module, in retrieving only the "name" and "revision" nodes from each module, in
JSON format: JSON format:
GET /restconf/data?select=modules/module(name;revision) HTTP/1.1 GET /restconf/data?fields=modules/module(name;revision) HTTP/1.1
Host: example.com Host: example.com
Accept: application/yang.data+json, Accept: application/yang.data+json
application/yang.errors+json
The server might respond as follows. The server might respond as follows.
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:01:00 GMT Date: Mon, 23 Apr 2012 17:01:00 GMT
Server: example-server Server: example-server
Content-Type: application/yang.data+json Content-Type: application/yang.data+json
{ {
"ietf-yang-library:modules": { "ietf-yang-library:modules": {
"module": [ "module": [
{ {
"name" : "example-jukebox", "name" : "example-jukebox",
"revision" : "2014-07-03" "revision" : "2014-07-03"
}, },
{ {
"name" : "ietf-restconf-monitoring", "name" : "ietf-restconf-monitoring",
"revision" : "2014-10-25" "revision" : "2015-01-30"
}, },
{ {
"name" : "ietf-yang-library", "name" : "ietf-yang-library",
"revision" : "2014-10-25" "revision" : "2015-01-30"
} }
] ]
} }
} }
D.3.4. "insert" Parameter D.3.4. "insert" Parameter
In this example, a new first entry in the "Foo-One" playlist is being In this example, a new first entry in the "Foo-One" playlist is being
created. created.
skipping to change at page 95, line 9 skipping to change at page 97, line 9
artist=Foo%20Fighters/album/Wasting%20Light/song/Rope" artist=Foo%20Fighters/album/Wasting%20Light/song/Rope"
} }
} }
Response from server: Response from server:
HTTP/1.1 201 Created HTTP/1.1 201 Created
Date: Mon, 23 Apr 2012 13:01:20 GMT Date: Mon, 23 Apr 2012 13:01:20 GMT
Server: example-server Server: example-server
Last-Modified: Mon, 23 Apr 2012 13:01:20 GMT Last-Modified: Mon, 23 Apr 2012 13:01:20 GMT
Location: http://example.com/restconf/data/ Location: https://example.com/restconf/data/
example-jukebox:jukebox/playlist=Foo-One/song=1 example-jukebox:jukebox/playlist=Foo-One/song=1
ETag: eeeada438af ETag: eeeada438af
D.3.5. "point" Parameter D.3.5. "point" Parameter
In this example, the client is inserting a new "song" resource within In this example, the client is inserting a new "song" resource within
an "album" resource after another song. The request URI is split for an "album" resource after another song. The request URI is split for
display purposes only. display purposes only.
Request from client: Request from client:
skipping to change at page 95, line 41 skipping to change at page 97, line 41
"name" : "Rope", "name" : "Rope",
"location" : "/media/foo/a7/rope.mp3", "location" : "/media/foo/a7/rope.mp3",
"format" : "MP3", "format" : "MP3",
"length" : 259 "length" : 259
} }
} }
Response from server: Response from server:
HTTP/1.1 204 No Content HTTP/1.1 204 No Content
Date: Mon, 23 Apr 2012 13:01:20 GMT
Server: example-server
Last-Modified: Mon, 23 Apr 2012 13:01:20 GMT
ETag: abcada438af
D.3.6. "limit" Parameter
In this example, the client requests the first two "album" resources
for a given artist:
Request from client:
GET /restconf/data/example-jukebox:jukebox/
library/artist=Foo%20Fighters/album/?limit=2 HTTP/1.1
Host: example.com
Content-Type: application/yang.collection+xml
Response from server: 1. Date: Mon, 23 Apr 2012 13:01:20 GMT Server: example-server Last-
Modified: Mon, 23 Apr 2012 13:01:20 GMT ETag: abcada438af
HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:01:00 GMT
Server: example-server
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/yang.collection+xml
<collection xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf"
<album xmlns="http://example.com/ns/example-jukebox">
<name>Foo Fighters</name>
<year>1995</year>
...
</album>
<album xmlns="http://example.com/ns/example-jukebox">
<name>The Color and the Shape</name>
<year>1997</year>
...
</album>
</collection>
D.3.7. "offset" Parameter
In this example, the client requests the next two albums, i.e., two
albums starting from two.
Request from client:
GET /restconf/data/example-jukebox:jukebox/
library/artist=Foo%20Fighters/album/?limit=2&offset=2 HTTP/1.1
Host: example.com
Content-Type: application/yang.collection+json
Response from server:
HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:02:00 GMT
Server: example-server
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/yang.collection+json
{
"collection": {
"example-jukebox:album" : [
{
"year" : 1999,
"name" : "There is Nothing Left to Loose",
...
},
{
"year" : 2002,
"name" : "One by One",
...
}
]
}
}
D.3.8. "filter" Parameter D.3.6. "filter" Parameter
The following URIs show some examples of notification filter The following URIs show some examples of notification filter
specifications (lines wrapped for display purposes only): specifications (lines wrapped for display purposes only):
// filter = /event/event-class='fault' // filter = /event/event-class='fault'
GET /mystreams/NETCONF?filter=%2Fevent%2Fevent-class%3D'fault' GET /mystreams/NETCONF?filter=%2Fevent%2Fevent-class%3D'fault'
// filter = /event/severity<=4 // filter = /event/severity<=4
GET /mystreams/NETCONF?filter=%2Fevent%2Fseverity%3C%3D4 GET /mystreams/NETCONF?filter=%2Fevent%2Fseverity%3C%3D4
skipping to change at page 98, line 29 skipping to change at page 98, line 29
GET /mystreams/critical-syslog? GET /mystreams/critical-syslog?
filter=%2F*%2Femail-addr[contains(.%2C'company.com')] filter=%2F*%2Femail-addr[contains(.%2C'company.com')]
// Note: the module name is used as prefix. // Note: the module name is used as prefix.
// filter = (/example-mod:event1/name='joe' and // filter = (/example-mod:event1/name='joe' and
// /example-mod:event1/status='online') // /example-mod:event1/status='online')
GET /mystreams/NETCONF? GET /mystreams/NETCONF?
filter=(%2Fexample-mod%3Aevent1%2Fname%3D'joe'%20and filter=(%2Fexample-mod%3Aevent1%2Fname%3D'joe'%20and
%20%2Fexample-mod%3Aevent1%2Fstatus%3D'online') %20%2Fexample-mod%3Aevent1%2Fstatus%3D'online')
D.3.9. "start-time" Parameter D.3.7. "start-time" Parameter
// start-time = 2014-10-25T10:02:00Z // start-time = 2014-10-25T10:02:00Z
GET /mystreams/NETCONF?start-time=2014-10-25T10%3A02%3A00Z GET /mystreams/NETCONF?start-time=2014-10-25T10%3A02%3A00Z
D.3.10. "stop-time" Parameter D.3.8. "stop-time" Parameter
// stop-time = 2014-10-25T12:31:00Z // stop-time = 2014-10-25T12:31:00Z
GET /mystreams/NETCONF?stop-time=2014-10-25T12%3A31%3A00Z GET /mystreams/NETCONF?stop-time=2014-10-25T12%3A31%3A00Z
D.3.9. "with-defaults" Parameter
Assume the same data model as defined in Appendix A.1 of [RFC6243].
Assume the same data set as defined in Appendix A.2 of [RFC6243]. If
the server defaults-uri basic-mode is "trim", the the following
request for interface "eth1" might be as follows:
Without query parameter:
GET /restconf/data/interfaces/interface=eth1 HTTP/1.1
Host: example.com
Accept: application/yang.data+json
The server might respond as follows.
HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:01:00 GMT
Server: example-server
Content-Type: application/yang.data+json
{
"example:interface": [
{
"name" : "eth1",
"status" : "up"
}
]
}
Note that the "mtu" leaf is missing because it is set to the default
"1500", and the server defaults handling basic-mode is "trim".
With query parameter:
GET /restconf/data/interfaces/interface=eth1
?with-defaults=report-all HTTP/1.1
Host: example.com
Accept: application/yang.data+json
The server might respond as follows.
HTTP/1.1 200 OK
Date: Mon, 23 Apr 2012 17:01:00 GMT
Server: example-server
Content-Type: application/yang.data+json
{
"example:interface": [
{
"name" : "eth1",
"mtu" : 1500,
"status" : "up"
}
]
}
Note that the server returns the "mtu" leaf because the "report-all"
mode was requested with the "with-defaults" query parameter.
Authors' Addresses Authors' Addresses
Andy Bierman Andy Bierman
YumaWorks YumaWorks
Email: andy@yumaworks.com Email: andy@yumaworks.com
Martin Bjorklund Martin Bjorklund
Tail-f Systems Tail-f Systems
 End of changes. 335 change blocks. 
1155 lines changed or deleted 1181 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/