RESTCONF (RESTful Configuration Protocol) is a network management protocol designed to provide a simplified, REST-based interface for managing network devices using HTTP methods. RESTCONF builds on the capabilities of NETCONF by making network device configuration and operational data accessible over the ubiquitous HTTP/HTTPS protocol, allowing for easy integration with web-based tools and services. It leverages the YANG data modeling language to represent configuration and operational data, providing a modern, API-driven approach to managing network infrastructure. Lets explore the fundamentals of RESTCONF, its architecture, how it compares with NETCONF, the use cases it serves, and the benefits and drawbacks of adopting it in your network.
What Is RESTCONF?
RESTCONF (Representational State Transfer Configuration) is defined in RFC 8040 and provides a RESTful API that enables network operators to access, configure, and manage network devices using HTTP methods such as GET, POST, PUT, PATCH, and DELETE. Unlike NETCONF, which uses a more complex XML-based communication, RESTCONF adopts a simple REST architecture, making it easier to work with in web-based environments and for integration with modern network automation tools.
Key Features:
- HTTP-based: RESTCONF is built on the widely-adopted HTTP/HTTPS protocols, making it compatible with web services and modern applications.
- Data Model Driven: Similar to NETCONF, RESTCONF uses YANG data models to define how configuration and operational data are structured.
- JSON/XML Support: RESTCONF allows the exchange of data in both JSON and XML formats, giving it flexibility in how data is represented and consumed.
- Resource-Based: RESTCONF treats network device configurations and operational data as resources, allowing them to be easily manipulated using HTTP methods.
How RESTCONF Works
RESTCONF operates as a client-server model, where the RESTCONF client (typically a web application or automation tool) communicates with a RESTCONF server (a network device) using HTTP. The protocol leverages HTTP methods to interact with the data represented by YANG models.
HTTP Methods in RESTCONF:
- GET: Retrieve configuration or operational data from the device.
- POST: Create new configuration data on the device.
- PUT: Update existing configuration data.
- PATCH: Modify part of the existing configuration.
- DELETE: Remove configuration data from the device.
RESTCONF provides access to various network data through a well-defined URI structure, where each part of the network’s configuration or operational data is treated as a unique resource. This resource-centric model allows for easy manipulation and retrieval of network data.
RESTCONF URI Structure and Example
RESTCONF URIs provide access to different parts of a device’s configuration or operational data. The general structure of a RESTCONF URI is as follows:
/restconf/<resource-type>/<data-store>/<module>/<container>/<leaf>
- resource-type: Defines whether you are accessing data (
/data) or operations (/operations). - data-store: The datastore being accessed (e.g.,
/runningor/candidate). - module: The YANG module that defines the data you are accessing.
- container: The container (group of related data) within the module.
- leaf: The specific data element being retrieved or modified.
Example: If you want to retrieve the current configuration of interfaces on a network device, the RESTCONF URI might look like this:
GET /restconf/data/ietf-interfaces:interfacesThis request retrieves all the interfaces on the device, as defined in the ietf-interfaces YANG model.
RESTCONF Data Formats
RESTCONF supports two primary data formats for representing configuration and operational data:
- JSON (JavaScript Object Notation): A lightweight, human-readable data format that is widely used in web applications and REST APIs.
- XML (Extensible Markup Language): A more verbose, structured data format commonly used in network management systems.
Most modern implementations prefer JSON due to its simplicity and efficiency, particularly in web-based environments.
RESTCONF and YANG
Like NETCONF, RESTCONF relies on YANG models to define the structure and hierarchy of configuration and operational data. Each network device’s configuration is represented using a specific YANG model, which RESTCONF interacts with using HTTP methods. The combination of RESTCONF and YANG provides a standardized, programmable interface for managing network devices.
Example YANG Model Structure in JSON:
{
"ietf-interfaces:interface": {
"name": "GigabitEthernet0/1",
"description": "Uplink Interface",
"type": "iana-if-type:ethernetCsmacd",
"enabled": true
}
}This JSON example represents a network interface configuration based on the ietf-interfaces YANG model.
Security in RESTCONF
RESTCONF leverages the underlying HTTPS (SSL/TLS) for secure communication between the client and server. It supports basic authentication, OAuth, or client certificates for verifying user identity and controlling access. This level of security is similar to what you would expect from any RESTful API that operates over the web, ensuring confidentiality, integrity, and authentication in the network management process.
Advantages of RESTCONF
RESTCONF offers several distinct advantages, especially in modern networks that require integration with web-based tools and automation platforms:
- RESTful Simplicity: RESTCONF adopts a well-known RESTful architecture, making it easier to integrate with modern web services and automation tools.
- Programmability: The use of REST APIs and data formats like JSON allows for easier automation and programmability, particularly in environments that use DevOps practices and CI/CD pipelines.
- Wide Tool Support: Since RESTCONF is HTTP-based, it is compatible with a wide range of development and monitoring tools, including Postman, curl, and programming libraries in languages like Python and JavaScript.
- Standardized Data Models: The use of YANG ensures that RESTCONF provides a vendor-neutral way to interact with devices, facilitating interoperability between devices from different vendors.
- Efficiency: RESTCONF’s ability to handle structured data using lightweight JSON makes it more efficient than XML-based alternatives in web-scale environments.
Disadvantages of RESTCONF
While RESTCONF brings many advantages, it also has some limitations:
- Limited to Configuration and Operational Data: RESTCONF is primarily used for retrieving and modifying configuration and operational data. It lacks some of the more advanced management capabilities (like locking configuration datastores) that NETCONF provides.
- Stateless Nature: RESTCONF is stateless, meaning each request is independent. While this aligns with REST principles, it lacks the transactional capabilities of NETCONF’s stateful configuration model, which can perform commits and rollbacks in a more structured way.
- Less Mature in Networking: NETCONF has been around longer and is more widely adopted in large-scale enterprise networking environments, whereas RESTCONF is still gaining ground.
When to Use RESTCONF
RESTCONF is ideal for environments that prioritize simplicity, programmability, and integration with modern web tools. Common use cases include:
- Network Automation: RESTCONF fits naturally into network automation platforms, making it a good choice for managing dynamic networks using automation frameworks like Ansible, Terraform, or custom Python scripts.
- DevOps/NetOps Integration: Since RESTCONF uses HTTP and JSON, it can easily be integrated into DevOps pipelines and tools such as Jenkins, GitLab, and CI/CD workflows, enabling Infrastructure as Code (IaC) approaches.
- Cloud and Web-Scale Environments: RESTCONF is well-suited for managing cloud-based networking infrastructure due to its web-friendly architecture and support for modern data formats.
RESTCONF vs. NETCONF: A Quick Comparison
RESTCONF Implementation Steps
To implement RESTCONF, follow these general steps:
Step 1: Enable RESTCONF on Devices
Ensure your devices support RESTCONF and enable it. For example, on Cisco IOS XE, you can enable RESTCONF with:
restconf
Step 2: Send RESTCONF Requests
Once RESTCONF is enabled, you can interact with the device using curl or tools like Postman. For example, to retrieve the configuration of interfaces, you can use:
curl -k -u admin:admin "https://192.168.1.1:443/restconf/data/ietf-interfaces:interfaces"
Step 3: Parse JSON/XML Responses
RESTCONF responses will return data in JSON or XML format. If you’re using automation scripts (e.g., Python), you can parse this data to retrieve or modify configurations.
Summary
RESTCONF is a powerful, lightweight, and flexible protocol for managing network devices in a programmable way. Its use of HTTP/HTTPS, JSON, and YANG makes it a natural fit for web-based network automation tools and DevOps environments. While it lacks the transactional features of NETCONF, its simplicity and compatibility with modern APIs make it ideal for managing cloud-based and automated networks.