📘CCNP Encore (350-401-ENCORE-v1.1)
1. Why NETCONF and RESTCONF Exist (Exam Perspective)
Traditional network management uses CLI (command-line interface).
CLI works well for humans, but it is not efficient for automation, scripts, or applications.
Modern networks require:
- Faster configuration
- Fewer human errors
- Centralized control
- Integration with automation tools
To solve this, Cisco and other vendors use model-based management protocols:
- NETCONF
- RESTCONF
Both allow programmatic configuration, monitoring, and management of network devices using data models instead of manual CLI commands.
2. What Is Model-Based Management?
Model-based management means:
- Device configuration and state are represented as structured data
- The structure is defined using YANG models
- Applications interact with devices using APIs, not CLI
Key components:
- YANG → Data modeling language
- NETCONF / RESTCONF → Protocols to access and modify data
- XML / JSON → Data formats
3. YANG (Very Important for the Exam)
What Is YANG?
YANG is a data modeling language used to describe:
- Configuration data
- Operational (state) data
- RPCs (Remote Procedure Calls)
- Notifications
YANG defines:
- What data exists
- How it is structured
- What values are allowed
Why YANG Is Important
- NETCONF and RESTCONF depend on YANG
- YANG ensures consistent configuration
- Prevents invalid or unsupported settings
Types of YANG Models
| YANG Model Type | Description |
|---|---|
| Open models | Vendor-neutral (IETF standards) |
| Native models | Vendor-specific (Cisco IOS XE) |
4. NETCONF Overview
What Is NETCONF?
NETCONF (Network Configuration Protocol) is a client-server protocol used to:
- Install
- Modify
- Delete
- Retrieve device configuration
NETCONF uses:
- SSH as transport
- XML as data format
- YANG as data model
NETCONF Characteristics (Exam Keywords)
- Uses TCP port 830
- Secure communication (SSH)
- Transaction-based
- Supports rollback
- Structured configuration
5. NETCONF Architecture
Components
| Component | Role |
|---|---|
| NETCONF client | Automation tool or controller |
| NETCONF server | Network device (router/switch) |
| YANG models | Define data structure |
| Datastores | Store configuration data |
NETCONF Datastores
| Datastore | Purpose |
|---|---|
| running | Current active configuration |
| candidate | Staged configuration (before commit) |
| startup | Configuration used at boot |
| operational | Device state data |
6. NETCONF Operations (Must Know)
NETCONF uses RPCs (Remote Procedure Calls).
Common NETCONF Operations
| Operation | Description |
|---|---|
| get | Retrieve operational data |
| get-config | Retrieve configuration data |
| edit-config | Modify configuration |
| copy-config | Copy configuration between datastores |
| delete-config | Remove configuration |
| commit | Apply candidate configuration |
| lock / unlock | Prevent simultaneous changes |
7. Configuring NETCONF on Cisco IOS XE
Enable NETCONF
Router(config)# netconf-yang
This:
- Enables NETCONF
- Enables YANG models
- Uses SSH automatically
Verify NETCONF Status
Router# show netconf-yang status
Expected output includes:
- NETCONF enabled
- SSH enabled
- Listening on port 830
8. Verifying NETCONF Operation
Verify NETCONF Sessions
Router# show netconf-yang sessions
Verify Supported YANG Models
Router# show yang models
9. RESTCONF Overview
What Is RESTCONF?
RESTCONF is a RESTful API that allows access to network devices using:
- HTTP methods
- URLs
- JSON or XML
- YANG models
RESTCONF is easier to use for:
- Web applications
- Scripts
- Cloud-based tools
10. RESTCONF Characteristics (Exam Focus)
| Feature | RESTCONF |
|---|---|
| Transport | HTTP / HTTPS |
| Data format | JSON (preferred), XML |
| Data model | YANG |
| Authentication | HTTP auth |
| Style | REST API |
RESTCONF Ports
| Protocol | Port |
|---|---|
| HTTP | 80 |
| HTTPS | 443 |
11. RESTCONF HTTP Methods (Very Important)
| Method | Purpose |
|---|---|
| GET | Read data |
| POST | Create data |
| PUT | Replace data |
| PATCH | Modify part of data |
| DELETE | Remove data |
12. RESTCONF Architecture
RESTCONF URL Structure
https://<device-ip>/restconf/data/
Examples:
- Configuration data
- Operational data
- YANG model data
13. Configuring RESTCONF on Cisco IOS XE
Enable RESTCONF
Router(config)# restconf
Enable HTTPS (Required)
Router(config)# ip http secure-server
RESTCONF requires:
- HTTPS enabled
- Valid user credentials
14. Verifying RESTCONF
Verify RESTCONF Status
Router# show running-config | section restconf
Verify HTTP Server
Router# show ip http server status
15. NETCONF vs RESTCONF (Exam Comparison Table)
| Feature | NETCONF | RESTCONF |
|---|---|---|
| Transport | SSH | HTTP/HTTPS |
| Port | 830 | 443 |
| Data format | XML | JSON/XML |
| Complexity | More complex | Simpler |
| Use case | Controllers, automation | Web apps, APIs |
16. When NETCONF Is Preferred
- Large-scale automation
- Transaction-based changes
- Configuration consistency
- Rollback support
17. When RESTCONF Is Preferred
- Web-based tools
- Simple API access
- Cloud integrations
- Lightweight automation
18. Exam-Critical Points to Remember
✔ NETCONF uses SSH and XML
✔ RESTCONF uses HTTP methods and JSON
✔ Both rely on YANG models
✔ NETCONF port = 830
✔ RESTCONF typically uses HTTPS (443)
✔ Enable NETCONF with netconf-yang
✔ Enable RESTCONF with restconf
✔ Verify using show netconf-yang status
✔ RESTCONF uses GET, POST, PUT, PATCH, DELETE
19. Common Exam Mistakes to Avoid
- Confusing NETCONF with RESTCONF transport
- Forgetting that both use YANG
- Assuming CLI is required
- Mixing XML and JSON usage
- Forgetting verification commands
20. Summary (Easy Explanation)
- NETCONF and RESTCONF allow devices to be managed by software
- They replace manual CLI for automation
- YANG defines the structure
- NETCONF is secure and transaction-based
- RESTCONF is simple and API-friendly
- Both are key topics in network automation
