LLMpediaThe first transparent, open encyclopedia generated by LLMs

RESTCONF

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: IETF 6TiSCH Hop 4
Expansion Funnel Raw 60 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted60
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
RESTCONF
NameRESTCONF
TitleRESTCONF
DeveloperIETF
Introduced2014
StatusProposed Standard
RelatedNETCONF, YANG, HTTP, TLS, OAuth 2.0

RESTCONF

RESTCONF is an HTTP-based protocol standardized by the Internet Engineering Task Force for accessing data defined in YANG data models on network devices and services. It complements NETCONF by mapping configuration and state data to RESTful resources, enabling interoperability with systems that integrate with IETF, Cisco Systems, Juniper Networks, Arista Networks, and Huawei Technologies products. RESTCONF is used in operational environments alongside orchestration platforms such as Ansible (software), Puppet (software), Chef (software), SaltStack, and cloud controllers like OpenStack and Kubernetes.

Overview

RESTCONF provides a programmatic interface for configuration and operational state, combining specifications from RFC 8040 authors with work from the IETF NETMOD Working Group and coordination with standards like RFC 6241. It defines a schema-driven resource hierarchy that interoperates with tooling used in Microsoft Azure, Amazon Web Services, and Google Cloud Platform environments when integrating on-premises network functions from vendors such as Cisco Systems and Juniper Networks. RESTCONF deployments commonly interact with orchestration and monitoring systems from VMware, Red Hat, Hewlett Packard Enterprise, and open-source projects like OpenDaylight and ONOS (software).

Protocol and Architecture

RESTCONF leverages HTTP methods, status codes, and content types consistent with Hypertext Transfer Protocol, layering on standards such as RFC 7231 and RFC 7233. Architecturally, it interfaces with device management agents developed by companies like Ciena, Nokia, Ericsson, and F5 Networks and aligns with controller architectures used in Software-defined networking deployments by Google and Facebook. Implementations use transport security from Transport Layer Security versions defined by the IETF TLS Working Group and may integrate with certificate management solutions from Let's Encrypt, DigiCert, and Entrust Datacard.

Data Models and YANG Integration

RESTCONF maps resources to data and RPCs defined in YANG (data modeling language), a model authored and maintained by contributors from IETF NETMOD Working Group, Cisco Systems, Juniper Networks, Huawei Technologies, and academic groups at Georgia Institute of Technology and Carnegie Mellon University. It supports YANG modules published in repositories maintained by IETF Datatracker and vendors that span modules used by BGP, OSPF, ISIS, MPLS, and Segment Routing features. Toolchains that generate RESTCONF interfaces from YANG modules include projects from Yang Explorer, pyang, OpenConfig, and vendor SDKs from Cisco NSO and Juniper Junos Space.

Operations and HTTP Methods

RESTCONF uses HTTP verbs such as GET, POST, PUT, PATCH, and DELETE, with behavior influenced by standards like RFC 7231 and partial semantics referenced from RFC 6902 for patch semantics. RPC and action semantics are represented through YANG-defined operations comparable to remote procedure constructs in gNMI and NETCONF RPCs as specified in RFC 6241. Response handling, conditional requests, and caching interact with intermediaries and proxies implemented by vendors such as NGINX, HAProxy, and Apache HTTP Server when deployed in front of device management APIs.

Security and Authentication

RESTCONF security relies on TLS profiles specified by the IETF TLS Working Group and may leverage authentication frameworks and protocols including OAuth 2.0, OpenID Connect, SAML 2.0, and X.509 client certificates issued by public CAs like Let's Encrypt or enterprise PKI solutions from Microsoft Active Directory Certificate Services. Access controls often integrate with AAA systems such as RADIUS, TACACS+, and identity providers like Okta and Ping Identity. Security considerations reference threat models and mitigations discussed in forums like FIRST and standards from NIST.

Implementations and Adoption

Commercial implementations ship in network operating systems from Cisco IOS XR, Cisco NX-OS, Juniper Junos, Arista EOS, Huawei VRP, and SD-WAN controllers from Viptela and Silver Peak. Open-source projects and controllers providing RESTCONF endpoints include OpenDaylight, ONOS (software), FRRouting, and network automation libraries such as ncclient adaptations, RESTCONF.py wrappers, and integrations in Ansible (software) modules maintained by Red Hat. Cloud providers and managed service vendors including NTT, Accenture, Capgemini, and IBM leverage RESTCONF in hybrid and managed network solutions.

Limitations and Criticisms

Critiques of RESTCONF point to inconsistencies between RESTful principles advocated by field leaders like Roy Fielding and protocol behaviors inherited from NETCONF; vendors including Cisco Systems and Juniper Networks have produced divergent implementations that complicate interoperability. Alternative telemetry and configuration models such as gNMI, NETCONF, and intent-based APIs from companies like Apstra are often preferred for streaming telemetry and subscription models. Performance and scaling concerns arise in high-frequency monitoring contexts found in hyperscale data centers operated by Google, Facebook, and Amazon where binary or gRPC-based protocols may outperform HTTP/JSON mappings.

Category:Network management protocols