Introduction of RESTCONF

Overview

RESTCONF is a network configuration management protocol that uses HTTP methods, including OPTIONS, HEAD, GET, POST, PATCH, PUT and DELETE, to provide a set of Create, Read, Update, Delete (CRUD) operations on YANG-defined datastore to manage network devices.

RESTCONF is developed based on the integration of NETCONF and HTTP protocols, which can be implemented on a device that supports the NETCONF protocol.

RESTCONF provides a programming interface in line with the popular RESTful style, providing users with the ability to efficiently develop Web-based operation and maintenance tools.

RESTCONF Components

As shown in Figure 1, the RESTCONF protocol consists of two parts: RESTCONF Client and Server.

  • RESTCONF Client

The client utilizes the RESTCONF protocol for system management of network devices. The client sends HTTP requests to the server to create, delete, modify or query one or more data, encoded in XML or JSON format.

  • RESTCONF Server

The server device is used to maintain the information data of the managed devices. When receiving a HTTP request from the RESTCONF client, the server parses and processes the request message, and then returns a response to the client.

Figure 1.     RESTCONF Components

 

The information that the client obtains from the running server includes configuration data and status data.

  • The client can query the status data and the configuration data.

  • The client can modify the configuration data and manipulate it to achieve the desired state of the server.

  • The client cannot modify the status data, which mainly includes the running status and statistical information of the server.

Advantage

  • RESTCONF provides RESTful style programming interface to support Web development.

  • Adopting XML or JSON encoding.

  • Standardized interface, compatible with devices from multiple manufacturers, can reduce development and maintenance costs.

  • Good extensibility, different manufacturer devices can define their own protocol operation.

YANG Model

Same as NETCONF, RESTCONF also works based on YANG.

Most YANG files independent of the device type are placed in the following path:

/pica/etc/common/data-models.

root@PICOS:/pica/etc/common/data-models# ls -lt *.yang -rw-r--r-- 1 root root 178165 May 19 2023 bgp.yang -rw-r--r-- 1 root root 4487 May 12 2023 arp.yang -rw-r--r-- 1 root root 56906 May 5 2023 ospfv2.yang -rw-r--r-- 1 root root 22047 May 5 2023 ospfv3.yang -rw-r--r-- 1 root root 16808 Apr 12 2023 bfd.yang -rw-r--r-- 1 root root 7163 Apr 12 2023 cos-with-pfc.yang -rw-r--r-- 1 root root 8350 Apr 12 2023 dhcp.yang -rw-r--r-- 1 root root 23978 Apr 12 2023 firewall-no-icmp-type-code.yang -rw-r--r-- 1 root root 24752 Apr 12 2023 firewall.yang -rw-r--r-- 1 root root 2416 Apr 12 2023 igmp.yang -rw-r--r-- 1 root root 8168 Apr 12 2023 igmpsnooping.yang -rw-r--r-- 1 root root 4244 Apr 12 2023 lacp.yang -rw-r--r-- 1 root root 5081 Apr 12 2023 mlag.yang -rw-r--r-- 1 root root 26129 Apr 12 2023 mstp.yang -rw-r--r-- 1 root root 5118 Apr 12 2023 ovsdb.yang -rw-r--r-- 1 root root 7986 Apr 12 2023 pim.yang -rw-r--r-- 1 root root 58523 Apr 12 2023 routing.yang -rw-r--r-- 1 root root 5240 Apr 12 2023 sflow.yang -rw-r--r-- 1 root root 10446 Apr 12 2023 snmp.yang -rw-r--r-- 1 root root 13186 Apr 12 2023 static-routes.yang -rw-r--r-- 1 root root 17509 Apr 12 2023 vlan-interface.yang -rw-r--r-- 1 root root 8591 Apr 12 2023 vlans.yang -rw-r--r-- 1 root root 11408 Apr 12 2023 vrrp.yang -rw-r--r-- 1 root root 9920 Apr 12 2023 vxlans.yang -rw-r--r-- 1 root root 5173 Aug 24 2022 dot1x.yang -rw-r--r-- 1 root root 6062 Aug 12 2022 cos-without-pfc.yang -rw-r--r-- 1 root root 16760 Aug 12 2022 ietf-inet-types.yang -rw-r--r-- 1 root root 18034 Aug 12 2022 ietf-yang-types.yang -rw-r--r-- 1 root root 5475 Aug 12 2022 ipfix.yang -rw-r--r-- 1 root root 6944 Aug 12 2022 lldp.yang -rw-r--r-- 1 root root 1411 Aug 12 2022 mfea.yang -rw-r--r-- 1 root root 1629 Aug 12 2022 mpls.yang -rw-r--r-- 1 root root 4825 Aug 12 2022 neighbour.yang -rw-r--r-- 1 root root 8833 Aug 12 2022 policy.yang -rw-r--r-- 1 root root 4592 Aug 12 2022 rip.yang -rw-r--r-- 1 root root 3669 Aug 12 2022 ripng.yang -rw-r--r-- 1 root root 50887 Aug 12 2022 system.yang -rw-r--r-- 1 root root 4126 Aug 12 2022 udld.yang -rw-r--r-- 1 root root 871 Aug 12 2022 version.yang -rw-r--r-- 1 root root 4515 Aug 12 2022 xovs.yang

The yang files related to the device type are placed in the following path. This path contains a soft link to the yang file above, use an ellipsis instead.

root@PICOS:/pica/etc/as5712_54x/data-models# ls -lt *.yang …… -rw-r--r-- 1 root root 58741 Apr 12 2023 interface.yang -rw-r--r-- 1 root root 2211 Aug 12 2022 stm.yang

Authentication

RESTCONF supports setting authorization to “Basic Auth”, the username and password should be set to the same as the accounts used for authentication of the RESTCONF server.

In the HTTPs request message sent by the client, you need to fill in the authentication information correctly to ensure that the connection between the RESTCONF client and server can be established successfully.

HTTP Status Code

RESTCONF uses the Status-Line part of an HTTP response message to inform clients of their request’s result. HTTP defines these standard status codes that can be used to convey the results of a client’s request.

Table 1. HTTP status codes

Status Code

Description

200 OK

Indicates that the request has succeeded.

201 Created

Indicates that the request has succeeded and a new resource has been created as a result.

204 No Content

The server has fulfilled the request but does not need to return a response body. The server may return the updated meta information.

400 Bad Request

The request could not be understood by the server due to incorrect syntax. The client SHOULD NOT repeat the request without modifications.

401 Unauthorized

Indicates that the request requires user authentication information. The client MAY repeat the request with a suitable Authorization header field

403 Forbidden

Unauthorized request. The client does not have access rights to the content. Unlike 401, the client’s identity is known to the server.

404 Not Found

The server cannot find the requested resource.

405 Method Not Allowed

The request HTTP method is known by the server but has been disabled and cannot be used for that resource.

408 Request Timeout

Indicates that the server did not receive a complete request from the client within the server’s allotted timeout period.

409 Conflict

The request could not be completed due to a conflict with the current state of the resource.

410 Gone

The requested resource is no longer available at the server.

412 Precondition Failed

The client has indicated preconditions in its headers which the server does not meet.

413 Request Entity Too Large

Request entity is larger than limits defined by server.

414 Request-URI Too Long

The URI requested by the client is longer than the server can interpret.

415 Unsupported Media Type

The media-type in Content-type of the request is not supported by the server.

500 Internal Server Error

The server encountered an unexpected condition that prevented it from fulfilling the request.

501 Not Implemented

The HTTP method is not supported by the server and cannot be handled.

RESTCONF Error Codes

The tree of YANG model <errors> is defined as follows:

+---- errors +---- error* +---- error-type enumeration +---- error-tag string +---- error-app-tag? string +---- error-path? instance-identifier +---- error-message? string +---- error-info?

When an error occurs, the server returns a response message carried with above error information. 

  • error-type

The value of error-type can be:

Value

Description

transport

Transport Layer

tpc

RPC Layer

protocol

Operation Layer

application

Application Layer

  • error-tag

<error-tag>

Error description

Status code

in-use

The requested resource is already in use

409

invalid-value

The parameter value in the request is incorrect

400, 404 or 406

too-big

Request or reply messages are too large to process

413 or 400

missing-attribute

Missing attribute on element node

400

bad-attribute

Attribute error on element node

400

unknown-attribute

Unknown attribute on element node

400

bad-element

The element node value is incorrect

400

unknown-element

Unrecognized elements

400

unknown-namespace

Unrecognized namespaces

400

access-denied

Access denied

401 or 403

lock-denied

The configuration process is locked

409

resource-denied

Insufficient resources to complete the request

409

rollback-failed

Rollback failure

500

data-exists

The data already exists and POST creates a duplicate record

409

data-missing

Deleting a non-existent object returns this error

409

operation-not-supported

The operation is not supported. For example, POST and DELETE operations are not supported for current container nodes

405 or 501

operation-failed

Operation execution failed

412 or 500

partial-operation

Some operations failed

500

malformed-message

The message format is incorrect

400

  • error-app-tag: Indicates a specific error type.

  • error-path: Represents the location where the error occurred.

  • error-message: Indicates detailed error information.

  • error-info: Indicates the description of error parameters.

For example,

  • Example 1: Input an error path when using GET method causes error: "error-type": "application".

The response result is:

400 Bad Request { "ietf-restconf:errors": { "error": { "error-type": "application", "error-tag": "unknown-element", "error-info": { "bad-element": "vlan" }, "error-severity": "error", "error-message": "No such yang module prefix" } } }
  • Example 2: Input a non-exist path when using PATCH method causes error: "error-type": "protocol".

The response result is:

400 Bad Request { "ietf-restconf:errors": { "error": { "error-type": "protocol", "error-tag": "invalid-value", "error-severity": "error", "error-message": "API-resource type" } } }
  • Example 3: No data was provided when using PUT method causes error: "error-type": "rpc".

The response result is:

400 Bad Request { "ietf-restconf:errors": { "error": { "error-type": "rpc", "error-tag": "malformed-message", "error-severity": "error", "error-message": "The message-body MUST contain exactly one instance of the expected data resource" } } }

Copyright © 2024 Pica8 Inc. All Rights Reserved.