IoT System Management with NETCONF-YANG PDF

### IoT System Management with NETCONF-YANG 1. **Protocol:** NETCONF is a network management protocol defined by the Internet Engineering Task Force (IETF) in RFC 6241. It operates over a secure transport protocol such as SSH (Secure Shell) or Transport Layer Security (TLS). 2. **Operations**: NETCONF provides a set of operations to manage network devices, including capabilities negotiation, retrieving device configuration, modifying configuration, executing RPCs, and subscribing to event notifications. 3. **Data Encoding**: NETCONF uses XML as the data encoding format. XML provides a structured way of representing data and configurations exchanged between network devices and management systems. 4. **Transport**: NETCONF typically uses SSH as the transport protocol for secure communication with network devices. It can also use TLS for secure transport. 5. **Security:** NETCONF includes built-in security mechanisms for authentication, authorization, and encryption. It supports various authentication methods such as username/password, public key, and digital certificates. 1. **Language**: YANG is a data modeling language used to define the structure, hierarchy, and semantics of data exchanged between network devices and management systems. It is defined by the IETF in RFC 7950. 2. **Hierarchical Structure**: YANG models data in a hierarchical structure using modules, statements, and data types. It allows for defining containers, lists, leaf nodes, and other elements to represent the data structure and attributes of network devices. 3. **Data Types:** YANG provides various data types, including string, Boolean, integer, decimal, identity, enumeration, and more. These data types help define the characteristics and constraints of the data being modeled. 4. **Relationships:** YANG supports defining relationships between data elements using references, grouping, and augmentations. It enables the reuse of common data structures and facilitates modular and extensible data models. 5. **Constraints and Validations**: YANG allows specifying constraints and validations on data elements using features such as range, length, pattern, and mandatory statements. This helps ensure the integrity and validity of the data exchanged between devices and management systems. ### NETCONF and YANG together provide a standardized way of Outline ------- - Need for IoT Systems Management - SNMP - Network Operator Requirements - NETCONF - YANG - IoT Systems Management with NETCONF-YANG Need for IoT Systems Management ------------------------------- 1. **Automating Configuration**: IoT system management allows for automating system configurations. Management interfaces provide predictable and easy-to-use capabilities, enabling the automation of system configuration. This is particularly important when dealing with multiple devices or nodes to ensure consistent configurations and avoid errors. 2. **Monitoring Operational & Statistical Data**: Management systems help in monitoring operational data (related to system parameters during runtime) and statistical data (describing system performance). This data can be used for fault diagnosis, prognosis, and performance optimization. 3. **Improved Reliability**: A management system that validates system configurations before implementation improves system reliability. By ensuring that configurations are error- free, the system is less prone to failures or issues. Bahga & Madisetti, © 2015 4. **System Wide Configuration**: When an IoT system consists of multiple devices or nodes, it is crucial to ensure system-wide configuration for proper functioning. Configuring each device separately can lead to inconsistencies, where some devices operate on an old configuration while others have a new one. System-wide configuration ensures changes are applied uniformly to all devices, avoiding undesirable outcomes. 5. **Multiple System Configurations**: In certain cases, IoT systems may require multiple valid configurations that are applied at different times or under specific conditions. The management system should support such flexibility. 6. **Retrieving & Reusing Configurations**: Management systems that can retrieve configurations from devices facilitate the reuse of configurations for other devices of the same type. This is useful when adding new devices to an IoT system, as the same configuration can be applied by retrieving it from an existing device. - SNMP is a well-known and widely used network management protocol that allows monitoring and conﬁguring network devices - SNMP component include - Network Management Station (NMS) - Managed Device - Management Information Base (MIB) - SNMP Agent that runs on the device Limitations of SNMP ------------------- 1. **Limited Security**: SNMP versions 1 and 2c have significant **security** limitations. They use **weak** authentication mechanisms based on community strings, which can be easily intercepted or guessed. 2. **Lack of Flexibility**: SNMP primarily focuses on **monitoring** and managing network devices using predefined Management Information Bases (MIBs). While MIBs provide a standardized set of variables for device management, they may not cover all aspects of **modern** networks or **specific vendor** implementations. 3. **Performance Impact**: SNMP relies on periodic polling to **collect** data from managed devices. The increased network traffic and **processing overhead** on the managed devices can impact overall network performance. 4. **Limited Scalability**: Managing many SNMP devices may require **dedicated** management 5. **Lack of Support for Non-IP Networks:** SNMP is primarily designed for IP-based networks and may not be suitable for managing devices on non-IP networks or specialized network technologies. 6. **Complex Management Hierarchy:** SNMP management involves a hierarchical structure of managers and agents, with various management tasks and roles. This complexity can make the setup and configuration of SNMP management systems challenging, requiring expertise in SNMP concepts, MIBs, and network architectures. 1. **Network Infrastructure:** Network operators build, deploy, and maintain the physical infrastructure required for communication networks. This infrastructure includes fiber optic cables, transmission towers, data centers, switching equipment, routers, and other networking devices. 2. **Network Services:** Network operators offer a range of services to their customers, which can include voice services (telephone calls), data services (internet access), video services (television), and other value-added services. These services are delivered over their network infrastructure. 3. **Connectivity Provision**: Network operators provide connectivity solutions that enable users to connect to their network and access the services they offer. This can be through wired connections (such as fiber optic or copper cables) or wireless connections (such as cellular networks or Wi-Fi). 4. **Network Management:** Network operators are responsible for managing and optimizing their network infrastructure to ensure reliable and efficient service delivery. This includes tasks such as monitoring network performance, troubleshooting issues, capacity planning, and network security. 5. **Service Quality and Reliability**: Network operators strive to provide high-quality and reliable services to their customers. They invest in network redundancy, backup systems, and disaster recovery mechanisms to minimize service disruptions and ensure continuous availability. 6. **Regulatory Compliance**: Network operators must comply with regulatory requirements set by government authorities or regulatory bodies. These regulations may include licensing, spectrum allocation, data privacy, consumer protection, and other obligations to ensure fair and lawful operations. 7. **Customer Support**: Network operators typically offer customer support services to address customer inquiries, troubleshoot issues, and provide assistance with service-related matters. This can include call centers, online support portals, and field technicians. 8. **Interconnection and Peering:** Network operators establish interconnections and peering agreements with other operators to facilitate the exchange of traffic between their networks. This enables seamless communication and connectivity across different networks and enhances the reach of their services. Network Operator Requirements ----------------------------- - Ease of use - Distinction between configuration and state data - Fetch configuration and state data separately - Configuration of the network as a whole - Configuration transactions across devices - Configuration deltas - Dump and restore configurations - Configuration validation - Configuration database schemas - Comparing configurations - Role-based access control - Consistency of access control lists: - Multiple configuration sets - Support for both data-oriented and task- oriented access control NETCONF ======= - Network Configuration Protocol (NETCONF) is a **session-based** network management protocol. NETCONF allows retrieving **state** or **configuration** data and **manipulating** configuration data on network devices NETCONF ======= - NETCONF works on **SSH** transport protocol. - Transport layer provides end-to-end connectivity and ensure reliable delivery of messages. - NETCONF uses **XML-encoded** Remote Procedure Calls (RPCs) for framing request and - The **RPC** layer provides mechanism for encoding of RPC calls and notifications. - NETCONF provides various operations to retrieve and edit configuration data from network devices. - The Content Layer consists of configuration and state data which is XML-encoded. - The schema of the configuration and state data is defined in a data modeling language called **YANG**. - NETCONF provides a clear separation of the configuration and state data. - The configuration data resides within a NETCONF configuration datastore on the server. YANG ==== - YANG is a data modeling language used to model configuration and state data - YANG modules contain the definitions of the configuration **data, state data, RPC calls** - YANG modules defines the data **exchanged** between the NETCONF client and server. - A module comprises of a number of **\'leaf**\' nodes which are organized into a hierarchical - The \'leaf\' nodes are specified using the \'leaf\' or \'leaf-list\' constructs. - Leaf nodes are organized using **\'container**\' or \'list\' constructs. - A YANG module can import definitions from other modules. - Constraints can be defined on the data nodes, e.g. allowed values. - YANG can model both configuration data and state data using the \'config\' statement. YANG Module Example ------------------- - This YANG module is a YANG version of the toaster MIB - The toaster YANG module begins with the header information followed by identity declarations which define various bread types. - The leaf nodes ('toasterManufacturer', 'toasterModelNumber' and oasterStatus') are defined in the 'toaster' container. - Each leaf node definition has a type and optionally a description and default value. - The module has two RPC definitions ('make-toast' and 'cancel-toast'). - Management System - Management API - Transaction Manager - Rollback Manager - Data Model Manager - Configuration Validator - Configuration Database - Configuration API - Data Provider API ### Management System: A management system refers to a 1. Why is network wide configuration important for IoT systems with multiple nodes? 2. Which limitations make SNMP unsuitable for IoT systems? 3. What is the difference between state and configuration data? 4. What is the role of NETCONF server? 5. What is the function of data model manager? 6. Describe the roles of YANG module in device management? 7. What is the function of Data Provider API? 8. Explain the roles of Configuration Validator. 9. What is meant by Rollback manager? 10. Describe Management System roles.

IoT System Management with NETCONF-YANG PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue