Managing Home Routers with NETCONF over TLS and NETCONF Call Home
share
The Network Configuration (NETCONF) protocol and the associated YANG data modeling language are the foundations of contemporary network management frameworks evolving within the Internet Engineering Task Force (IETF). netopeer (a NETCONF server) and ncclient (a NETCONF client) are popular open-source projects that support the latest NETCONF v1.1 protocol using the mandatory Secure Shell (SSH) transport. We recently implemented and integrated NETCONF over Transport Layer Security (TLS) transport and NETCONF Call Home (CH) mechanisms using reverse TLS and SSH in both projects. The CH mechanism allows a managed device behind a Network Address Translation (NAT) running a NETCONF server (netopeer) to successfully establish a NETCONF session with a Network Management System (NMS) running a NETCONF client (ncclient). In this article, we describe how these standards allow home routers and NAT boxes (in particular) to be managed using these latest additions to the NETCONF protocol.
READ FULL TEXT