Network Management Protocols ============================== .. toctree:: :maxdepth: 1 :hidden: :includehidden: SNMP Syslog Netconf Restconf sFLOW IPFIX RMON gNMI IPMI This section introduces essential protocols for managing, and organizing networked devices. These protocols play a critical role in topology awareness, automation, and network resiliency. .. list-table:: :widths: 15 65 20 :header-rows: 1 * - Protocol - Description - Use Case * - SNMP (Simple Network Management Protocol) - Application-layer protocol for monitoring and managing devices. *Provides real-time data for alerts, logs, and analytics.* - Centralized network management and monitoring. * - Syslog - Standardized protocol for transmitting log and event messages across networks. *Structured, transport-independent messaging for logging purposes.* - Centralized log collection, auditing, and event analysis. * - Netconf (Network Configuration Protocol) - XML-based configuration protocol over SSH for managing network device configs. *Enables transaction-based configuration and retrieval.* - Automated, scriptable network device configuration and state retrieval. * - Restconf - REST-like interface for accessing Netconf data via HTTP. *Uses YANG-modeled data over HTTP/HTTPS.* - Web-friendly network configuration and monitoring using RESTful tools. * - sFlow - Sampling-based flow monitoring protocol that reports packet statistics. *Embedded within switches/routers for network-wide traffic visibility.* - Real-time traffic analysis and network performance monitoring. * - IPFIX (IP Flow Information Export) - Standardized flow-export protocol derived from Cisco’s NetFlow. *Exports detailed flow records for traffic monitoring and billing.* - Deep flow visibility for security, billing, and traffic engineering. * - RMON (Remote Monitoring) - MIB-based management for remote network monitoring. *Supports event history, statistics, and alerts.* - Monitoring segments or devices remotely with minimal overhead. * - gNMI (gRPC Network Management Interface) - gRPC‑based network management interface using YANG-modeled data. *Enables streaming telemetry and configuration via RPC.* - High-efficiency telemetry and configuration in modern, high-scale networks. * - IPMI (Intelligent Platform Management Interface) - Out-of-band, hardware-level system management independent of the OS. *Provides remote power control, hardware monitoring, and alerts.* - Server hardware management, remote BIOS access, and power cycling. .. tab-set:: .. tab-item:: SNMP **RFC:** RFC 1157, RFC 1901-1908, RFC 3411-3418 **Main Features:** - Monitors and manages network devices at application layer - Versions: v1/v2c (community strings), v3 (secure) - Supports real-time alerts, logging, and analytics **Use Cases:** - Centralized network device monitoring - Fault and performance management - Network automation and configuration **Alternative Protocols:** - NetFlow/IPFIX – Traffic flow monitoring - REST APIs – Modern device management .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about SNMP:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`SNMP Version&RFC Details ` * :ref:`SNMP Basic Setup on Ubuntu using IPv4 ` * :ref:`SNMP Basic Setup on Ubuntu using IPv6 ` * :ref:`SNMP Protocol Packet Details ` * :ref:`SNMP Usecases ` * :ref:`SNMP Basic Features ` * :ref:`SNMP Feature : Simple Protocol ` * :ref:`SNMP Feature : Standardized Communication ` * :ref:`SNMP Feature : Agent-Manager Model ` * :ref:`SNMP Feature : MIB (Management Information Base) ` * :ref:`SNMP Feature : Polling and Traps ` * :ref:`SNMP Feature : Scalability ` * :ref:`SNMP Feature : Cross-Platform Support ` * :ref:`SNMP Feature : Security (SNMPv3) ` * :ref:`SNMP Feature : Extensibility ` * :ref:`SNMP Feature : Low Overhead ` * :ref:`Reference links ` .. button-link:: ./SNMP.html :color: primary :shadow: :expand: Jump to "SNMP" .. tab-set:: .. tab-item:: Syslog **RFC:** RFC 5424 (updates RFC 3164) **Transport:** UDP (port 514), TCP/TLS (e.g., port 6514) **Main Features:** - Transport-independent, layered architecture separating content and transport :contentReference[oaicite:0]{index=0} - Structured message format with timestamps, hostname, app-name, message IDs, and structured data :contentReference[oaicite:1]{index=1} - Supports modernizing logging via TLS over TCP for increased reliability and security :contentReference[oaicite:2]{index=2} **Use Cases:** - Centralized collection of system and network logs - Audit logging, compliance, and event analysis in large-scale environments **Alternative Protocols:** - SNMP — device status and performance data - Netconf / Restconf — configuration-focused protocols .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about Syslog:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`Syslog Version&IEEE Details ` * :ref:`Syslog Basic Setup on Ubuntu using IPv4 ` * :ref:`Syslog Basic Setup on Ubuntu using IPv6 ` * :ref:`Syslog Protocol Packet Details ` * :ref:`Syslog Usecases ` * :ref:`Syslog Basic Features ` * :ref:`Reference links ` .. button-link:: ./Syslog.html :color: primary :shadow: :expand: Jump to "Syslog" .. tab-set:: .. tab-item:: Netconf (Network Configuration Protocol) **RFC:** RFC 6241 (base protocol); mappings via SSH (RFC 6242), TLS (RFC 5539/RFC 7589) **Transport:** SSH (mandatory), optional TLS **Data Encoding:** XML (RPC-based) **Main Features:** - XML-based RPC for device configuration and state retrieval :contentReference[oaicite:0]{index=0} - Transactional operations (e.g., edit‑config, commit/candidate pattern) :contentReference[oaicite:1]{index=1} - Capability negotiation for extensions :contentReference[oaicite:2]{index=2} - Secure transport via SSH or TLS (with mutual authentication) :contentReference[oaicite:3]{index=3} **Use Cases:** - Automated, scriptable network device configuration - Reliable configuration management with rollback and change control - Integration with orchestration and network automation systems **Alternative Protocols:** - SNMP – for monitoring rather than config - Restconf – REST over HTTP interface - CLI automation – less structured, vendor-dependent .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about NETCONF:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`Netconf Version&IEEE Details ` * :ref:`Netconf Basic Setup on Ubuntu using IPv4 ` * :ref:`Netconf Basic Setup on Ubuntu using IPv6 ` * :ref:`Netconf Protocol Packet Details ` * :ref:`Netconf Usecases ` * :ref:`Netconf Basic Features ` * :ref:`Reference links ` .. button-link:: ./Netconf.html :color: primary :shadow: :expand: Jump to "Netconf" .. tab-set:: .. tab-item:: Restconf **RFC:** RESTCONF (RFC 8040) **Transport:** HTTP/HTTPS **Data Encoding:** JSON, XML over REST **Main Features:** - RESTful interface to YANG-modeled data (config and state) - CRUD operations via standard HTTP methods (GET, POST, PUT, DELETE) - Supports JSON and XML serialization - TLS support for secure access **Use Cases:** - Web-native network instrumentation and configuration - Integrating network devices with RESTful automation frameworks **Alternative Protocols:** - Netconf – RPC-based, rich transactional model - SNMP – simpler monitoring access .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about RESTCONF:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`Restconf Version&IEEE Details ` * :ref:`Restconf Basic Setup on Ubuntu using IPv4 ` * :ref:`Restconf Basic Setup on Ubuntu using IPv6 ` * :ref:`Restconf Protocol Packet Details ` * :ref:`Restconf Usecases ` * :ref:`Restconf Basic Features ` * :ref:`Reference links ` .. button-link:: ./Restconf.html :color: primary :shadow: :expand: Jump to "Restconf" .. tab-set:: .. tab-item:: sFlow **RFC:** RFC 3176 – sFlow: A Method for Monitoring Traffic in Switched and Routed Networks :contentReference[oaicite:0]{index=0} **Transport:** UDP (lightweight, sampling-based datagrams) :contentReference[oaicite:1]{index=1} **Main Features:** - Agent-based, sampling telemetry of packet and counter data; integrates both flow and counter samples into single datagrams :contentReference[oaicite:2]{index=2} - Highly efficient and scalable using packet counters and random sampling via UDP, even under high load :contentReference[oaicite:3]{index=3} **Use Cases:** - Real-time, high-scale network traffic monitoring and analysis - Visibility into traffic patterns with minimal performance impact **Alternative Protocols:** - IPFIX – detailed flow export with richer data model - NetFlow – Cisco’s proprietary flow protocol .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about sFlow:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`sFLOW Version&IEEE Details ` * :ref:`sFLOW Basic Setup on Ubuntu using IPv4 ` * :ref:`sFLOW Basic Setup on Ubuntu using IPv6 ` * :ref:`sFLOW Protocol Packet Details ` * :ref:`sFLOW Usecases ` * :ref:`sFLOW Basic Features ` * :ref:`Reference links ` .. button-link:: ./sFlow.html :color: primary :shadow: :expand: Jump to "sFlow" .. tab-set:: .. tab-item:: IPFIX (IP Flow Information Export) **RFC:** RFC 7011 (supersedes RFC 5101) – Specification of IPFIX Protocol :contentReference[oaicite:4]{index=4} **Transport:** UDP or TCP; supports TLS/DTLS for security considerations :contentReference[oaicite:5]{index=5} **Main Features:** - Standardized IETF flow record export protocol for detailed traffic analysis :contentReference[oaicite:6]{index=6} - Template-based flow records with rich information elements via IANA registry, plus support for enterprise extensions :contentReference[oaicite:7]{index=7} - Secure transport optional via TLS/DTLS with considerations for authentication and DoS protections :contentReference[oaicite:8]{index=8} **Use Cases:** - Deep traffic visibility for security, billing, and traffic engineering - Enterprise and ISP-level flow monitoring infrastructure **Alternative Protocols:** - sFlow – lighter sampling approach - NetFlow v9 – Cisco proprietary, precursor to IPFIX .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about IPFIX:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`IPFIX Version&IEEE Details ` * :ref:`IPFIX Basic Setup on Ubuntu using IPv4 ` * :ref:`IPFIX Basic Setup on Ubuntu using IPv6 ` * :ref:`IPFIX Protocol Packet Details ` * :ref:`IPFIX Usecases ` * :ref:`IPFIX Basic Features ` * :ref:`Reference links ` .. button-link:: ./IPFIX.html :color: primary :shadow: :expand: Jump to "IPFIX" .. tab-set:: .. tab-item:: RMON (Remote Monitoring) **RFC:** Originally RMON MIBs (RFC 1757), later IPv6/MPLS support in RFC 3919 :contentReference[oaicite:9]{index=9} **Transport:** SNMP-based—leverages MIB instrumentation over UDP/SNMP **Main Features:** - Defines MIBs for remote collection of network statistics, alarms, history, and events - Extended support for IPv6 and MPLS monitoring via updated MIB definitions :contentReference[oaicite:10]{index=10} **Use Cases:** - Remote monitoring of network segments with low overhead - Long-term trend analysis, alerting, and historical diagnostics **Alternative Protocols:** - sFlow/IPFIX – flow-based telemetry mechanisms - SNMP – general device monitoring without history features .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about RMON:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`RMON Version&IEEE Details ` * :ref:`RMON Basic Setup on Ubuntu using IPv4 ` * :ref:`RMON Basic Setup on Ubuntu using IPv6 ` * :ref:`RMON Protocol Packet Details ` * :ref:`RMON Usecases ` * :ref:`RMON Basic Features ` * :ref:`Reference links ` .. button-link:: ./RMON.html :color: primary :shadow: :expand: Jump to "RMON" .. tab-set:: .. tab-item:: gNMI (gRPC Network Management Interface) **RFC / Spec:** gNMI standard by OpenConfig (not an RFC but widely adopted) **Transport:** gRPC (HTTP/2-based RPC protocol) **Main Features:** - Leverages YANG models for structured data; supports both configuration and streaming telemetry - Efficient, strongly-typed interface using Protobuf and HTTP/2 - Enables configuration via RPCs and real-time telemetry via subscription streams **Use Cases:** - High-performance configuration and telemetry in modern networks - Streaming telemetry collection across device fleets **Alternative Protocols:** - Netconf/Restconf – older models using XML or REST - SNMP – lighter, but less scalable and structured .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about gNMI:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`gNMI Version&IEEE Details ` * :ref:`gNMI Basic Setup on Ubuntu using IPv4 ` * :ref:`gNMI Basic Setup on Ubuntu using IPv6 ` * :ref:`gNMI Protocol Packet Details ` * :ref:`gNMI Usecases ` * :ref:`gNMI Basic Features ` * :ref:`Reference links ` .. button-link:: ./gNMI.html :color: primary :shadow: :expand: Jump to "gNMI" .. tab-set:: .. tab-item:: IPMI (Intelligent Platform Management Interface) **Spec:** IPMI v2.0 (Rev 1.1), remediated with secure ciphers (RMCP+, RAKP+) :contentReference[oaicite:3]{index=3} **Transport:** Out‑of‑band LAN, Serial-over‑LAN (SOL) protocols :contentReference[oaicite:4]{index=4} **Main Features:** - Hardware-level, out-of-band device management independent of host OS :contentReference[oaicite:5]{index=5} - Remote power control, hardware monitoring (temperature, fans, chassis), remote console access via SOL and KVM over IP :contentReference[oaicite:6]{index=6} - Versions 1.5 and 2.0 refined over time including IPv6 and enhanced authentication; Redfish emerging as modern alternative :contentReference[oaicite:7]{index=7} **Use Cases:** - Remote BIOS access, hardware diagnostics, firmware recovery - Server power cycling and remote console access, especially when OS is not responsive **Alternative Protocols:** - Redfish — RESTful, modern hardware management API .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: What You Will Learn in This Section **Let us learn more about IPMI:** * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`IPMI Version&IEEE Details ` * :ref:`IPMI Basic Setup on Ubuntu using IPv4 ` * :ref:`IPMI Basic Setup on Ubuntu using IPv6 ` * :ref:`IPMI Protocol Packet Details ` * :ref:`IPMI Usecases ` * :ref:`IPMI Basic Features ` * :ref:`Reference links ` .. button-link:: ./IPMI.html :color: primary :shadow: :expand: Jump to "IPMI"