Network Protocols for Network Management
Source: Dev.to
Here is the fully consolidated, comprehensive master list of network protocols and standards dedicated strictly to Configuration, Monitoring, Reporting, and Troubleshooting. In reality everything start with purpose. Networking & Communications requires lot more standards than other software & hardware development as they proliferate & develop with partners & free community developers. Standards emerge from De-facto Standards.
- Configuration & Provisioning Protocols
These protocols allocate network identities, push configuration files, and allow administrators or automated scripts to programmatically modify device settings. YANG (Yet Another Next Generation)
Governing Body: IETF (RFC 7950) Layer / Port: Data Modeling Language (Used by NETCONF, RESTCONF, gNMI) Purpose: Defines standardized hierarchical data models used to describe network device configuration and operational state information. It serves as the common modeling language for modern network automation. ZTP (Zero Touch Provisioning)
Governing Body: Industry Standard (Cisco, Juniper, Arista, Nokia, etc.) Layer / Port: Application | Typically DHCP, HTTP, HTTPS, TFTP Purpose: Automates the initial deployment and onboarding of network devices by automatically downloading software images and configuration files without manual intervention. CWMP / TR-069 (CPE WAN Management Protocol)
Governing Body: Broadband Forum Layer / Port: Application | TCP 7547 Purpose: Enables service providers to remotely provision, configure, monitor, and troubleshoot customer-premises equipment such as routers, gateways, and modems. DHCP (Dynamic Host Configuration Protocol)
Governing Body: IETF (RFC 2131 / RFC 3315) Layer / Port: Application | UDP 67, 68 Purpose: Automatically assigns IP addresses, subnet masks, default gateways, and DNS servers to network nodes. NETCONF (Network Configuration Protocol)
Governing Body: IETF (RFC 6241) Layer / Port: Application | TCP 830 (or TCP 6513 over TLS) Purpose: Installs, manipulates, and deletes configuration data on network hardware using XML/YANG models. RESTCONF
Governing Body: IETF (RFC 8040) Layer / Port: Application | TCP 80, 443 Purpose: Provides an HTTP-based REST API interface (GET, POST, PUT, DELETE) to programmatically edit YANG-modeled device configurations. Redfish
Governing Body: DMTF (Distributed Management Task Force) Layer / Port: Application | TCP 443 Purpose: Provides a RESTful API for provisioning, configuring, and managing physical servers, storage systems, and datacenter infrastructure hardware. TFTP (Trivial File Transfer Protocol)
Governing Body: IETF (RFC 1350) Layer / Port: Application | UDP 69 Purpose: A lightweight, connectionless file transfer protocol used to quickly push raw configuration files and boot images to network devices. SFTP / SCP (Secure File Transfer / Secure Copy)
Governing Body: IETF (RFC 4253 via SSH) Layer / Port: Application | TCP 22 Purpose: Secure, encrypted protocols used to back up, restore, and transfer configuration files and operating system images. EST / SCEP (Enrollment over Secure Transport / Simple Certificate Enrollment Protocol)
Governing Body: IETF (RFC 7030 / RFC 8894) Layer / Port: Application | TCP 443 Purpose: Automates the secure configuration, provisioning, and renewal of digital X.509 certificates on network infrastructure. OpenFlow Governing Body: Open Networking Foundation (ONF) Layer / Port: Application | TCP 6653 Purpose: An SDN protocol that allows a centralized controller to directly configure and program the forwarding plane tables of network switches. 2. Monitoring & Telemetry Protocols
These protocols poll health metrics, track interface availability, stream real-time operational status, and keep internal clocks in perfect synchronization. SNMP (Simple Network Management Protocol - v1, v2c, v3)
Governing Body: IETF (RFC 3411 - 3418) Layer / Port: Application | UDP 161 (Polling), UDP 162 (Traps/Alerts) Purpose: Uses a pull-based manager-agent architecture to monitor device health metrics (CPU, memory, interface status) stored in a Management Information Base (MIB). gNMI (gRPC Network Management Interface)
Governing Body: OpenConfig / IETF (Drafts) Layer / Port: Application | TCP 50051 (Runs over HTTP/2 and TLS) Purpose: A modern streaming telemetry protocol that pushes continuous, real-time data states from network devices to collectors without CPU-heavy polling. NTP (Network Time Protocol)
Governing Body: IETF (RFC 5905) Layer / Port: Application | UDP 123 Purpose: Synchronizes device clocks across the entire network infrastructure, ensuring that tracking logs share identical timelines. PTP (Precision Time Protocol)
Governing Body: IEEE 1588 Layer / Port: Application | UDP 319, 320 Purpose: Provides highly accurate clock synchronization between network devices, often achieving sub-microsecond precision for telecom, industrial automation, and financial trading networks. LLDP (Link Layer Discovery Protocol)
Governing Body: IEEE (802.1AB) Layer / Port: Data Link | Native Layer 2 (No port) Purpose: A vendor-neutral neighbor discovery protocol that monitors the physical topology by allowing devices to advertise their identity and features locally. CDP (Cisco Discovery Protocol)
Governing Body: Cisco Systems (Proprietary Industry Standard) Layer / Port: Data Link | Native Layer 2 (No port) Purpose: Shares hardware, software, and configuration details specifically between directly connected adjacent Cisco devices. BMP (BGP Monitoring Protocol)
Governing Body: IETF (RFC 7854) Layer / Port: Application | Dynamic TCP Port Purpose: Extends BGP to stream a continuous, read-only feed of all routing updates and peer connection statuses to a centralized monitoring station. TWAMP / IP SLA (Two-Way Active Measurement / IP Service Level Agreements)
Governing Body: IETF (RFC 5357) / Cisco Systems Layer / Port: Transport / Application | Dynamic UDP Ports Purpose: Generates active synthetic traffic to continuously monitor network jitter, latency, round-trip times, and packet loss. Ethernet OAM (Operations, Administration and Maintenance)
Governing Body: IEEE 802.3ah Layer / Port: Data Link | Native Layer 2 Purpose: Continuously monitors Ethernet links and detects faults, performance degradation, and connectivity failures within carrier-grade Ethernet networks. CFM (Connectivity Fault Management)
Governing Body: IEEE 802.1ag Layer / Port: Data Link | Native Layer 2 Purpose: Performs continuity checks, fault isolation, loopback testing, and path tracing across Layer-2 Ethernet infrastructures. Vendor Streaming Telemetry
Governing Body: Vendor Specific Layer / Port: Application | Typically gRPC/TLS Purpose: Streams real-time operational metrics directly from network devices to collectors without polling, reducing management overhead and improving visibility. 3. Reporting & Traffic Analysis Protocols
These protocols generate event logs, compile transactional network audits, and export packet flow footprints for bandwidth and security profiling. Governing Body: IETF (RFC 5424 / RFC 5425 for TLS) Layer / Port: Application | UDP 514 (Cleartext), TCP 6514 (Secure TLS) Purpose: Sends system alerts, error reports, and critical hardware failures from network elements to a central logging server. NetFlow
Governing Body: Cisco Systems (Industry Standard)
Layer / Port: Application | UDP 2055 (Commonly used) Purpose: Tracks IP traffic footprints by reporting source/destination IPs, packet volumes, and protocol types to map network bandwidth usage. IPFIX (IP Flow Information Export)
Governing Body: IETF (RFC 7011) Layer / Port: Application | UDP 4739, TCP 4739 (Can be secured via TLS/DTLS) Purpose: The formal, vendor-neutral open standard successor to NetFlow v9 used to export structured traffic flow reports to data collectors. sFlow (Sampled Flow)
Governing Body: InMon Corp / sFlow.org Consortium Layer / Port: Application | UDP 6343 Purpose: Utilizes random hardware packet sampling directly at the switch chip level to generate high-speed network traffic reports. RADIUS & TACACS+
Governing Body: IETF (RADIUS - RFC 2865) / Cisco Systems (TACACS+) Layer / Port: Application | UDP 1812/1813 (RADIUS), TCP 49 (TACACS+) Purpose: Provides Accounting and auditing reports that track exactly who modified a device configuration and what commands they typed. TZSP (Tazmen Sniffer Protocol)
Governing Body: Open Industry Standard Layer / Port: Application | UDP 37008 Purpose: Encapsulates and tunnels raw packet captures over a live network from a remote switch to a central traffic analysis machine (like Wireshark). CEF (Common Event Format)
Governing Body: ArcSight Layer / Port: Application Purpose: Standardizes log and security event reporting formats so events from multiple vendors can be processed consistently by centralized SIEM platforms. LEEF (Log Event Extended Format)
Governing Body: IBM Layer / Port: Application Purpose: Provides a structured event reporting format used for exporting security and operational logs into centralized analytics and monitoring systems. Kafka (Distributed Event Streaming Platform)
Governing Body: Apache Software Foundation Layer / Port: Application | TCP 9092 Purpose: Transports telemetry, logs, monitoring data, and operational events between network devices, collectors, analytics engines, and observability platforms. 4. Troubleshooting & Diagnostics Protocols
These protocols isolate physical link errors, map network-wide path routing logic, check for layer-2 loops, and flag delivery failures. ICMP (Internet Control Message Protocol - IPv4)
Governing Body: IETF (RFC 792) Layer / Port: Network | IP Protocol 1 Purpose: Relays routing errors and diagnostic information. It fuels standard diagnostic tools like ping and traceroute. ICMPv6
Governing Body: IETF (RFC 4443) Layer / Port: Network | IP Protocol 58 Purpose: Provides dedicated error messaging, packet diagnostics, and neighbor reachability checks natively for IPv6 networks. ARP (Address Resolution Protocol)
Governing Body: IETF (RFC 826) Layer / Port: Data Link | Native Layer 2 (No port) Purpose: Maps IP addresses to physical MAC addresses. Critical for diagnosing local physical layer connectivity and address conflicts. NDP (Neighbor Discovery Protocol)
Governing Body: IETF (RFC 4861) Layer / Port: Network (Runs inside ICMPv6) Purpose: The IPv6 replacement for ARP. Used to troubleshoot local router discovery, check neighbor status, and identify duplicate IPs. BFD (Bidirectional Forwarding Detection)
Governing Body: IETF (RFC 5880) Layer / Port: Network / Transport | UDP 3784, 3785 Purpose: Tests path connectivity between adjacent network hardware in microseconds, allowing immediate troubleshooting and rerouting if a physical link fails. STP / RSTP (Spanning Tree Protocol / Rapid STP)
Governing Body: IEEE (802.1D / 802.1w) Layer / Port: Data Link | Native Layer 2 (No port) Purpose: Identifies and disables logical loop paths in a switch network. It is crucial for isolating and correcting catastrophic broadcast storms. LACP (Link Aggregation Control Protocol)
Governing Body: IEEE (802.3ad / 802.1AX) Layer / Port: Data Link | Native Layer 2 (No port) Purpose: Bundles multiple physical cables into one logical interface, troubleshooting link degradation by automatically pulling failed wires out of the active bundle. BGP AS-Path & Route Flap Damping
Governing Body: IETF (RFC 4271 / RFC 2439) Layer / Port: Application | TCP 179 Purpose: Tracks global network path steps (AS_PATH) to trace routing loops, while route damping isolates and silences broken, unstable physical lines. UDLD (Unidirectional Link Detection)
Governing Body: Cisco Systems Layer / Port: Data Link | Native Layer 2 Purpose: Detects one-way communication failures on fiber-optic and Ethernet links that may otherwise appear operational at the physical layer. Ethernet Loopback Testing
Governing Body: IEEE Ethernet OAM Layer / Port: Data Link | Native Layer 2 Purpose: Sends test frames through a network path and loops them back to the sender to verify connectivity and identify fault locations. LSP Ping (Label Switched Path Ping)
Governing Body: IETF (RFC 8029) Layer / Port: MPLS / Application Purpose: Verifies end-to-end connectivity and forwarding correctness across MPLS Label Switched Paths. MPLS BFD
Governing Body: IETF Layer / Port: UDP 3784, 3785 Purpose: Provides extremely fast failure detection for MPLS paths, enabling rapid convergence and fault isolation within carrier networks. 5. Security & Encryption Wrapper Protocols
These foundational protocols act as an essential security layer. They encrypt and authenticate the communication channels used by the configuration, monitoring, and reporting protocols above. TLS / DTLS (Transport Layer Security / Datagram TLS)
Governing Body: IETF (RFC 8446) Layer: Presentation / Application (Wraps TCP/UDP traffic) Purpose: Secures RESTCONF (HTTPS), Secure Syslog, gNMI, and IPFIX, shielding administrative credentials and tracking logs from modification or spying. SSH (Secure Shell)
Governing Body: IETF (RFC 4251) Layer / Port: Application | TCP 22 Purpose: Cryptographically secures standard CLI sessions and provides the transport wrapper for NETCONF, SFTP, and SCP operations. LDAP (Lightweight Directory Access Protocol)
Governing Body: IETF (RFC 4511) Layer / Port: Application | TCP/UDP 389, TCP 636 (LDAPS) Purpose: Provides centralized directory services used by network management systems for authentication, authorization, and policy retrieval. Kerberos
Governing Body: IETF (RFC 4120) Layer / Port: Application | TCP/UDP 88 Purpose: Delivers secure ticket-based authentication between users, devices, and management platforms without transmitting passwords across the network. OCSP (Online Certificate Status Protocol)
Governing Body: IETF (RFC 6960) Layer / Port: Application | HTTP/HTTPS Purpose: Validates digital certificate status in real time, ensuring revoked certificates cannot be used for secure management sessions. 6. Management Framework Dependencies
Several protocols within the management ecosystem rely upon foundational information models and databases. SMI (Structure of Management Information)
Governing Body: IETF (RFC 2578) Layer: Management Framework Purpose: Defines the naming conventions, data types, and encoding rules used to create SNMP management objects. MIB (Management Information Base)
Governing Body: IETF (RFC 2578–2580) Layer: Management Framework Purpose: Serves as the structured database of management objects queried and manipulated by SNMP managers and agents. The overall picture of all protocol is as below, [NETWORK MANAGEMENT FRAMEWORK] │ ┌────────────────────────┼─────────────────────────┐ ▼ ▼ ▼ [ DATA MODELS ] [ MANAGEMENT ] [ SECURITY ] │ │ │ ├─ YANG ├─ NETCONF ├─ TLS / DTLS ├─ SMI ├─ RESTCONF ├─ SSH └─ MIB ├─ gNMI ├─ LDAP ├─ SNMP ├─ Kerberos └─ OpenFlow └─ OCSP
│┌───────────────┬──────────────┼──────────────┬──────────────┐ ▼ ▼ ▼ ▼ [CONFIG] [MONITOR] [REPORT] [TROUBLESHOOT] │ │ │ │ ├─ DHCP ├─ SNMP ├─ Syslog ├─ ICMP / NDP ├─ ZTP ├─ gNMI ├─ NetFlow ├─ ARP ├─ NETCONF ├─ NTP ├─ IPFIX ├─ BFD ├─ RESTCONF ├─ PTP ├─ sFlow ├─ STP / RSTP ├─ CWMP ├─ LLDP/CDP ├─ CEF ├─ LACP ├─ Redfish ├─ BMP ├─ LEEF ├─ UDLD ├─ OpenFlow ├─ TWAMP ├─ Kafka ├─ LSP Ping ├─ TFTP ├─ OAM ├─ RADIUS ├─ MPLS BFD └─ SCP/SFTP └─ CFM └─ TACACS+ └─ Ethernet Loopback
────────────────────────────────────────────────────────────── ALL SECURED & WRAPPED BY: TLS • DTLS • SSH • PKI • EST • SCEP • OCSP