MCP-Telecom

The first Model Context Protocol server for network equipment.

Active — v0.2.0 on PyPIGitHub PyPI — pip install mcp-telecom

Problem

LLM agents have no standardized way to interact with network equipment. Each vendor has different CLIs, APIs, and protocols. Existing automation tools (Ansible, Nornir) are designed for scripts, not conversational AI. There is no Model Context Protocol server for the telecom domain — meaning AI agents are locked out of network operations entirely.

Approach

MCP-Telecom is a production-grade MCP server that exposes 60+ tools for multi-vendor network equipment via four transport protocols (SSH, NETCONF, SNMP, gNMI). It includes a 20+ blocked-pattern safety layer that prevents destructive commands, connection pooling for efficient device reuse, a parallel executor for multi-device operations, and LLDP/CDP topology discovery with BFS traversal. The entire system is published on PyPI as a pip-installable package.

┌─────────────────────────────────────────────────────────┐
│                    LLM / AI Agent                       │
│              (Claude, GPT, local models)                │
└──────────────────────┬──────────────────────────────────┘
                       │ MCP Protocol (stdio / SSE)
┌──────────────────────▼──────────────────────────────────┐
│                  MCP-Telecom Server                      │
│  ┌────────────────────────────────────────────────────┐ │
│  │              60+ MCP Tools                         │ │
│  │  show_interfaces · get_bgp_neighbors · get_vlans   │ │
│  │  get_routes · get_lldp_neighbors · get_snmp_data   │ │
│  │  get_running_config · topology_discover · ...      │ │
│  └────────────────────┬───────────────────────────────┘ │
│  ┌────────────────────▼───────────────────────────────┐ │
│  │           Safety Gate (20+ rules)                  │ │
│  │  Blocked: reload, write erase, format, shutdown    │ │
│  │  Blocked: rm, delete, certificate, crypto key      │ │
│  └────────────────────┬───────────────────────────────┘ │
│  ┌────────────────────▼───────────────────────────────┐ │
│  │          Connection Pool + Parallel Executor       │ │
│  └──┬──────────┬──────────┬──────────┬────────────────┘ │
│     │          │          │          │                   │
│  ┌──▼───┐  ┌──▼────┐  ┌──▼───┐  ┌──▼────┐              │
│  │ SSH  │  │NETCONF│  │ SNMP │  │ gNMI  │              │
│  │Netmi-│  │ncclie-│  │pysnmp│  │ gRPC  │              │
│  │ ko   │  │ nt    │  │  v7  │  │       │              │
│  └──┬───┘  └──┬────┘  └──┬───┘  └──┬────┘              │
└─────┼─────────┼──────────┼─────────┼────────────────────┘
      │         │          │         │
┌─────▼─────────▼──────────▼─────────▼────────────────────┐
│              Network Equipment (7 Vendors)               │
│  Nokia SR OS · Cisco IOS/IOS-XE/IOS-XR/NX-OS           │
│  Juniper Junos · Arista EOS                             │
└─────────────────────────────────────────────────────────┘

How it works

Transport Layer

Four transport protocols cover the full spectrum of network management interfaces. SSH via Netmiko handles CLI-based interactions (show commands, configuration). NETCONF via ncclient provides structured XML-based config retrieval and editing over YANG models. SNMP via pysnmp v7 handles monitoring data (interface counters, system info). gNMI via gRPC enables streaming telemetry and model-driven management.

Vendor Platform	SSH	NETCONF	SNMP	gNMI
Nokia SR OS	✓	✓	✓	✓
Cisco IOS	✓	—	✓	—
Cisco IOS-XE	✓	✓	✓	✓
Cisco IOS-XR	✓	✓	✓	✓
Cisco NX-OS	✓	✓	✓	—
Juniper Junos	✓	✓	✓	✓
Arista EOS	✓	✓	✓	✓

Safety Gate

Every command is validated against 20+ blocked patterns before execution. Patterns include destructive operations (reload, write erase, format disk), security-sensitive commands (crypto key generate, certificate), and system-altering commands (shutdown, delete). The safety layer also enforces 20+ compliance rules covering authentication, session management, and audit logging. All blocked attempts are logged with JSONL audit trails.

Connection Pooling & Parallel Execution

Device connections are pooled and reused across tool invocations, avoiding the overhead of SSH handshake per command. The parallel executor enables multi-device operations (e.g., "show interfaces on all routers") with concurrent execution and result aggregation.

Topology Discovery

LLDP and CDP neighbor data is collected from each device and assembled into a network topology graph using BFS traversal. This enables AI agents to understand the physical and logical network layout without manual input.

Observability

A FastAPI dashboard provides real-time visibility into server state. Prometheus metrics expose tool invocation counts, latency histograms, and error rates. JSONL audit logging captures every command executed, which device, which user, and whether it was blocked.

Metrics

5,500

Lines of Code

60+

MCP Tools

157

Test Cases

Vendor Platforms

Transport Protocols

20+

Safety Rules

Source Files

MCP Resources

MCP Prompts

Tech stack

Core

Python 3.10–3.12MCP SDKasyncio

Transport

Netmiko (SSH)ncclient (NETCONF)pysnmp v7 (SNMP)gRPC (gNMI)

Observability

FastAPIPrometheusJSONL Audit Log

Testing & CI

pytestGitHub ActionsPython 3.10/3.11/3.12 matrix

Packaging

PyPIpipsetuptools

Lab

ContainerlabDockercEOS / cSRX / vSROS images

Lessons learned

Building for the MCP spec while it was still evolving meant re-fitting tool schemas more than once. The bigger lesson was on the safety side: I underestimated how often an LLM will confidently suggest a command that would take down a box. The safety gate started as one file of regexes and grew into a proper policy layer. If I were starting over, I'd build the policy layer first and the tool surface second.

Timeline

Started March 2025. v0.1.0 released April 2025. v0.2.0 (current) released May 2025 with gNMI support, expanded vendor coverage, and Containerlab integration. v0.3 in development with RESTCONF transport.