[Infrastructures] using IA methodologies to build network element configuration

Brent Chapman Brent@GreatCircle.COM
Fri, 1 Apr 2005 14:43:02 -0800 

At 2:11 PM +1000 3/29/05, Andrew Fort wrote:
>Colleagues,
>Almost invariably, this list discusses (mostly UNIX) systems.
>
>I'm both a sysadmin and network engineer, having a CS degree background
>and done varying degrees of work as both network engineer/designer and
>sysadmin.  I'm all for sane 'infrastructure design', congruent or
>proscriptive tools to build it, recover it and manage it (depending on
>which lingo you prefer), and so on...
>
>However, I find that the majority of networks (in fact, all those I've
>ever worked at, both large and small), both initially design their
>network configurations using a manual process, and largely maintain them
>using a manual process.

To the extent that they're designed at all...  And I think that 
calling how most organizations manage their network a "process" is 
being generous, at best... ;-)

>Some have recently tried to raise the profile of doing for networks what
>   we already do for systems, for example; Brent Chapman now has a blog
>discussing this field (www.greatcircle.com/blog/).

Thanks for the plug!

>I know that some
>have developed their own systems and that some vendors are touting their
>solutions; I am, however, surprised that I find very little information
>about this approach to building networks.
>
>Is it just that I'm not finding the right folks, or do the majority of
>network engineers (some even call themselves 'architects' ;-) just not
>get it?

In my experience, most just don't get it.  The networking folks who 
seem to appreciate it the most are folks who've either got a 
background that includes large-scale system administration 
experience, or folks who've worked on one of the few truly 
large-scale carrier networks that have adopted a heavy-duty 
automation philosophy (Covad, for example; I think somebody else 
mentioned Level 3 as being that way, too).

Most networking folks seem to just keep building and managing bigger 
and bigger networks by hand, until they find themselves in the swamp 
that leads to.  When networks are being set up, though, few folks 
seem to have the foresight (often provided by painful prior 
experience!) to design/build the networks for automation right from 
the start.

Even companies that do a great job of automation on the systems front 
from their very early days fall into this trap.  Many of the folks 
who originally set up one network  that I'm intimately familiar with 
are still with the company, and I talked to them about why they 
didn't organize for automation right from the beginning; the answer 
was basically "We thought, why bother?  There's only a couple of 
routers, and we'll just configure them by hand."  And over time, they 
added a couple more routers, and some switches, and some load 
balancers, and some caching engines, and some VPN concentrators, and 
...  Each step was "just one more, it's not worth automating", but 
the more devices (and types of devices) they had, the harder it 
became to go back and retrofit automation.

So, yeah, I see the networking world as about 10-15 years behind the 
system administration world when it comes to automation.  Folks are 
starting to get that it's a good idea, though, that provides lots of 
benefits in terms of reliability, scalability, manageability, total 
cost of ownership, etc.; all the stuff that's already intuitive to 
folks like those on this list, pursuing automation on the systems 
side.  I've started working on educating the networking world in this 
regard...


-Brent
-- 
Brent Chapman <brent@greatcircle.com> -- Great Circle Associates, Inc.
Specializing in network infrastructure for Silicon Valley since 1989
For info about us and our services, please see http://www.greatcircle.com/
Network Automation blog: http://www.greatcircle.com/blog/network_automation