[Infrastructures] using IA methodologies to build network element configuration

[Andrew Fort]

Tim Nelson wrote:

>> In the networking world (I am not including firewalls in this), I have
>> not yet seen that much data is duplicated and needs to be normalised.
>> If you think that normalisation will help, I am for it.
> 
>     I like the theory, but my admittedly small experience is that there 
> is a fair amount of duplication.  Are your perceptions of duplication 
> being altered by using a wide variety of hardware (rather than a number 
> of similar machines)?

The ironic part is that it is often the "stuff that is meant to be the 
same on every device" type of configuration that diverges!  And that 
causes the most grief (since hey, it's meant to be the same, 'we needn't 
automate that').  Even my last job, a network that pioneered the use of 
RtConfig/RPSL, built everything else network wise manually (but their 
systems group were heavily automated, had half the staff, twice the 
budget, and much more fun :).  Perhaps that's why I don't like the idea 
of these "we'll trust some of the local device state" tools (because 
that sucked in terms of managing a large network).

Without forcing templating, I guarantee your local ISP will be basing 
the configuration of their 'next' router on their 'best' router.  The 
reasons are various, but they can be summarised as:

  - we found out about a new geewhiz feature
  - we read some BCP that said we should disable X
  - our lead architect reckons Y is a good thing, but he doesn't have 
{privs, time} to do it himself (is it really that good a thing if he 
hasn't tested it? ;-)

In other words, it's 'configuration by rumor'.  No wonder the network is 
more reliable over the holidays...

>     Wiki?  :)

Brett Chapman has such a blog (as discussed), but I (also?) feel they 
are somewhat less conversational :)

-andrew