[Infrastructures] using IA methodologies to build network element configuration

Jordan Curzon curzonj@byu.edu
Tue, 29 Mar 2005 07:45:34 -0700 

I work at a university and we have over 1000 cisco switches and
routers, mostly we just use tftp to save the config when we have made
changes, but I have built some java classes that wrap the switch and
let you work it like an object. Right now the only changes we use it
for is to automaticaly change vlans based on security violations, but
we are looking at doing more with it. Other than that it is just to
pull network information into other systems. The problem is that the
older engineers arn't comfortable with automation. I would be really
interested too in this area.

Jordan Curzon


On Tue, 29 Mar 2005 14:11:14 +1000, Andrew Fort <afort@choqolat.org> wrote:
> Colleagues,
> Almost invariably, this list discusses (mostly UNIX) systems.
> 
> I'm both a sysadmin and network engineer, having a CS degree background
> and done varying degrees of work as both network engineer/designer and
> sysadmin.  I'm all for sane 'infrastructure design', congruent or
> proscriptive tools to build it, recover it and manage it (depending on
> which lingo you prefer), and so on...
> 
> However, I find that the majority of networks (in fact, all those I've
> ever worked at, both large and small), both initially design their
> network configurations using a manual process, and largely maintain them
> using a manual process.
> 
> I use some cfengine triggers to define build times, and make to manage
> my dependencies and string together my vendor-specific configurations
> (based on the network model), and this is what I'd call a convergent
> tool -- since people are still allowed to configure services manually,
> divergence is inevitable.
> 
> Some have recently tried to raise the profile of doing for networks what
>   we already do for systems, for example; Brent Chapman now has a blog
> discussing this field (www.greatcircle.com/blog/).  I know that some
> have developed their own systems and that some vendors are touting their
> solutions; I am, however, surprised that I find very little information
> about this approach to building networks.
> 
> Is it just that I'm not finding the right folks, or do the majority of
> network engineers (some even call themselves 'architects' ;-) just not
> get it?
> 
> Surely there must be some folks on here who build network configurations
> as well as host configurations?
> 
>    - How have you approached the push/pull problem with applying
> configuration (considering that the major network equipment vendor
> doesn't provide an open 'pull' architecture)
>    - How do you manage order and dependency (I'd argue order is equally
> important for systems as well as networks)?
>    - How do your systems handle/differ for initial system build versus
> ongoing configuration management?
> 
> I have a few ideas about this I'd love to discuss, but won't use any
> more bandwidth unless there are interested parties.  Anyone?
> 
> regards,
> andrew fort
> _______________________________________________
> Infrastructures mailing list
> Infrastructures@mailman.terraluna.org
> http://mailman.terraluna.org/mailman/listinfo/infrastructures
>