North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
RE: What's wrong with provisioning tools?
- From: Daniska Tomas
- Date: Thu Jun 13 09:19:02 2002
Title: Message
by the
way - those speech-synthesis terminals were a just joke or is anyone really
using them? :))
--
Tomas Daniska
systems engineer
Tronet Computer Networks
Plynarenska 5, 829 75 Bratislava,
Slovakia
tel: +421 2 58224111, fax: +421 2
58224199
A transistor protected by a fast-acting fuse will protect the fuse by blowing
first.
David,
Almost all of what
you're talking about is network device configuration file management -- there
are several solutions out there today that do this. The rest is template-based
configuration provisioning tools, which typically have no operational model of
the network -- so it should be no surprise that they generate the wrong
configurations. So there are two questions:
The first is why aren't
operators using even simple config management tools (Is every single one
lacking somehow, or is it operational intertia?)
The more interesting
one, IMHO, concerns operational complexity. It seems that complexity is really
what makes it hard to operate an IP network -- even with highly skilled
engineers -- and is also the barrier to writing useful network provisioning
and configuration software. What abstractions would make it easier to
understand the network and hence figure out the right configuration changes to
make, so software wouldn't generate config changes that are
broken?
Regards,
Mathew
At 01:38 PM 6/12/2002
-0400, David Daley wrote:
A couple
of times during NANOG25, from the floor and from the podium, it was
identified that the tools available for managing networks were garbage. I
was surprised to hear that even real basics, such as change control
and configuration management, weren't widely adopted. There definitely
seemed to be an acceptance (and perhaps this is only true at some carriers)
that many problems facing providers today are as a result of a dearth of
decent tools to configure 'best common practices' into the routers - and as
a result of this, the 'problems' with the networks were not with the h/w
and/or the protocols they support, but with the people, and their lack of
experience and/or ability to properly configure the boxes. A couple of comments that I heard over the last
few days: 1) User interfaces are horrible and counter intuitive - I want
'xyz' out of my GUI 2) Systems blindly apply bad configurations to
routers - they should be able to do 'some' verification before crashing my
network - and can't roll back after they wreck things 3) Change control
either doesn't exist, isn't usable, or isn't granular enough 4) There
isn't anything to track non sanctioned changes to the network (i.e.: hacker
induced re-configurations) I would very much like to hear about
"specific" needs for (provisioning) tools that would satisfy your needs -
needs that are either being poorly met to today, or not at all. In the hopes
of preventing a vendor-bash extravaganza, I would suggest as a point of
reference, that the NMS recommendations presented by Avi Freedman during the
conference ("Industry/Government Infrastructure Vulnerability Assessment:
Background and Recommendations". Of the recommendations pertinent to network
management, many refer to future-features. As an additional attempt to
constraint the discussion, I would recommend that the needs identified be
realistic (i.e.: supportable on current equipment, the cost of the solution
would be less than the cost of the problem, etc). Cheers, David - David
Daley +1.905.922.6560 (global) [email protected] www.montagueriver.com Montague River Networks Inc.
|