RE: What's wrong with provisioning tools?

["Daniska Tomas" <tomas () tronet com>]

by the way - those speech-synthesis terminals were a just joke or is anyone really using them? :))
 
 
--
 
Tomas Daniska
systems engineer
Tronet Computer Networks
Plynarenska 5, 829 75 Bratislava, Slovakia
tel: +421 2 58224111, fax: +421 2 58224199
 
A transistor protected by a fast-acting fuse will protect the fuse by blowing first.

-----Original Message-----
From: Mathew Lodge [mailto:mathew () cplane com] 
Sent: 12. júna 2002 23:25
To: David Daley; nanog () trapdoor merit edu
Subject: Re: What's wrong with provisioning tools?


David,

Almost all of what you're talking about is network device configuration file management -- there are several solutions 
out there today that do this. The rest is template-based configuration provisioning tools, which typically have no 
operational model of the network -- so it should be no surprise that they generate the wrong configurations. So there 
are two questions:

The first is why aren't operators using even simple config management tools (Is every single one lacking somehow, or is 
it operational intertia?)

The more interesting one, IMHO, concerns operational complexity. It seems that complexity is really what makes it hard 
to operate an IP network -- even with highly skilled engineers -- and is also the barrier to writing useful network 
provisioning and configuration software. What abstractions would make it easier to understand the network and hence 
figure out the right configuration changes to make, so software wouldn't generate config changes that are broken?

Regards,

Mathew




At 01:38 PM 6/12/2002 -0400, David Daley wrote:


A couple of times during NANOG25, from the floor and from the podium,  it was identified that the tools available for 
managing networks were garbage. I was surprised to hear  that even real basics, such as change control and 
configuration management, weren't widely adopted. There definitely seemed to be an acceptance (and perhaps this is only 
true at some carriers) that many problems facing providers today are as a result of a dearth of decent tools to 
configure 'best common practices' into the routers - and as a result of this, the 'problems' with the networks were not 
with the h/w and/or the protocols they support, but with the people, and their lack of experience and/or ability to 
properly configure the boxes.
 
A couple of comments that I heard over the last few days:
1) User interfaces are horrible and counter intuitive - I want 'xyz' out of my GUI
2) Systems blindly apply bad configurations to routers - they should be able to do 'some' verification before crashing 
my network - and can't roll back after they wreck things
3) Change control either doesn't exist, isn't usable, or isn't granular enough
4) There isn't anything to track non sanctioned changes to the network (i.e.: hacker induced re-configurations)
 
I would very much like to hear about "specific" needs for (provisioning) tools that would satisfy your needs - needs 
that are either being poorly met to today, or not at all. In the hopes of preventing a vendor-bash extravaganza, I 
would suggest as a point of reference, that the NMS recommendations presented by Avi Freedman during the conference 
("Industry/Government Infrastructure Vulnerability Assessment: Background and Recommendations". Of the recommendations 
pertinent to network management, many refer to future-features. As an additional attempt to constraint the discussion, 
I would recommend that the needs identified be realistic (i.e.: supportable on current equipment, the cost of the 
solution would be less than the cost of the problem, etc).
 
Cheers,
David
 
-
David Daley 
+1.905.922.6560 (global) 
daley () montagueriver com 
www.montagueriver.com <http://www.montagueriver.com/>  
Montague River Networks Inc.