alex_aldo - Fotolia

Network configuration tools: A primer

Script management, intent-based systems and new strategies with network configuration tools are propelling a paradigm shift in the way that networks are managed.

Network automation is changing the face of the industry, and advanced network configuration tools are driving the paradigm shift. From intent-based networking, or IBN, to change management automation, new tools are necessary, as networks become increasingly distributed and complex. Manual configuration is slowly giving way to new management strategies.

Strategies for network configuration tools

The question for many networking teams is this: When is it best to start using automation, and how should it be implemented? For many teams, the best place to start is building configurations. Engineers don't need to use a command-line interface (CLI), and they are able to begin thinking about device configurations from the perspective of the variables that set different configurations apart.

A configuration management strategy will also depend on the type of automation system to be used. Configurations are not necessarily functional blocks common across such operations as authentication, authorization and accounting, or Simple Network Management Protocol. That can leave too many gaps.

Experienced automation engineers identify variables from the configuration, creating larger templates in Jinja2 and Ansible, with fewer different variables. For instance, using automation within a Cisco switch configuration, the virtual LAN ID, VLAN name and IP address can be combined to create a virtual interface and a VLAN definition. This approach, according to Terry Slattery, principal architect at NetCraftsmen, is much more powerful than dealing with the problem from the perspective of functional blocks.

Eventually, training new engineers to manually configure components may become less necessary beyond a simple baseline. But that will vary significantly from person to person. For some, manual configuration can be a good starting point for generating automation.

The advent of IBN, meantime, is redefining the scope of automation. IBN makes it possible to abstract CLI in favor of a graphical user interface engineers can use to determine what they want to occur on the network, based on business needs.

Vendors, including Cisco, Apstra, Veriflow and Forward Networks, among others, are developing network configuration tools that dovetail with IBN. The goal is to cut down on the number of hours required to configure networks.

Change management automation

Configuring network devices individually became impractical long ago for most networking teams. For most organizations, the next step was to craft scripts with a series of CLI commands. However, the creation and upkeep of all these scripts is time-consuming and prone to error.

This is especially true with network functions virtualization, mobile phones, virtual switches and bare-metal switches that have greatly increased the size of modern networks. According to industry expert David Jacobs, change management tools have emerged to automate script creation and eliminate the need for network managers to recall particular command syntax for every type of network device.

Change management automation systems archive network configurations from prior updates. If a new update goes awry, the network can quickly be reconfigured to the way it was before. Even the newest device configuration can be rapidly restored if a device stops working and needs to be swapped out. These products scan the network, detecting and reporting manual configuration changes. Scans also log an inventory of devices on the network.

Virtual network functions (VNF) and virtual switches represent new challenges for change management and automation tools. Unlike hardware, virtual machines can be created and then deleted when they are no longer needed; static network configuration tools no longer work. Tools like Ansible, Chef and Puppet give IT teams an option to automate and manage VM-resident functions, including virtual switches and VNFs.

The role of SDN

Software-defined networking introduces a holistic approach to automated management, with network and server management treated as a combined effort. SDN controllers manage network resources, setting up paths for packet flows between source and definition. Unlike in traditional networking, Open Shortest Path First and spanning tree protocols no longer determine the route packets follow.

In SDN systems, apps communicate unique bandwidth requirements, and the controller configures the network to support the requirements. Statically configuring devices -- either manually or through scripts -- is no longer possible.

In this scenario, engineers responsible for change management should develop coding skills and work more closely with application developers to understand resource requirements necessary for each application.

Dig Deeper on Network management and monitoring