Getty Images/iStockphoto
How to test changes in a network lab environment
Test labs are ideal for network engineers to observe potential outcomes of network changes. Successful tests require a solid lab environment and thorough testing process.
When network professionals need to make configuration changes, they could send the change straight to the production network and risk an outage. Or they could test first. Network professionals -- and especially novices -- should test changes in network labs.
Even a seemingly trivial change in a production network can lead to unexpected and undesired consequences, including network downtime. When network downtime occurs, it prevents communication between devices and disrupts work. Network outages also create more work for network teams who have to restore service.
Network labs replicate the network production environment and enable network engineers to test changes before they go into effect. A sufficient network lab includes testing gear and monitoring tools. Network engineers also need to follow a thorough testing process with comprehensive documentation to test changes.
Network test lab requirements
Testing labs require many testing tools. The ideal environment isn't just useful to test network changes, but also to test any system change. Test labs can replicate the following:
- Networks.
- Endpoint and peripheral devices.
- Servers.
- Storage.
- Applications that run in production environments.
Network labs need physical gear to test and run virtual devices. These devices should be the same kinds of appliances and models found in the production environment.
A production network typically runs on many different generations of appliances, so the network lab environment should mimic this with all the different generations of hardware, firmware and device OSes. The network lab should also be able to instantiate the devices as needed. If physical appliances are unavailable, a network emulation tool can provide a lesser, but useful, alternative.
Network administrators should also ensure test networks are completely separate from outside networks or have a tightly controlled connection to production systems. For example, network administrators could dictate only certain types of traffic, such as DNS traffic, can pass through the test network.
Network engineers should keep the testing environment in a separate, controlled space to contain changes and minimize the chances of an adverse effect on the production network. For example, in an IaaS environment, a separate virtual private cloud can spin up new instances of network services or virtual appliances.
The more fully segregated or limited in scope the test network is, the more it can benefit from traffic generation tools or full network simulators. These tools stand in for other network segments and their workloads as needed.
Network labs also need monitoring tools to track the effects of changes.
What a testing process needs
The network lab is only half the puzzle of configuration tests. The other half is a solid testing process. A sufficient process brings structure and methodology to how network engineers conduct tests. It provides a known starting state in the test lab that shows if the test succeeds.
An effective process requires clear and careful documentation of changes. Considerations that should be part of network documentation include the following:
- How to conduct the change.
- What to expect and observe in the network after the change.
- How to make observations.
Network engineers must continue documenting changes throughout the testing process. If an unexpected outcome occurs, teams should redo the test and revise documentation to describe modifications, expected results and new observations in the next test run.
The benefits of documentation extend beyond the network lab. For example, network administrators typically follow a change management process to implement changes in their production environments. They can reuse the documentation created during the testing process as input when they implement the changes in the network.
How to test changes in a network lab
Network engineers should test any change they plan to make in a lab first, including changes they don't expect to have any negative effects. Some changes, such as network device upgrades and configuration changes, are more common than others. The process is roughly the same in both situations; only the particulars of the change differ.
To test a device upgrade or configuration change, a network lab should replicate a scaled-down version of a typical production network segment that surrounds the device undergoing change. It should feature the device of the same model and configuration used in production.
For example, to test a switch OS upgrade in the network lab, engineers use a switch as close as possible to the targeted switch in the production network. Network engineers connect the test switch to the same kinds of devices connected to the target switch. The connected devices should be the same kinds of devices, similar in model and configuration, as the ones connected to the target switch.
Before network administrators test the upgrade, they should generate test traffic in the lab and monitor device behavior and performance. This helps ensure the test device performs the same way the device in production does.
When network administrators test the change -- whether a configuration change, device OS upgrade or firmware change -- they should conduct it exactly as documented. If they discover they've left something out, they need to update the documentation to reflect the discrepancies.
Once the test runs, monitor how traffic flows through the test environment. The traffic should show the desired changes in behavior. If it doesn't, then determine why, update the change documentation and test again.
When the test change produces the expected results in the test environment, network engineers can implement it in production through the change management process.
Implement changes with caution
Even a fully tested change can go awry. Unforeseen events, undocumented network factors and previously unknown software bugs or hardware problems can lead to failed changes. Network engineers should follow a change management process as they implement changes.
Best practices for rolling out changes include the following:
- Document the plan.
- Put the plan through review and approval.
- Create a rollback plan if possible.
- Create contingency plans and support for when it isn't possible to roll back a change.
- Create current configuration backups for every device, firmware and software involved.
- Inform stakeholders of upcoming changes.
- Test the production environment after the change.
If novice or experienced network engineers take caution, they make use of network labs to test changes whenever possible. Structured, methodical tests of new devices, tools, technologies or configurations in network labs can minimize the chances of adverse effects on organizations in the wake of changes.
John Burke is CTO and principal research analyst with Nemertes Research. With nearly two decades of technology experience, he has worked at all levels of IT, including end-user support specialist, programmer, system administrator, database specialist, network administrator, network architect and systems architect. His focus areas include AI, cloud, networking, infrastructure, automation and cybersecurity.