I posted a message to the NANOG mailing list earlier this morning, hoping to stimulate discussion:
Date: Fri, 4 Mar 2005 09:15:19 -0800
From: Brent Chapman <Brent@GreatCircle.COM>
Subject: Network automation?
What's the state of the art for automated network configuration and management? What systems and tools are available, either freely or commercially? Where are these issues being considered and discussed?
I'm not simply talking about network status monitoring systems like HP OpenView, or device configuration monitoring systems like RANCID, although those are certainly useful. Instead, I'm talking about systems that will start from a description of how a network ought to be configured, and then interact with the various devices on that network to make it so; something like cfengine for network devices.
Over the last 15 years or so, much of the research in the system administration field has focused on automation. It's now well accepted that a well-run operation doesn't manage 10,000 servers individually, but rather uses tools like cfengine to manage definitions of those servers and then create instances of those servers as needed. In the networking world, though, most of us seem to be still manually configuring (and reconfiguring) every device.
Luke A. Kanies does a good job of explaining the logic behind this approach in an article he wrote a few years ago at
The key benefits that he sees from automation are:
1) Reducing the amount of time a given task requires.
2) Reducing the opportunity for error in a given task.
3) Reducing turnaround time for a given task.
4) Enhancing and perpetuating configuration consistency across multiple systems.
5) Providing a limited kind of process documentation.
I concur with him about all of those. I think these benefits (particularly the 4th one, consistency) are critical if your goal is to offer a reliable service (increasing MTBF and decreasing MTTR).
So, like I asked at the top, where are we on this?