[48689] in North American Network Operators' Group
What's wrong with provisioning tools?
daemon@ATHENA.MIT.EDU (David Daley)
Wed Jun 12 13:39:14 2002
From: "David Daley" <daley@montagueriver.com>
To: <nanog@trapdoor.merit.edu>
Date: Wed, 12 Jun 2002 13:38:18 -0400
Errors-To: owner-nanog-outgoing@merit.edu
This is a multi-part message in MIME format.
------=_NextPart_000_0024_01C21216.6D514BA0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
A couple of times during NANOG25, from the floor and from the podium,
it was identified that the tools available for managing networks were
garbage. I was surprised to hear that even real basics, such as change
control and configuration management, weren't widely adopted. There
definitely seemed to be an acceptance (and perhaps this is only true at
some carriers) that many problems facing providers today are as a result
of a dearth of decent tools to configure 'best common practices' into
the routers - and as a result of this, the 'problems' with the networks
were not with the h/w and/or the protocols they support, but with the
people, and their lack of experience and/or ability to properly
configure the boxes.
A couple of comments that I heard over the last few days:
1) User interfaces are horrible and counter intuitive - I want 'xyz' out
of my GUI
2) Systems blindly apply bad configurations to routers - they should be
able to do 'some' verification before crashing my network - and can't
roll back after they wreck things
3) Change control either doesn't exist, isn't usable, or isn't granular
enough
4) There isn't anything to track non sanctioned changes to the network
(i.e.: hacker induced re-configurations)
I would very much like to hear about "specific" needs for (provisioning)
tools that would satisfy your needs - needs that are either being poorly
met to today, or not at all. In the hopes of preventing a vendor-bash
extravaganza, I would suggest as a point of reference, that the NMS
recommendations presented by Avi Freedman during the conference
("Industry/Government Infrastructure Vulnerability Assessment:
Background and Recommendations". Of the recommendations pertinent to
network management, many refer to future-features. As an additional
attempt to constraint the discussion, I would recommend that the needs
identified be realistic (i.e.: supportable on current equipment, the
cost of the solution would be less than the cost of the problem, etc).
Cheers,
David
-
David Daley
+1.905.922.6560 (global)
daley@montagueriver.com
www.montagueriver.com
Montague River Networks Inc.
------=_NextPart_000_0024_01C21216.6D514BA0
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<TITLE>Message</TITLE>
<META content=3D"MSHTML 6.00.2716.2200" name=3DGENERATOR></HEAD>
<BODY>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D739532116-12062002>A =
couple of times=20
during NANOG25, from the floor and from the podium, it was =
identified=20
that the tools available for managing networks were garbage. I was =
surprised to=20
hear that even real basics, such as change control and =
configuration=20
management, weren't widely adopted. There definitely seemed to be an =
acceptance=20
(and perhaps this is only true at some carriers) that many problems =
facing=20
providers today are as a result of a dearth of decent tools to configure =
'best=20
common practices' into the routers - and as a result of this, the =
'problems'=20
with the networks were not with the h/w and/or the protocols they =
support,=20
but with the people, and their lack of experience and/or ability to =
properly=20
configure the boxes.</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D739532116-12062002>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D739532116-12062002></SPAN></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D739532116-12062002>A =
couple of comments=20
that I heard over the last few days:</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D739532116-12062002>1) =
User interfaces=20
are horrible and counter intuitive - I want 'xyz' out of my=20
GUI</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D739532116-12062002>2) =
Systems blindly=20
apply bad configurations to routers - they should be able to do 'some'=20
verification before crashing my network - and can't roll back after they =
wreck=20
things</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D739532116-12062002>3) =
Change control=20
either doesn't exist, isn't usable, or isn't granular =
enough</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D739532116-12062002>4) =
There isn't=20
anything to track non sanctioned changes to the network (i.e.: hacker =
induced=20
re-configurations)</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D739532116-12062002></SPAN></FONT> </DIV></SPAN></FONT></DIV>=
<DIV><FONT face=3DArial size=3D2><SPAN class=3D739532116-12062002>I =
would very much=20
like to hear about "specific" needs for (provisioning) tools that would =
satisfy=20
your needs - needs that are either being poorly met to today, or not at =
all. In=20
the hopes of preventing a vendor-bash extravaganza, I would suggest as a =
point=20
of reference, that the NMS recommendations presented by Avi Freedman =
during the=20
conference ("Industry/Government Infrastructure Vulnerability =
Assessment:=20
Background and Recommendations". Of the recommendations pertinent to =
network=20
management, many refer to future-features. As an additional attempt to=20
constraint the discussion, I would recommend that the needs identified =
be=20
realistic (i.e.: supportable on current equipment, the cost of the =
solution=20
would be less than the cost of the problem, etc).</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D739532116-12062002></SPAN></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D739532116-12062002>Cheers,</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D739532116-12062002>David</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D739532116-12062002></SPAN></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D739532116-12062002>-</SPAN></FONT></DIV>
<DIV align=3Dleft>David Daley <BR>+1.905.922.6560 (global)=20
<BR>daley@montagueriver.com <BR>www.montagueriver.com <BR>Montague River =
Networks Inc. <BR></DIV>
<DIV> </DIV></BODY></HTML>
------=_NextPart_000_0024_01C21216.6D514BA0--
