Configuration Management Solution for SP Networks
Manual and repetitive network-wide configuration management tasks can be considered as one of the most tedious operating activities while managing service provider networks. The chances of human errors and operational overhead of this process are very high, and it can be harmful to the overall health of the business.
This case study was carried out to provide configuration management solutions for the most tedious network operating activities within an Island-wide service provider network. Customer SP network consists of 1500-1600 Cisco network devices. These devices run MPLS, MP-BGP, and ISIS protocol to forward thousands of enterprise customer traffic associated with business and mission-critical applications such as banks, power plants, military bases, and hospitals. Around 50-60% of these network devices are legacy network nodes with limited programmatic access. Therefore, the customer’s network operation team use to carry out most of the operation and configuration tasks manually.
We identified following manual configuration and operation tasks are possible to generate an extra operational cost for the customer,
- Repetitive network-wide configuration changes (Ex: ACL changes, SNMP config, device hostname, and interface description changes)
- Pre- and post-customer service (MPLS L2/L3 VPN) verifications during the network migration and live cut-over activities.
- Customer service assurance in terms of layer 2 and layer 3 connectivity (MPLS L2 VPN, L3 VPN)
- Collect and analyze device health checks (Ex: CPU, memory, bandwidth utilization, fan speed, and temperature)
- Monthly evaluation of the maintenance of network configuration standards and conventions (hostname and interface descriptions naming conventions)
Executive Summary of the Solution
Introducing a Python-based scripting solution to enable programmatic configuration management based on the customer network setup. With the solution, customers can perform network-wide configuration changes efficiently in a short period of time. Further, automated pre and post-customer service (MPLS L2/L3 VPN) verification can be enabled using python-based scripting.
Usage of technologies within the solution can be introduced as follows.
Netmiko is a multi-vendor SSH Python library that simplifies the process of connecting to network devices via SSH. This library adds vendor-specific logic to Paramiko, which is the de- facto SSH library in Python. The solution use Netmiko and Netmiko’s dispatch method to connect network devices via an intermediate SSH Linux server.
Regular expression is string-searching algorithms for "find" operations on strings. The solution use regex to analyse, validation and purse show command output received from devices devices via Netmiko SSH channels.
The solution uses the python multiple processing library to interact with multiple network devices simultaneously. Multiprocessing makes it possible to rapidly deploy network-wide configuration changes efficiently in a short period of time.
A simple architectural diagram of the solution is illustrated below.
Value to Customer
The basic goal of the case study was to automate most of the manual operation and configuration tasks by introducing programmatic access to network devices.
- Enhance the process of rapid network service migration with automated pre and post- customer service (MPLS L2/L3 VPN) verifications
- Automated collection and analysis of network device health data for service assurance, troubleshooting, and service migrations
- Enable a programmatic approach for rapid network-wide configuration changes
- Configuration management solution that uses existing network setup and free open-source resources (Python libraries)
Finally, we were able to conclude its possible to develop a configuration management solution for customer networks using open-source resources like Python, Netmiko, and Regular expressions. One of the best achievements of our effort is developing our solution utilizing the existing network infrastructure of the customer. Our solution work without any paid hardware or software packages. Network operation engineers can use it with an existing network setup and a personal laptop computer. Users of this solution do not need to be experts in software concepts. Therefore, our solution can be considered as a zero-capital investment option for them to enable network programmability within the network.