[NANOG] Re: The Network CLI -- Love it ? Hate it? Needed?

["Neil J. McRae via NANOG" <nanog () lists nanog org>]

The live network _should_ be the truth, but unless you have really nailed config and change management then your truth 
is what you remember and humans make terrible eye witnesses.

Things might be working, but are your customers getting billing correctly, or the correct service? Or does that 
failover work? Did you put back in that filter you took out to debug something?

I see a number of orgs doing all they can to prevent/minimise any use of CLI and in my view I think it’s the only 
direction the network can go in. There is way to much complexity and that is growing and growing and managing the truth 
in your head as what you remember will one day hurt.

Outside of power I’d guess CLI makes up the vast majority of network outages. In my view it can’t be the future.

Neil.

From: sronan--- via NANOG <nanog () lists nanog org>
Date: Wednesday, 19 March 2025 at 17:08
To: nanog () lists nanog org <nanog () lists nanog org>
Cc: nanog () lists nanog org <nanog () lists nanog org>, sronan () ronan-online com <sronan () ronan-online com>
Subject: [NANOG] Re: The Network CLI -- Love it ? Hate it? Needed?
It seems people are confusing “source of truth” with “intended truth”, or maybe people have a different definition of 
truth than I do.

The network is always the only source of truth as it is what is actually deployed in the network, it is the truth about 
what is, while I can intend for that truth to be different, that doesn’t change the reality of the situation.

Shane

> On Mar 19, 2025, at 12:54 PM, borg--- via NANOG <nanog () lists nanog org> wrote:
>
> Yeah, you are right here. There is tooling that is able to dump all configs
> from network devices and compare it to docs and generate reports.
>
> I never had to use something like this, but seems usefull to enforce
> state of trust from documentation.. If deviation is detected,
> it have to be fixed right away.. And is even easy to blame who made
> deviation. You can use 'svn blame' from docs and access log from devices.
>
> In my small team (5 ppl) it was solved by saying: docs is the only
> source of trust, if you find deviation, docs telling the true.
> In case of complains, 'svn blame' + logs to the rescue.
>
>
> ---------- Original message ----------
>
> From: Mns Nilsson via NANOG <nanog () lists nanog org>
> To: North American Network Operators Group <nanog () lists nanog org>
> Cc: Josh Reynolds <joshr () spitwspots com>,
>    Mns Nilsson <mansaxel () besserwisser org>
> Subject: [NANOG] Re: The Network CLI -- Love it ? Hate it? Needed?
> Date: Wed, 19 Mar 2025 13:37:30 +0100
>
> > A *proposed* state or maybe even a snapshot of a particular time is more
> > likely.
>
> Documentation that deviates from reality will get ignored, forgotten
> and rejected.  Treating it as plans and intents will work much better.
> We probably do that without reflecting over it already. Officially
> acknowledging it will only improve the process.
>
> --
> M˙˙ns Nilsson     primary/secondary/besserwisser/machina
> MN-1334-RIPE           SA0XLR            +46 705 989668
> Xerox your lunch and file it under "sex offenders"!
> _______________________________________________
> NANOG mailing list
> https://lists.nanog.org/archives/list/nanog () lists nanog org/message/4UUWI6QOZV2NI4LIUXZE6FI5KHGEWDZL/
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/N3RZ6WKQWI76ZLAOOL5CE7FGMUBATQQ2/
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/EKEW2ODGRV36S3TVAHJSG7IRVHG7YRVW/