[NANOG] Re: The Network CLI -- Love it ? Hate it? Needed?

["Neil J. McRae via NANOG" <nanog () lists nanog org>]

Hey Mel :D
LOL – Of course there is only one truth – But you’ve just underlined the problem with humans and the CLI; humans have 
their own perspective of the truth and that interferes with the real truth, no I don’t like to have to say that but to 
ignore it is folly.

Customers not configured on the right service, or during a failure the config gets restored from back up where it isn’t 
accurate because Freddo configured the upgrade but didn’t put it into some type of inventory…

The minute you have humans involved in engaging with the CLI is the minute you lose the truth, are there tasks the CLI 
can be used for without that risk – of course but for anything to do with configuration humans just can’t be involved 
via CLI. There are far too many important networks in the world that are still being managed like this and our mission 
as network operators is to maximise the use of the network and ensure that there is trust in what we are providing then 
more and more and more applications and cool uses of the network will arrive.

Neil.

From: Mel Beckman <mel () beckman org>
Date: Wednesday, 19 March 2025 at 18:06
To: nanog () lists nanog org <nanog () lists nanog org>
Cc: Neil J. McRae <neil () domino org>, nanog () lists nanog org <nanog () lists nanog org>, nanog () lists nanog org 
<nanog () lists nanog org>
Subject: Re: [NANOG] Re: The Network CLI -- Love it ? Hate it? Needed?
LOL! Come on now, Neil. There is only one truth, and that is what is in the network. It isn’t what you remember, or 
what you think it is, because those can all be faulty. There is no “your truth“, or “my truth“.  There is only “The 
Truth“.

The network configuration may be incorrect, but it is still the true state of things.

If we can’t even agree on the basic definition of “what is truth“, how can we have a meaningful discussion?

 -mel

> On Mar 19, 2025, at 10:53 AM, Neil J. McRae via NANOG <nanog () lists nanog org> wrote:
>
> The live network _should_ be the truth, but unless you have really nailed config and change management then your 
> truth is what you remember and humans make terrible eye witnesses.
>
> Things might be working, but are your customers getting billing correctly, or the correct service? Or does that 
> failover work? Did you put back in that filter you took out to debug something?
>
> I see a number of orgs doing all they can to prevent/minimise any use of CLI and in my view I think it’s the only 
> direction the network can go in. There is way to much complexity and that is growing and growing and managing the 
> truth in your head as what you remember will one day hurt.
>
> Outside of power I’d guess CLI makes up the vast majority of network outages. In my view it can’t be the future.
>
> Neil.
>
> From: sronan--- via NANOG <nanog () lists nanog org>
> Date: Wednesday, 19 March 2025 at 17:08
> To: nanog () lists nanog org <nanog () lists nanog org>
> Cc: nanog () lists nanog org <nanog () lists nanog org>, sronan () ronan-online com <sronan () ronan-online com>
> Subject: [NANOG] Re: The Network CLI -- Love it ? Hate it? Needed?
> It seems people are confusing “source of truth” with “intended truth”, or maybe people have a different definition of 
> truth than I do.
>
> The network is always the only source of truth as it is what is actually deployed in the network, it is the truth 
> about what is, while I can intend for that truth to be different, that doesn’t change the reality of the situation.
>
> Shane
>
> > On Mar 19, 2025, at 12:54 PM, borg--- via NANOG <nanog () lists nanog org> wrote:
> >
> > Yeah, you are right here. There is tooling that is able to dump all configs
> > from network devices and compare it to docs and generate reports.
> >
> > I never had to use something like this, but seems usefull to enforce
> > state of trust from documentation.. If deviation is detected,
> > it have to be fixed right away.. And is even easy to blame who made
> > deviation. You can use 'svn blame' from docs and access log from devices.
> >
> > In my small team (5 ppl) it was solved by saying: docs is the only
> > source of trust, if you find deviation, docs telling the true.
> > In case of complains, 'svn blame' + logs to the rescue.
> >
> >
> > ---------- Original message ----------
> >
> > From: Mns Nilsson via NANOG <nanog () lists nanog org>
> > To: North American Network Operators Group <nanog () lists nanog org>
> > Cc: Josh Reynolds <joshr () spitwspots com>,
> >   Mns Nilsson <mansaxel () besserwisser org>
> > Subject: [NANOG] Re: The Network CLI -- Love it ? Hate it? Needed?
> > Date: Wed, 19 Mar 2025 13:37:30 +0100
> >
> > > A *proposed* state or maybe even a snapshot of a particular time is more
> > > likely.
> >
> > Documentation that deviates from reality will get ignored, forgotten
> > and rejected.  Treating it as plans and intents will work much better.
> > We probably do that without reflecting over it already. Officially
> > acknowledging it will only improve the process.
> >
> > --
> > M˙˙ns Nilsson     primary/secondary/besserwisser/machina
> > MN-1334-RIPE           SA0XLR            +46 705 989668
> > Xerox your lunch and file it under "sex offenders"!
> > _______________________________________________
> > NANOG mailing list
> > https://lists.nanog.org/archives/list/nanog () lists nanog org/message/4UUWI6QOZV2NI4LIUXZE6FI5KHGEWDZL/
> _______________________________________________
> NANOG mailing list
> https://lists.nanog.org/archives/list/nanog () lists nanog org/message/N3RZ6WKQWI76ZLAOOL5CE7FGMUBATQQ2/
> _______________________________________________
> NANOG mailing list
> https://lists.nanog.org/archives/list/nanog () lists nanog org/message/EKEW2ODGRV36S3TVAHJSG7IRVHG7YRVW/
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/4ZHHJNTX3QM5BSZAGNINOUSW7QWZ2OHP/