Hey Mel :D LOL – Of course there is only one truth – But you’ve just underlined the problem with humans and the CLI; humans have their own perspective of the truth and that interferes with the real truth, no I don’t like to have to say that but to ignore it is folly. Customers not configured on the right service, or during a failure the config gets restored from back up where it isn’t accurate because Freddo configured the upgrade but didn’t put it into some type of inventory… The minute you have humans involved in engaging with the CLI is the minute you lose the truth, are there tasks the CLI can be used for without that risk – of course but for anything to do with configuration humans just can’t be involved via CLI. There are far too many important networks in the world that are still being managed like this and our mission as network operators is to maximise the use of the network and ensure that there is trust in what we are providing then more and more and more applications and cool uses of the network will arrive. Neil. From: Mel Beckman <mel@beckman.org> Date: Wednesday, 19 March 2025 at 18:06 To: nanog@lists.nanog.org <nanog@lists.nanog.org> Cc: Neil J. McRae <neil@domino.org>, nanog@lists.nanog.org <nanog@lists.nanog.org>, nanog@lists.nanog.org <nanog@lists.nanog.org> Subject: Re: [NANOG] Re: The Network CLI -- Love it ? Hate it? Needed? LOL! Come on now, Neil. There is only one truth, and that is what is in the network. It isn’t what you remember, or what you think it is, because those can all be faulty. There is no “your truth“, or “my truth“. There is only “The Truth“. The network configuration may be incorrect, but it is still the true state of things. If we can’t even agree on the basic definition of “what is truth“, how can we have a meaningful discussion? -mel
On Mar 19, 2025, at 10:53 AM, Neil J. McRae via NANOG <nanog@lists.nanog.org> wrote:
The live network _should_ be the truth, but unless you have really nailed config and change management then your truth is what you remember and humans make terrible eye witnesses.
Things might be working, but are your customers getting billing correctly, or the correct service? Or does that failover work? Did you put back in that filter you took out to debug something?
I see a number of orgs doing all they can to prevent/minimise any use of CLI and in my view I think it’s the only direction the network can go in. There is way to much complexity and that is growing and growing and managing the truth in your head as what you remember will one day hurt.
Outside of power I’d guess CLI makes up the vast majority of network outages. In my view it can’t be the future.
Neil.
From: sronan--- via NANOG <nanog@lists.nanog.org> Date: Wednesday, 19 March 2025 at 17:08 To: nanog@lists.nanog.org <nanog@lists.nanog.org> Cc: nanog@lists.nanog.org <nanog@lists.nanog.org>, sronan@ronan-online.com <sronan@ronan-online.com> Subject: [NANOG] Re: The Network CLI -- Love it ? Hate it? Needed? It seems people are confusing “source of truth” with “intended truth”, or maybe people have a different definition of truth than I do.
The network is always the only source of truth as it is what is actually deployed in the network, it is the truth about what is, while I can intend for that truth to be different, that doesn’t change the reality of the situation.
Shane
On Mar 19, 2025, at 12:54 PM, borg--- via NANOG <nanog@lists.nanog.org> wrote:
Yeah, you are right here. There is tooling that is able to dump all configs from network devices and compare it to docs and generate reports.
I never had to use something like this, but seems usefull to enforce state of trust from documentation.. If deviation is detected, it have to be fixed right away.. And is even easy to blame who made deviation. You can use 'svn blame' from docs and access log from devices.
In my small team (5 ppl) it was solved by saying: docs is the only source of trust, if you find deviation, docs telling the true. In case of complains, 'svn blame' + logs to the rescue.
---------- Original message ----------
From: Mns Nilsson via NANOG <nanog@lists.nanog.org> To: North American Network Operators Group <nanog@lists.nanog.org> Cc: Josh Reynolds <joshr@spitwspots.com>, Mns Nilsson <mansaxel@besserwisser.org> Subject: [NANOG] Re: The Network CLI -- Love it ? Hate it? Needed? Date: Wed, 19 Mar 2025 13:37:30 +0100
A *proposed* state or maybe even a snapshot of a particular time is more likely.
Documentation that deviates from reality will get ignored, forgotten and rejected. Treating it as plans and intents will work much better. We probably do that without reflecting over it already. Officially acknowledging it will only improve the process.
-- M˙˙ns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE SA0XLR +46 705 989668 Xerox your lunch and file it under "sex offenders"! _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/4UUWI6QO...
NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/N3RZ6WKQ... _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/EKEW2ODG...