On Wed, 19 Mar 2025 at 13:40, borg--- via NANOG <nanog@lists.nanog.org> wrote:
Hmm, I somehow reversed the model here. The source of trust is documentation, NOT the network. Works pretty well here, but I guess because I have very small scale. Managing around 200+ switches (campus and R&D networks).
I believe this is the right method and Nilsson has the wrong method. Guaranteeing state and correctness of thousands of nodes is a weird ask. Guaranteeing state and correctness of RDBMS is a well understood problem. You dump complete state from RDBMS and replace the network, without caring what the old state in the network is. Yes this fits the brown field terribly. But it is actually easy to move to this in a brownfield too. step1) dump native config to text-file in git step2) this is now your central-state, you edit the text-files and dump them to network upon changes step3) you start to remove lines from text-file as you model them in RDBMS step3 continues forever, you're never done. -- ++ytti