Well, you have to anchor your truth somewhere. Either NOS or docs. So, maybe going slighty out of topic. How you handle cabling? No docs at all? Once a month review to update docs? Same about HW list and status.. etc etc? We keep everything in those docs. I made I choice about our mode of operation and we commited to it. Docs here have dual purpose. Source of truth (or short lived intent) and resource reservation. Once you commit stuff, the port, the IP, the VLAN, etc are allocated to you. When you see: Commited revision X. you are done.. You can go home now worring that I need to implement it ASAP, resources are here to stay. Others can do review, provide comments or even point issues. I know that this is not ideal system, there were tensions about workflow, but thats the job of Tech Lead to smooth it out. For now, I cannot find anything better that will suit that workflow and be true AID to work. Once you commit the changes, you have everything nicely provided to you as a changeset of that revision. Grab this server, install in here, plug it into that port, configure it.. then assign this IP. I work like this for 15 years. The planing phase is nicely decoupled from implementation phase. Once first phase is done, you can relax, because it will aid you with info to do implementation.. ---------- Original message ---------- From: sronan@ronan-online.com To: nanog@lists.nanog.org Cc: borg@uu3.net, nanog@lists.nanog.org Subject: Re: [NANOG] Re: The Network CLI -- Love it ? Hate it? Needed? Date: Wed, 19 Mar 2025 13:07:11 -0400 It seems people are confusing ˙˙source of truth˙˙ with ˙˙intended truth˙˙, or maybe people have a different definition of truth than I do. The network is always the only source of truth as it is what is actually deployed in the network, it is the truth about what is, while I can intend for that truth to be different, that doesn˙˙t change the reality of the situation. Shane
On Mar 19, 2025, at 12:54˙˙PM, borg--- via NANOG <nanog@lists.nanog.org> wrote:
˙˙Yeah, you are right here. There is tooling that is able to dump all configs from network devices and compare it to docs and generate reports.
I never had to use something like this, but seems usefull to enforce state of trust from documentation.. If deviation is detected, it have to be fixed right away.. And is even easy to blame who made deviation. You can use 'svn blame' from docs and access log from devices.
In my small team (5 ppl) it was solved by saying: docs is the only source of trust, if you find deviation, docs telling the true. In case of complains, 'svn blame' + logs to the rescue.
---------- Original message ----------
From: Mns Nilsson via NANOG <nanog@lists.nanog.org> To: North American Network Operators Group <nanog@lists.nanog.org> Cc: Josh Reynolds <joshr@spitwspots.com>, Mns Nilsson <mansaxel@besserwisser.org> Subject: [NANOG] Re: The Network CLI -- Love it ? Hate it? Needed? Date: Wed, 19 Mar 2025 13:37:30 +0100
A *proposed* state or maybe even a snapshot of a particular time is more likely.
Documentation that deviates from reality will get ignored, forgotten and rejected. Treating it as plans and intents will work much better. We probably do that without reflecting over it already. Officially acknowledging it will only improve the process.
-- M˙˙ns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE SA0XLR +46 705 989668 Xerox your lunch and file it under "sex offenders"! _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/4UUWI6QO...