TL;DR; Some organizations have full copy/versions of their stack in offline mode for testing. e.g. https://docs.gns3.com/docs/ There are many slices of the pie.....mmmm pie.... * Known good systems/devices * Known legacy systems/devices * Unknown systems/devices * 3rdparty systems/devices * (other slices here) 1. To automate the automation of your systems you need to understand that some systems from all slices will have a no-change verbal rule set based on an existing long term ticket with no resolution. 2. MOP/SOP/Playbooks should list the systems/devices that CAN be operated on. 3. A breakglass user or access method MUST exist. Some/many styems/devices/teams DO NOT support breakglass. 4. (insert other deep thoughts) On Tue, Apr 14, 2026 at 1:36 PM Jon Lewis via NANOG <nanog@lists.nanog.org> wrote:
I've been told that at [some of] the largest networks, network engineers "never directly log into network devices". This implies that all configuration changes made to and insights gleaned from the network gear are done via some form of automation.
I assume it's commonplace to have/use Unix CLI tools for executing configuration changes. I've written such things for the past couple of places I've worked so that we can literally copy&paste from a MOP to a shell session and have a change implemented. Such tools become extremely handy when you want to make the same change on a few or a few hundred devices.
What I'm wondering is, how common is it to take the next logical step and if you have a planned maintenance window to implement some simple change, do you have an engineer manually make that change, manually execute a script that implements the change, or use old-school automation (at) to schedule a date & time at which the script that implements the change will be run, and optionally have an engineer monitor that the change happened and had the intended results?
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Blue Stream Fiber, Sr. Neteng | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/WKX5XT2L...
-- - Andrew "lathama" Latham -