There is a huge emphasis in the networking community around automation and validation. Network automation builds on the work done for server automation. The solutions are more mature and and the terminology describing the solutions and tasks are well defined. Terms like “idempotent,” “task-based,” “state-based,” “agentless,” etc. are well understood.

Network validation, however, does not have a nuanced vocabulary. The general term “network validation” gets used to refer to a number of disparate activities, and specific terms get used by different engineers to mean different things. This lack of nuance hinders the communication and collaboration required to advance network validation technology. That, in turn, harms the adoption of network automation. It is too risky to use automation without effective validation; a single typo can bring down the entire network within seconds.

In this post, we outline different dimensions of network validation and hope to start a conversation about developing a precise vocabulary. We will discuss the what, when and how of network validation.

We are excited to announce the release of pybatfish, an open-source Python SDK for Batfish. Batfish is an open-source, multi-vendor network validation framework that enables network engineers, architects and operators to proactively test and validate network design and configuration. It is being used in some of the world’s largest networks to prevent deployment of incorrect configurations that can lead to outages or security breaches.

Batfish simulates the network behavior and builds a model just from device configurations, thus predicting how the network will forward packets and how it will react to failures. This capability of building the model from the just the device configurations enables Batfish to evaluate network changes and guarantee correctness proactively, without requiring configuration changes to be first pushed to the network.

Intentionet © 2019