Technology
Roll-out IPv6 at a touch of a button
Roll-out IPv6 dual stack over 200 sites? Log on and off multiple times on 1'000 Cisco devices, maintain Excel lists, reserve 1'000 address blocks in DDI, create 1'000 configurations, logon again, configure, logoff. Test 200 times.
The first and the second site are certainly interesting. After 10 sites at the latest, you’ll be totally pissed off, after 20 sites you need psychological support and after 50 sites you will apply to Ricola as a candy packer.
neops.io makes your life as a network engineer more worth living again and as a side effect you save a lot of time. Of course, you still tell your partner about your stressful job and the many extra hours, while you are relaxing at the pool every afternoon — or you just do eight IPv6 roll-outs in the time of one, because your partner will eventually find out that you are always just enjoying the pool and then you have to clean, cook, wash, etc. at home (supposing that as a modern individual you are taking care of your appropriate share of homework already, which is around 50% in my case).
And your manager is also more satisfied if you make eight roll-outs in the time of one, and the manager’s manager, and the CEO and the shareholder and of course your customer.
Everybody happy.
But more precisely: how did we proceed to implement an IPv6 roll-out with neops.io over a medium-sized enterprise network with 200 sites?
First of all, you need to know how the network is structured. There are certainly lots of concepts, documentation, drawings, databases, etc. and they are guaranteed to be almost correct, but the only database that reflects the status of your network one hundred percent is the network itself. That’s why neops.io gets its data directly from the network via fact providers. In case of CLI based devices, commands are executed and analyzed via TextFSM, and the facts are stored in the database for further use.
Next, you might need IPv6 addresses. Again a nightmare job, if you have to press 200 times in a GUI to reserve a subnet in the DDI. But fortunately most modern DDI systems have a REST API and neops.io offers the possibility to integrate surrounding systems via own modules. In our case we programmed a module for the integration of Efficient IP including customer specific code to reflect the address concept. Thus, it is possible to reserve addresses in the DDI via the module and store them in neops.io as so-called facts for further use.
And now with all the facts and IPv6 addresses ready, the configurations can be created. neops.io has a Jinja2 Config Engine built in. The collected facts can be used as parameters for creating the configurations.
To make sure that the configurations are not fire-and-forget and you don’t shoot down half of the network devices, neops.io offers a dry-run where you can see the configurations to be applied before they are applied on the network device.
At the end, the roll-out needs to be tested as well. Check providers can also be integrated into neops.io, which execute commands and check the output to make sure it meets your expectations.
In the above example, thanks to consistent network automation, we have managed to reduce the time for the roll-out of a site from an estimated two days per site to two hours. 🚀
Finally, a few lessons learned
- In order to automate a complex task such as a network-wide IPv6 roll-out, the existing network must have a high degree of standardization. Otherwise it is impossible to create generic templates
- Network Automation, like any automation, requires a structured approach. The concepts and templates must be watertight before a mass roll-out can be started.
- The job of the network engineer is becoming more demanding, but also more interesting. On the one hand the engineer can concentrate on conceptual work, on the other hand automation also requires basic knowledge in programming. The Network Engineer develops into NetDev.
So, as a conclusion: I wasted enough of the time saved for blogging. It’s time to go for a swim now.