Network verification is starting to have its moment, so I find myself looking back at how important formal models, languages, and verification were in computer science 35 years ago. Can the lessons from other fields be applied to networking? This post is on why I think verification is an essential and feasible next step for networking.
I am a bit late to the party, but reading this now, it would be interesting to know, how you think about tools like https://www.stardustsystems.net/suzieq/ . I am still "a novice" in the networking field, but suzieq seems to me a lot like what i want today. Hopping from Switch to switch, looking up local routing tables on routers, checking firewall rules on a pack of firewalls, where traffic is wandering through, seems sometimes utterly wrong, when i just want to know, is everything up, working as it should be. After "simple" changes, or if there is a problem and one has to figure out where it comes from.
I would really like to know a perspective, how one would integrate/implement verification in enterprise networks, where to start etc. And how one would not only validate that everything is working as expected, but also get the insights out of that to evaluate if the network design/architecture makes sense in the context of what i try to validate. Cause there is now real tooling to evaluate network architecture, everything is still mostly up to the engineering folks, and more than less, many engineers have to live with what someone before them, thought was great idea.
I am a bit late to the party, but reading this now, it would be interesting to know, how you think about tools like https://www.stardustsystems.net/suzieq/ . I am still "a novice" in the networking field, but suzieq seems to me a lot like what i want today. Hopping from Switch to switch, looking up local routing tables on routers, checking firewall rules on a pack of firewalls, where traffic is wandering through, seems sometimes utterly wrong, when i just want to know, is everything up, working as it should be. After "simple" changes, or if there is a problem and one has to figure out where it comes from.
I would really like to know a perspective, how one would integrate/implement verification in enterprise networks, where to start etc. And how one would not only validate that everything is working as expected, but also get the insights out of that to evaluate if the network design/architecture makes sense in the context of what i try to validate. Cause there is now real tooling to evaluate network architecture, everything is still mostly up to the engineering folks, and more than less, many engineers have to live with what someone before them, thought was great idea.