2 Comments

I am a bit late to the party, but reading this now, it would be interesting to know, how you think about tools like https://www.stardustsystems.net/suzieq/ . I am still "a novice" in the networking field, but suzieq seems to me a lot like what i want today. Hopping from Switch to switch, looking up local routing tables on routers, checking firewall rules on a pack of firewalls, where traffic is wandering through, seems sometimes utterly wrong, when i just want to know, is everything up, working as it should be. After "simple" changes, or if there is a problem and one has to figure out where it comes from.

I would really like to know a perspective, how one would integrate/implement verification in enterprise networks, where to start etc. And how one would not only validate that everything is working as expected, but also get the insights out of that to evaluate if the network design/architecture makes sense in the context of what i try to validate. Cause there is now real tooling to evaluate network architecture, everything is still mostly up to the engineering folks, and more than less, many engineers have to live with what someone before them, thought was great idea.

Expand full comment

I know only a bit about Suzieq, but what I have heard is positive. A useful comparison to Batfish (which is the tool I know more about) is here: https://juliopdx.com/2021/11/12/building-a-network-ci/cd-pipeline-part-6/. I'd also suggest taking a look at Batfish as a place to get started. Both tools come from people with real network experience, recognizing there is rarely a greenfield in networking.

Expand full comment