![Page 1: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/1.jpg)
Network Configuration Analysis
Hyojoon Kim and Nick Feamster
School of Computer Science
Georgia Tech
![Page 2: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/2.jpg)
Individual devices configured with low-level CLI
commands
Proprietary tools for devices from the same vendor
Each vendor has different syntax
How is the network configured?
![Page 3: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/3.jpg)
Network Configuration is Hard!
Complex
Fragile & error-prone
Then again, availability of the network is critical
Current solutions are insufficient
RANCID
NCCM (Network Changes & Configuration
Management)
![Page 4: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/4.jpg)
Configuration Statistics can Help…
Inform the operator about the status of their network
Provide better understanding of network configuration
Identify the problem area for possible improvements
![Page 5: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/5.jpg)
Network configuration files at Georgia Tech
1,722 network devices (including virtual instances)
Collected daily (using RANCID)
Data set
Implementation
Analysis tool
Analysis package
Shell script extracts a set of configuration files
C program analyzes each configuration file
![Page 6: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/6.jpg)
Preliminary Results
How many vendors and how many devices from each vendor?
How many devices of each type (e.g., switch, router, firewall)?
How many total lines of configuration?
How are the lines of configuration distributed across various tasks?
Routers
Firewalls
Switches
![Page 7: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/7.jpg)
How Many Vendors?
![Page 8: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/8.jpg)
How Many Devices of Each Type?
![Page 9: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/9.jpg)
How Many Lines of Configuration?
![Page 10: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/10.jpg)
How Much Config for Each Task?
![Page 11: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/11.jpg)
Operational Tasks for Routers
![Page 12: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/12.jpg)
Operational Tasks for Firewalls
![Page 13: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/13.jpg)
Operational Tasks for Switches
![Page 14: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/14.jpg)
The Problem Area
![Page 15: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/15.jpg)
Questions in Ongoing Study
Which tasks are common?
What types of errors are most common?
How many devices are affected for specific tasks?
Is there a correlation between complexity & configuration?
Does configuration become more or less complex
over time?
What is the best way to reduce complexity?
![Page 16: Network Configuration Analysis - Internet2 Configuration Analysis Hyojoon Kim and Nick Feamster School of Computer Science Georgia Tech](https://reader031.vdocument.in/reader031/viewer/2022022506/5abef7417f8b9a7e418d93b9/html5/thumbnails/16.jpg)
We need your help!
Future Work
Need more configuration data to run & test our analysis tool
Our tool
A simple script running over configuration snapshots
Analyzes the configuration files, and derives statistics
Does not collected any sensitive data
Contact:
Hyojoon (Joon) Kim ( [email protected] )
Nick Feamster ( [email protected] )