We’ve all spent time troubleshooting issues intent on fixing whatever is wrong. But often in these cases the fault isn’t what we’re really after. Instead, we’re in “triage mode”, which means stop the bad thing and restore service. Many times that means fixing the fault, but just as often it means installing a quick fix and getting everything back online.
One of the biggest troubleshooting lies we tell ourselves is, “I’ll look for the root cause later. Just let me get this back online.” Anyone that’s ever found themselves buried in work and searching for a time to dig into a problem will recognize the struggle of trying to schedule the opportunity for a deep dive into something that is a past issue.
Snapshot Success
One of the new tools that is encouraging to see with regard to this issue is IP Fabric. Styled as a network assurance solution, IP Fabric is doing some very interesting things to make sure the network is configured correctly. IP Fabric doesn’t work in real-time. Instead, you configure the system to take a snapshot of the network either on-demand or on regular intervals. You can trigger a snapshot at midnight every night or you can take one right before you apply changes in a window.
What does this snapshot technology really mean? Well, for one thing it’s really fast at modeling the network. Rather than having to put massive amounts of CPU horsepower behind running all these analytics and information gathering tools while trying to stay current with network state, IP Fabric instead chooses to let you analyze network state at a specific time. The entire network is captured and made available to investigate.
That doesn’t mean that you’re missing anything though. In my discussions with Pavel Bykov, he mentioned that IP Fabric is capable of capturing and configuration you can think of in the network. Even things that wouldn’t normally be available to certain tools, such as configuration register state or interface input errors. If it’s available to find on the system, IP Fabric can find it.
Testing Your Better Model
Okay, so you have all the info from the network. What are you going to do with it? Well, the power of the IP Fabric platform means that you can now take the model built by the system and start really digging in. You can analyze anything you can find on a regular network. You can look into routing protocol neighbor adjacencies. You can look at interface packet drops. You can see what effect a change could have on the network if you make it. You can start with a known-good snapshot of the network and make sure that your upcoming administrative distance changes aren’t going to generate support calls.
And, going back to the discussion from above, you can also spend the time you want to spend investigating issues after the fact. No more worrying that the network state isn’t going to match what you saw when the issue happened. No more hoping to catch an issue at a certain time of day, such as after everyone has gone home. No more hoping you can sneak in some research during the next maintenance window when everyone else is focused on upgrading devices on the other side of the network. Now, all of the info you need lives in an IP Fabric model that you can investigate until you’re satisfied you’ve found your answers.
The sky is the limit for this kind of technology. Obviously, being able to get to the bottom of a particular issue is a huge boon for postmortems or for failure resolution. IP Fabric could also help you determine how someone might be able to get into the network from a security perspective by exposing bad configurations and allowing you to simulate something like lateral movement in a model. IP Fabric can also prevent these kinds of issue from cropping up in the first place by giving you a model to test on that replicates your real network and doesn’t force you to experiment in production.
Bringing It All Together
The idea that a network can be simulated and explored like a snapshot from a storage array is one of the great side effects of the rise of software defined networking. Because so much of what we do today isn’t dependent on custom hardware gives us much more power to treat things like a software construct with the ability to test and re-test until we’re happy with the results. And should we run into a situation that requires us to do a little detective work, IP Fabric will help us get the resolution we need but rarely have the time to find.
For more information about IP Fabric and their network assurance solution, make sure you check out https://ipfabric.io
