To Automate or Not to Automate: On the Complexity of Network Configuration

Configuring a network is a low-level, device-specific task. Many have compared it to writing a distributed program in assembly language, reserved only for highly experienced network operators. Automation has been proposed by researchers and industry as the solution to problems in network configuration. However, there is a certain amount of resistance from the operator community against automation. On the one hand, operators do desire a way for network-wide configuration. On the other hand, they still like to have access and control to details, to ensure flexibility and for debugging. In this paper, we attempt to answer the question "How should we automate network configuration" by studying where the complexity lies in network configuration. With an operational perspective, using data from three different types of production networks, we analyze the configuration files from these networks over the span of up to two years. Our analysis shows that the majority of changes to these files are a few lines each and made frequently. We found that routing, especially its policies, constitute a significant portion of the configuration files, as well as modifications to them. We then present complexity models to measure network-wide risk, impact and duplication of routing policies in network configuration. We show that risk and impact tend to grow over time, and the duplication factor is high. Based on the results of our analysis, we propose ways to automate the complex parts of network configuration.