Transforming R&E Networks Through Automation: Q&A with Network to Code and Internet2

1. Network to Code recently joined the Internet2 community as an industry member,  but your team’s roots within the R&E space run deep. Could you share some quick insights into Network to Code’s background within R&E?

Jeff Bradbury: As an organization deeply rooted in the values of education and training, Network to Code has always prioritized working closely with the communities we support and sharing our knowledge and experiences. In fact, Network to Code started as a network automation training company. 

While our primary focus has been on network automation and the open-source community, our journey in the R&E sector began with several higher education clients facing complex network challenges. Through these engagements, we recognized the significant impact our solutions could have in this space. 

We also found a kindred spirit in Internet2 and an appreciation of its pivotal role in advanced networking.

We understand that campuses and research centers are highly dynamic environments, demanding flexible and robust technical solutions. Our mission is to alleviate the technological barriers and burdens. We want to empower students, faculty, and researchers to focus on their work while automation handles the complexities of the underlying technology.

Shannon Byrnes: I’ll add that many of us within R&E succumb to the idea that our networking is “special” — while stating “snowflakes don’t exist.” However, there really are differences among our needs, focuses, and resulting implementation patterns as R&E network operators. These set us apart from each other and commercial networks. How many networks have to cater to and secure network-connected microscopes that only operate with Microsoft Windows NT, with unsettling frequency? (Any frequency greater than zero is unsettling, but my point still stands.)

From my perspective as someone who willingly and enthusiastically falls for the “we’re a snowflake” trap, Network to Code’s experience working with R&E institutions provides a lot of value. They are attuned to uncovering unique challenges and collaborating on solutions to meet unique needs.

2. Among Network to Code’s network automation solutions is the open-source platform, Nautobot^®. What sets it apart from other network automation platforms and sources of truth?

Jeff Bradbury: Nautobot^® fills a crucial gap in the market, providing a combined network source of truth (NSoT) and automation platform. To this day, Nautobot remains the only platform that seamlessly integrates both functions. 

Our commitment to a data-driven approach to automation, centered around an intended-state model, sets Nautobot apart from other platforms that rely on rules-based methodologies. This unique approach has earned us recognition from Gartner as one of only two NSoT tools in the market, and Nautobot stands alone as the only network automation platform utilizing an intended-state model.

3. What are some example use cases for Nautobot^® that would resonate within R&E?

Jeff Bradbury: As Shannon added, the dynamic nature of R&E environments presents unique challenges. Whether it’s the periodic refresh and buildout of university buildings or the constant reallocation of resources within research institutions, the physical and logical layout of these infrastructures is highly fluid. 

An automation platform like Nautobot, which can facilitate efficient and accurate deployment and configuration of devices, is a significant advantage. For instance, at Princeton University, we successfully reduced the network engineering workload from almost 1,100 hours to less than 55 hours in planning and configuring changes as part of a 26-building refresh project. The automation started with a self-service form identifying basic info like device type and location, which initiated a series of workflows that led to zero-touch provisioning (ZTP) of all the equipment. The automation culminated with post-validation checks and configuration management database updates, assuring both network stability and optimal future performance.

Modern networks are often supported by established tools and sources of record (SoRs). Nautobot excels at creating a single source of truth while allowing existing SoRs to retain their authoritative status. This capability allows Nautobot to seamlessly integrate within an existing architecture and tool stack, creating a practical and comprehensive NSoT and making it easier for organizations to manage and automate their networks effectively.

4. Nautobot^® plays a crucial role in the Internet2 Insight Console, having been part of the console’s ecosystem from the start. Can you elaborate on how Nautobot^® factors into the automation and orchestration flow, starting with an intended change a community member makes within the console to the actual change implemented on Internet2 network devices?

Shannon Byrnes: For those unfamiliar with the Internet2 Insight Console, it is our API-first web interface that serves as the community’s door to visualize and manage Internet2 network services. This includes creating and modifying Layer 2 and Layer 3 connections across the Internet2 fabric (i.e., Virtual Networks), connecting R&E institutions with their peers and the cloud. I’m already in the weeds a bit and will only get weedier, but I’ll try to keep my imaginary weed-whacker close.

For example, adjacent to the out-of-the-box technical concepts we use like Devices and Interfaces, we rely heavily on the business logic of Nautobot’s Tenants. Our members, their relationships, and any new organizations members create inside the Insight Console find their home in our Nautobot environment as Tenants.

To further flesh out what happens on the technical side, details come from multiple sources: Cisco Network Services Orchestrator (NSO), cloud providers, and — most importantly — our members via the changes they make within the Insight Console. We bring the network implementation details into a Nautobot App our team built for the Insight Console. Insight Console’s Virtual Spaces and Delegations are also among the objects used in Nautobot that our custom app provides. 

When one of our members wants to create a direct, logical connection from their platform port to another member or a cloud provider, they are indirectly creating objects in Nautobot that all relate together to form their new service. Nautobot knows that “University A” connects through the “Regional Network B” Tenant to reach “Cloud Provider C” in Chicago. It stores all the member-provided details, such as IP addresses and peering configuration, that the Insight Console backend needs to make that connectivity happen on demand. 

From a bird’s eye view, you can think of the Insight Console stack this way: The Insight Console website connects with our API, and our API connects with Nautobot (and Grouper, but that’s a whole other story about identity and access management!). On the other side of Nautobot, our network infrastructure is connected through Cisco NSO, which is connected through something we call the Reconciler, which then connects with Nautobot and cloud providers. So Nautobot really is at the center of it all.

5. Can you share more about the Reconciler and its role in Internet2’s automation and orchestration flow?

James Harr: Behind the scenes, the Reconciler’s job is to work with whatever backend services it needs to realize the intent it sees in Nautobot. This means working with anything from our backend network orchestration systems to cloud APIs (i.e., AWS, Azure, GCP, Oracle Cloud) to get that Virtual Network up and running.

Over time, the Reconciler will keep an eye on all these bits and pieces to ensure the Virtual Networks operate as intended and to restore a connection to its intended state if needed. If a backend system is unreachable due to ongoing maintenance or another reason, the Reconciler will try again later.

All the components — from Cisco NSO to the cloud providers — might have different ideas about how to provision a new Virtual Network. Keeping the locus of information in Nautobot makes it possible to establish connectivity, keep information in sync, and retry when there’s a failure. It also gives Internet2 staff visibility and access to update information as needed and generate reports to better understand how the community uses these network services and how we can better serve them.

6. The Internet2 community’s Network Automation Special Interest Group, now in its second year, recently welcomed Network to Code to join their Slack discussions and monthly virtual meetups. Working with that group, how is Network to Code contributing to the community culture and skills needed for automation adoption across R&E?

Dwight Mohry: We take our role in the Network Automation Special Interest Group (SIG) very seriously, understanding that our primary function is to be a resource for SIG members on all matters related to network automation. With more network automation projects under our belt than any other company globally, we bring a wealth of experience and insights into almost every conceivable automation effort and toolset.

Our contribution involves guiding SIG members toward the available tools, technologies, and approaches that can address their specific challenges. Many inquiries we receive focus on integrations or ways to achieve certain workflows or automation tasks. Often, solutions to these questions already exist within various code repositories, open-source communities, or our Network to Code libraries. Since much of this is based on open-source tools, we can easily direct members to the solutions they need. 

Additionally, we share examples and use cases from our extensive experience, highlighting particularly successful approaches and cautioning against less effective ones.

At Network to Code, we are automation experts first and foremost. The goals of the SIG and our organization are closely aligned to help the R&E community leverage both open-source and commercial tools available in the industry. 

We are also excited to help grow the SIG alongside Internet2. In fact, several of our current customers have recently joined and look forward to supporting this community in their automation ventures.

7. What are some of the conversations taking place in the Network Automation SIG that are most exciting from your perspective?

Shannon Byrnes: SIG members both share and benefit from the knowledge and experience gained through automation efforts within the context of R&E.

As Dwight mentioned, the Network to Code team are automation experts first and foremost. I am so excited to have them on board, adding value to community conversations. They were born from the open-source community, prioritize open-source and open-sourcing their projects, and eagerly help all who come to their Slack and Github resources — with no strings attached.

If you’d like to see Network to Code in action, they will be hosting a workshop on “The Fundamentals of Setting up and Populating a Network Source of Truth” at the 2024 Internet2 Technology Exchange. Join us to learn and get hands-on experience with this foundational piece of network automation. (In full disclosure, it’s one of my favorite topics!)