What is your Intent with the Network?

What Is Intent Based Infrastructure?

Buzzwords crowd our every conversation, Agile, Intent, Infrastructure as Code, Hybrid-Cloud, and so many more. So often when we hear these 'marketecture' (architecture + marketing) we just tune out. So, this week I want to help explain what I take Intent based infrastructure to mean and how we are solving for it in Network Architecture.?

Read on to learn?about my Intentions for your network?

--Michael

?

What Does Intent Mean?

My favorite definition comes from a?Juniper web page - 'What Is Intent Based Networking'?which speaks to their solutions and capabilities -

Intent-based networking is a software-enabled automation process that uses high levels of intelligence, analytics, and orchestration to improve network operations and uptime.

?Let's break that down into a few key terms -?

• Software Enabled Automation - using automation to insure consistency in configuration across devices through ruthless adherence to standards
• High Levels of Intelligence - the ability to analyze in real time proactively the impact of proposed changes to the infrastructure
• Analytics - the ability to understand the health of the infrastructure before it becomes a red alert condition so that we can more proactively maintain the infrastructure through automation
• Orchestration - binging all the pieces above together in one platform that enables engineers to describe their 'intent' and validate the infrastructure if following the intent?

The outcome promised by Intent based network is - Improve Network Operations and Uptime. If you look at the components to Intent Based Infrastructure, then we should be able to see how those components can deliver on the promise of improved uptime and operations.?

How Can We Achieve Intent Based Infrastructure??

First let me start with there is no 'magic pill' or single platform that will enable Intent Based Networking for the entire landscape of your infrastructure. No matter what the salesperson says there is no one piece that can achieve it all.?

Automated Intent

So, what can you do? You might already be doing it. You just haven't labeled it as such. Start with your Automation efforts. Every time you build something with automation from a template which becomes your standard, you are using the template to describe the 'intent'. Whether that 'intent' is configuring a VLAN,?a VRF (Virtual Routing Function)?in MPLS, or a VPN in SD-WAN, using automation is one step to building a consistent intent.???

Using Automation to build infrastructure becomes the piece we can call Infrastructure as Code. We no longer depend on full configuration files to describe a devices intent. Through Ansible and Python we use a 'modeling' languages to create templates in YAML?(Yet Another Modeling Language). These models describe out intent. Delivery through Ansible Playbooks are the mechanism we use to push our Intent into the infrastructure.??

A High Level of Intelligence?

Another Key component in Intent Based Networking is building a store of existing intent. This store of our Intent becomes the reservoir of 'Intelligence' we can draw from. We also call this a Source of Truth. A Platform Automation team busily building Nautobot as a SoT (Source of Truth) while the Network Engineering teams should be actively loading data into the SoT so that we can have a baseline of Intent.?

Intelligence is also present in your other systems of record in IPAM, CMDB, Monitoring Tools and even your spreadsheets. Each one of those components describes some piece of the 'Intent' of some component of the infrastructure.?

We need more consistency in our sources of intelligence about infrastructure. The most common questions are the ones we are challenged to answer (challenge means it takes work to achieve). This means we have a lack of understanding of our own infrastructure which makes applying our intent difficult in a good part of our landscape. The reasons for this lack of understanding are from a history of exceptions, complexity, lack of documentation, tribal knowledge, and conducting our practice of engineering in conditions that make keeping our intelligence relevant something that falls by the wayside.?

Analytics Are Overwhelming

The other key component to Intent Based Networking is Analytics. Analytics is a key component because without it there is no way to validate the other components of the system are actually in a state as described by the intent. The intended state is not only the configuration but actual state. The key difference is while routing might be properly configured no routes are being exchanged. Is that the intended state of the peering relationship? The goal of Analytics in Intent Based Networking is to insure the current state of the infrastructure matches the intent. Using a combination of telemetry data coupled with the configuration combined with previous state of the devices is used to determine if the current state is valid.?

Another example is a critical host B must always be reachable from Point 1 in the infrastructure. That would be the intent of the device configurations. An engineer makes a change to a device in the path but not on Point 1 or on the end system/ The change makes host b unreachable from Point 1. The platform uses analytics to compare current state with new state to notify the engineer that the change will deviate from the intended state.?

If you want further examples of intent and path read this article 'Taking Advantage of Intent Based Networking Automation' by David Erickson CEO of Forward Networks.

As our infrastructure grows more complex with more overlays, security controls, infrastructure constructs like Public Cloud, Containers, Private Cloud, Edge Networking that ability to track intended state becomes ever more critical.?

Without real time analytics checking for intent every change no matter how seemingly insignificant will grow more complex and higher risk.?

An example is how Forward Networks tracks state for Spanning-Tree Root. That is not a configured item but a calculated state. If the current state is not the intended state an analytics alarm can be used to check for deviation from state.??

Our?Intent?is to build infrastructure through automation, with a SoT, Intelligence and Analytics so that we can deliver transformative networking without increasing risk that is commonly associated with the type of transformation that our clients and business partners need.