Kentik - Network Observability
More episodes
Network AF  |  Season 1 - Episode 20  |  July 19, 2022

Phil Gervasi on Network Observability and Cisco Live

Play now


Phil Gervasi, Kentik's Head of Technical Evangelism stops by Network AF today to speak with host Avi Freedman about all things network observability and to recap their experiences at Cisco Live. Phil was a network engineer for 15 years prior to switching to marketing and finding his way into technical evangelism. In this conversation the two focus on building a foundation for data mining and collecting information that could better inform network intelligence and insights from observability platforms like Kentik.

Highlights of today's conversation include:

  • [01:23] Avi and Phil discuss highlights from Cisco Live
  • [03:35] Everybody is doing observability
  • [04:57] Actionable insights
  • [06:00] Bridging the gap with education and interest in networking
  • [08:18] Network operations-focused innovation
  • [10:45] How the industry is assisting engineer operations and architecture
  • [12:48] Correlation and machine learning
  • [16:19] Telemetry, ML, AI, and marketing fluff
  • [22:23] Collecting telemetry and solving difficult problems with automation in a multi-vendor environment
  • [26:29] Life Cycle Automation
  • [28:53] Building a foundation for intelligence and observability
  • [33:03] What Phil is looking forward to next year at Cisco Live


Hi, and welcome to network Today, I have my friend, Phil Gervasi with me. And, Phil, could you, give us all a little, brief intro?

Hey, Avi. It's good to see you again. So I've been a, let's see. I've been a network engineer. I guess you could say a traditional network engineer for maybe team ish years, just working in the trenches, configuring routers and switches and wireless and data centers, that kind of thing. Cut overs at two AM. That was my life for a long time.

And I got into, I guess, what you could call technical marketing, in the past few years, which I thoroughly enjoy. So that's what brings me here today.

But, yeah, my heart is still with the nerds, with the engineering teams for sure. So, I kinda have a foot in both worlds right now. Well, thank you for joining us at Kentech, and thank you for being on the podcast.

I have to say when we first met I think was, when you were delegate at, networking field day. And I enjoyed, the, the operational clue that you and the other delegates and also the, lack of respect for authority and over marketing, which Yeah. Sometimes, you know, I have as well, as we try to, as we try to cut through things. So, main topic we thought might be interesting was a few weeks ago, it was Cisco Live.

Cisco Live has always been an interesting venue for me, I come a little bit more from the Nana login interconnection, crowd I've seen Sysco live before devnet really got going. But I guess decades ago, it was more interop, you know, was the was the sort of the older school, more enterprise stuff that I got into. So it's been interesting to see.

And, you know, but I it was back, you know, I would say roaring ish, maybe not quite as much as it was a few years ago, but a lot of interesting stuff going on. And, you know, our booth was, in the middle of a bunch of other, you know, a sea of other folks. And I guess any interesting themes that you saw wandering around talking to people, you know, what were any interesting highlights for you from this as well. Yeah.

For sure. Yeah. And I definitely did some wandering around and talking to people. That was and I have to say it was it was cool to be back in a live event, you know, in person.

I know that the the attendance was a lot lower than than than in years past. Something like half I'm not sure. The vendors are probably two thirds plus, you know, back. You know, there was a there was certainly good good vendor entity.

Yeah. Yeah. So it but, you know, it it was still great to see literally dozens or maybe a hundred people that I I chat with online that I've met in person in years past and get to them again, shake hands, talk about packets and things like that. So I I did appreciate that very much. And I did a lot of walking around and wandering and looking at at various booths and chatting with folks you know, both friends and just, you know, other other vendor booths, things like that. I gotta say I I really felt like there was this overarching theme of getting more information out of the network, mining information, network information, application information, whatever, at various angles that vendors were taking for sure.

But that seemed to be an overarching focus for me. I saw the word observability on almost every single booth, I was gonna ask you about that, you know, because we're in the center of observability, bro. I think we were the first to use it, but, the packet brokers have been saying, well, first, they said you know, analytics before they're because they enabled analytics. And then observability, everyone's doing observability. Yeah.

Yeah. Absolutely. And I I know from talking to some kind of those quote unquote independent engineers, you know, like the tech field day crowd. That there is there's not an animosity, but kind of a a slight eye roll, you know, when you hear the word observability sometimes.

It's like, okay. It's just another marketing term, and think you and I are in the same boat where we like to cut through the marketing and get to what what problem are we solu solving here? What's the what's this technical solution really all about. What's this, you know, what do what do you actually do for me?

And so, you know, it was neat to see everybody's kinda take on it because I really feel like the industry as a whole, we're deriving the definition of observability, basically, from whatever vendors diff very vendors say, you know, there's no real cohesive definition. So I really like talking to folks here and how they define it. They're doing it. Yeah.

Yeah. Yeah. Yeah. And then And then, and then seeing, you know, you know, how what what what is the common thread among all those things?

Cause they're they're in lies, the definition. They're in lies, what observe ability is all about. We exactly. That's exactly what we do is, you know, finding meaning in the data.

That's the the the topic of the the presentation that I gave at Cisco Live was really digging into the visibility as the foundation of of observability, but then going to the next step and saying, alright, now that we can see all these pretty graphs in charts and all this information. That's great. I can see what's going on. But what do you do?

Yes. What do I do now? Right. That's the whole idea of the insights and the actionable insights right?

That's the idea of saying, okay. Now that, you know, I see that there's a, you know, an interface that's hosed over here and memory utilization on router over here is very high, and I have suboptimal. Okay. So what?

What does that really mean? I I see all these things. And so, you know, I bet I bet that if we had like a team of data scientists in every company, even like a fifty person law firm had a team of data scientists looking all this data, they could they could do this, but that's where observability comes in. It then takes all that and starts to correlate.

It starts to normalize data, standardized data, which is really interesting. I I mean, I'll tell you, Avia, if I could do it over again in my career, I would go into data science because it's so interesting. You know, how do we take, you know, an interface that's in packets per second we look at flow data that's like seventy two percent of your network is HTTPS. Those are completely different scales. You know, how do we get them on the same scale?

A really interesting topic. And I need to preface this. You know, this is not a marketing podcast because I'm about to say. Yeah.

I'll preface this by saying we're a big supporter of of data science groups. We're a big supporter of, of customers, you know, especially bringing in data that, you know, we don't wanna be SAP. You know, there's back end data. There's all sorts of business intelligence and things that that network data is really useful for, even to populate Salesforce or to correlate with other things, or to look at churn risk and things like that.

But if you don't inject context in data science, if you don't I'm not saying you have to start and take network people, but you have to have at least an architect or ideally the practitioners start to understand the context because it can be really tricky, sort of exactly what you just said, like, is the ask the the data looks like the shape of what you thought you were asking, but did you ask the right question? You know, is the metric? Is it packets per second or bits per second or what quantiles and percentiles and things like that? Are you using? And so I think that's a real gap that I'd love to I think we as a networkers, you know, haven't made it easy to learn those ins and outs for people just studying the data, and that's an issue. But I've seen that when we were at Akamai trying to get, you know, data science approach with the statistics, we'll just call heistix. Yeah.

You know, and it can take us as we hire and train people. And so this is something that, you know, I wish there was a better answer for, and I think comes back to, shining light on the network, you know, for people in a world where people often think it's just APIs and magic, you know, the people that need to run it do need to look, you know, and they're not gonna look at the data by hand. So you know, these are these are things that I keep thinking about, you know, how do we do better education? And then how do we bridge that gap with data science, both math in the networking world?

Which already is trying to figure out intent and automation and cloud and all that stuff and then the reverse. So I don't know if you have any tips and tricks, but I think bridging those worlds is almost as important as operations and security or network and application bridging. Yeah. Tips and tricks on how we can solve all the networking problems.

That's a that's a good one. I wish I had that answer. That would be pretty awesome. Okay.

I would be patanantic pat pataninite. You know what I mean? I'll be Oh, you'd be starting a competitor. Okay.

Got Yeah. Yeah. So, I mean, but but walking around, the floor, though, the world of solutions, though, it it was It was, you know, you know, one particular vendor looking at how we gather this data, another one gathering this data, and then, what can you do with that data? You know, I didn't I didn't see anybody talking about a brand new routing protocol that they invented, which, you know, would be kinda cool and interesting, shake up the industry a little bit, but I it it really wasn't that kind of innovation It would seem to be a network operations focused innovation, whether that's in, you know, large scale enterprise or service provider realm, or, you know, those e commerce businesses that serve folks out on the internet on some website, you know, all all all different contexts But that's what it seemed, like augmenting a network engineer trying to figure out real problems.

So, you know, I have this I have this, slow website. Right?

What what's causing that? Well, I have this, you know, memory realization thing happening over here in my branch off you know, halfway across the world. Does that have to do with anything? I don't know.

What about this, you know, this suboptimal path in EMEA? Does that have to, you know, we we we don't know how these things correlate? You know, I kinda think about like the whole butterfly effect. Right?

You have this one wire that you wiggle all the way across the world over here, and all of a sudden it slows down your DNS lookup times, you know, over here, And now your website is slow. How do you piece that together?

You know, just sitting there, you know, you got a p one. It's two in the morning. You know, all the leadership of your organizations on your back calling you, your phone is buzzing. How how do you figure out that out quickly? So I really felt like a lot of that was all geared around network operations and making, you know, the life of an engineer better by making root cause analysis faster And then, you know, the the ongoing stuff, like, you know, monitoring the network at both a meta level, right, and and kind of a granular level to do your your baselining or trend analysis, which is kind of I prefer that, perspective.

And and then which leads to all those cool things like capacity and and things like that. But but that's but that's ultimately what I got from it. Everybody seems to be focused on mining more data from the network so we can make network operations better, and we can make the, you know, augment the engineer.

So, you know, and, and that makes a lot of sense because until we start hiring, you know, teams of data at every single organization. It's you you need that assistance. It is scientists who study network semantics, I would say. Okay.

Fair enough. There you go. Thank you. That that that's my grumpy that's my grumpy pitch is looking at the data by itself.

It's easy to find correlations in network data. Is it worth waking someone up, you know, is the hard part I guess let me ask you a question. You know, just just, you know, completely honest and, you know, obviously, context have ended too. But where is the industry on delivering on that promise.

Like, we take all the data and, you know, I know ways in which we make people people's lives easier, but at the same time, you've got vendors talking about closed loop networking and self driving networks and, you know, people thinking that they're behind because, you know, they're actually doing work Yeah. You know, if you had to go from zero to a hundred percent, like, where's the industry fulfilling its marketing claims of of assisting that up that that that engineer operations you know, architecture group. Yeah. Wasn't that the point of, like, SDN twelve years ago?

Right? That you were Well, that was back when there was, like, gonna be a flow controller, one flow controller for internet. And I was like, that's a really bad idea. Yeah.

And I remember seeing those open flow presentations and all that stuff.

But, you know, that's like, you know, in those days, I remember hearing about it and saying, we're gonna be, like, the enterprise, right, where, you know, Jordie Laffordge is just, like, you know, talks to the computer and says, reroute power and and it just happens and everything ultimately, that's not even intent based. Right? Because then the the the enterprise computer should be just doing it on its own. But, in any case, that I I think that there's a difference though between, you know, observability and then the automated remediation, the programmatic remediation that can happen from that. So, you know, we still I think as an industry, We're putting in those configure push configuration overlays programmatically. That's that's happening, but there's still a reluctance among engineers to say, alright. Now that I have this advanced visibility, into observability.

Great. You know, we're correlating. We're doing machine learning, time series modeling, and all all cool. Right.

I still want a big red button that says, I I I as an engineer, press this now to approve a change. Most of our details. Most of our our customers that use, you know, use Kentech to do DDoS mitigation have that big red button. They have they tell me, and then I will push now they then want everything to, you know, to push flows back or to trigger something so that they're not manually CLI ing it, but still, you know, the human wants to be in the loop for a lot of things.

Yeah. Absolutely. It's, and it's kind of a matter of probability. Right? And we we can go back to correlation in the whole machine learning component of what we do at at both can take and and other organizations.

And and you ask the question, where is the industry now. You know, there's still there's still, you know, noticing in in various literature out there. There still seems to be a little bit of a struggle with false positives. As a as an example where folks are, you know, making correlations and the probability of that correlations lower than it should be.

So there's a matter of probability here. So, you know, you know, I wiggle this wire and then this DNS lookup takes a long time and this interface gets hosed because it's suboptimal routing, but how probable is it that it really was caused by this particular wire wiggling? So that that's kinda where the there there's some organizations working on that. How do we decrease positive.

Now I know I know what we've done at Kentech just talking to our own internal, you know, network centric data scientist and how we solve that.

And what specific algorithms we use to do that. But I think that that's still kind of an issue. And that's gonna be a stumbling block to the next level, which is really more advanced correlation. You know, we're we're, you know, and I'm I'm talking about, like, doing, like, regression tests and and clustering and all those classical, machine learning methods to kinda find structure and what's otherwise unstructured data, especially in networking where a lot of it's ephemeral, right, just interface statistics that disappear.

But we wanna know what's going on both right now and then historically.

And and and and then even incorporating, like, what we do at Kentic with active monitoring with synthetics where it's not even end user data. Right? It's not it's not passive. It's active in the sense that we're, like, sending our own traffic out there and then correlating that in there.

You know, that that's that's where we're headed. And, I think every organization's a little bit different in where they are on that on that, on that journey. Right? So ingesting more data.

That's that's one thing. I think there are some folks there. There are some that are focused solely on packets and taking them apart and correlating that. Fine.

I believe that we need a diversity of visibility data. Mhmm. Because they all provide different angles of what's going on, you know.

The things that that you can't dictate to your SDN vendor, you know, what their what their visibility, you know, what what kind of things they're gonna enable or, you know, necessarily cloud vendor or any of that. And by the way, I just wanna say I actually, I need to start saying it more like you do.

I I always enjoy it when people say correlation more as co relation.

Oh, okay. Just to think about it. You say a little closer to co relation, which is actually the way I want to say it, but as a Philadelphia and I speak too fast, it's like correlation, roof water, you know, all that stuff. So I never I never know My my I I I'm originally from Long Island, New York, and I don't have much of a long island accent, but I have a couple words where my my kids make fun of me.

Like, I say, Mary instead of Mary, you know, like, having to marry and things like that. And it's terrible. I don't know. Anyway, But, but ultimately, I think I think, you know, as an industry, though, we're heading in that direction because we have the compute resources now.

We have the you know, just the resources at, you know, X86 and routers and things and and switches, we have the ability to to to get the information, whatever it happens to be, whether it is, you know, more traditional visibility information like flow data, SNMP, streaming telemetry, screen scraping, whatever we do, whatever information, all of it. I love it all, packets, whatever.

But ingesting all of that gives us the various angles of And as you said, normalizing it and making sense of it, you know, because different people have different metrics. Yeah. That's what's necessary. I I would give the industry fifteen to twenty percent.

And I don't know if we'll get to a hundred percent in the majority of the forage, you know, or you know, hello computer to encourage them, you know, type stuff. Yeah. But, you know, tomorrow, but I think it's a journey, But, you know, the approach that I I like is to surface with stronger insight, stronger focus on you know, eliminating false positives because, again, a lot of the audience wants to be woke, you know, wants to be woken up only about the right things, Yeah. But also use that data to help automate the things that do happen all the time.

And you said capacity planning or auditing bills or things like that And if you can build towards both directions, the goal ultimately is to be able to let people be more architects and less operations which ultimately is gonna be necessary is as all this as all this goes. But it is frustrating for me, you know, sometimes at trade shows because, you know, you hear the, you know, you hear the, the promise and you know that it's it's far from the reality.

So we talked about observability, getting data out of the network diagram. That's what people wanted to talk about. You know, it was a great hook to say, you know, what do you do with telemetry? What are you missing in your telemetry? What do you wish the network could tell you about what's going on, you know, in the middle of the night. But, any other, you know, Cisco live, any other what's hot, you know, what what you're tired of hearing about, you know, from wandering around and talking to folks?

Well, I it's not that I'm tired of hearing about it, but I enjoy getting a little bit contrarian with folks at Boots when they start talking about ML and AI and things like that. And then I start to just them a little bit, you know, in a in a polite and professional way. Right? Cause I am wearing a kentick t shirt because I wanna make sure, you know, there's a professionalism there.

But just saying, you know, okay. What what do you mean by that? You know, what what algorithms are you using? And what what, what, what kind of work flow is behind the scenes there.

How do you normalize data? Like, what are you doing to reduce false positives like we were just talking about? And, the answers vary greatly. Some I I have heard some very impressive answers where I'm sitting there taking notes like slow down professor.

I'm taking notes.

But more often than not, it you can you can kinda sniff out that there's a little bit of marketing fluff there. And and then what's really happening is they're just they're just collecting a bunch of information and then putting it in prettier graphs, making their interfaces a little bit snappier, which I appreciate, by the way, you know, who wants it slow you know, interface on on their visibility tool. But that that's kinda where where it is. So, you know, I just kinda that that was something that I I enjoyed from a sadistic level. It's just sniffing out where the marketing fluff was.

And, and then getting into some cool conversations with the folks that really seemed to know what they were talking I got some great Kilt recommendations from a couple of your your colleagues, from, you know, yes. So it's always, you know, it's it is a diverse crowd as you, as you said, and it's always good to, you know, get to take. I I try to it's nice I've been building enough of a network that I can do sorta at Cisco live and at Blackhat and defcon and and adjacent conferences you know, which we don't really exhibit at, but I go to see what's what's going on and what people are working on, have the hallway track. You know, they're like, hey, what what do you seeing, especially people doing consulting, working across customers, you know, what's the reality you learn about? I mean, god help us. There's now a fifteen hundred dollar multi ten gig routers that can full tables.

That's pretty fucking awesome. Yep. I know what you're talking about for sure. Yeah.

I mean, we're not selling sponsorships. I just you know, you know, we don't have to, you know, get them on for ads. That's really cool. For me, I I automation and intent still I think people are being confused into thinking that everyone's much further along.

Yeah. And I, you know, a few years ago, I went to devnet, and I was like, oh, you're using NSO to write one Python program to use APIs in Python instead of this one CLI thing with no, you know, sort of, like, even GitHub so you make don't do the same thing over and over again. And, like, where's the you know, the Uber side of it, you know, versus the promise. And I I I could see a little more I I could I I would welcome a little more real talk, you know, there.

You know, and and I think some of the automation vendors, I found them more open to, like, yes, this is a toolkit. You know, we're plugging this in and and, you know, every every environment's unique, and here's how we help. We make it faster to do these things, but we're not the Magic Automation, you know, engine. But sometimes it can be a little, you know, these are both things that have been there for a long time. And, that that's my AIML.

Is is, you know, when people go overboard on that. But That true level of of, you know, intent based networking, remember that that was a buzz, like, a twenty six No. But it still is. IBM, and it still is.

Yeah. Well, p four, everyone's gonna be programming the switches with everything, you know. Yeah. Yeah.

And and and that's the thing, though. I I you didn't I didn't hear that that term at all. This particular Cisco Oh, I think I I thought I saw it. Yeah.

Yeah. Mean, it's cool to have, you know, to, you know, you know, the p four stuff. But like with flow controllers, and, you know, it's like when it's you know, it it definitely can be hype cycles for this. Yeah.

Yeah. For sure. And I think we're off we're I don't know what that hype cycle thing looks like. I am picturing it in my mind.

We're definitely on the The trough of despair? Yeah. Right.

The slough of despawn. So I think Sounds like a DND. It sounds like a DND thing. You know, you're now upgrading the trough of fair.

So I don't I don't think that the those intent based networking vendors, like, are just done. I I noticed that know, just a couple years ago, not long ago, I they the language started to change from some of those vendors where instead of saying intent based networking and automate programmatic automation for automated remediation, language started to change to intent based analytics and and intent based I'll have to look for that. I haven't really seen that. Yeah.

Well, I and my my theory I don't know if this is right, but I think it's because, well, geez, in order to do intent based networking, you need to collect the crap ton of telemetry from the network. Various forms. Any any way you can get it. Right?

And, of course, you're you're hooking back into devices to program fine. But that first step is to collect everything that's going on. So you have that, that, quote unquote, single source of truth. Right?

You need to start with that foundation.

You're doing path calculations. You're doing, or path permutations, really, and figuring out probabilities of what suboptimal, things like that. You're creating a reference architecture based on, like, this is what the duplex should look like in this particular data center. So here's my gold standard. So you're collecting all this information.

And I think IBM vendors at some point were like, Well, geez, you know, we could probably sell this.

Maybe we should change change our language just a little bit. And and that's fine. I mean, because it is still a useful thing. But that's, like, that's kinda where I think intent based networking sorta stall a little bit.

As far as, like, progressing down the automation route, that's a hard problem to solve in a multi vendor you know, Snowflake network environment, you know, out in the world. I think that I see what you're saying about on the marketing trends. Yeah. I think the thing that, you know, the way I look at it is there was this great promise.

And, you know, I try not to be the Statler and Waldorf in the network room, you know, is the grumpy old person saying, oh, yeah. We tried that in fourteen ninety two, and it didn't work, you know. And so we should stop talking about stuff. But you know, there's there was a wave of companies that came from people that had never run a network but studied, you know, out of the SDN groups that said we could just mathematically model all of this, which I have always had a problem with because of bugs.

You know, the wonderful thing and the frustrating thing is so many bugs, you know, in networking, and you can't really model the bugs. But but, you know, and that worked okay in some data center world, but you have the super long tail of needing to build that unified model. And that that for me is, like, you're gonna be stuck with the piece parts unless you can do a unified model, and that's why Kintech hasn't taken it on because that's a it's doable But it's a really hard problem that you have to believe will have, you know, the right payoff and in a multi vendor way and with bugs and with And and, you know, not just the big data center, not just the WAN, not just, you know, the the edge in campus, you know, it's all that.

That doesn't mean I think we can't get there or won't get there, but, you know, the approaches of automation, you know, without having that model you know, and and even just what people want, which is the the simpler version, which is, you know, the the opposite of rancid, the config push, the make it so command.

To use the star track, you know, analogy. So, again, I think we'll have it in the next ten years, you know, at least to make it so command, but and better than SolarWind's NCM, which is, you know, re reg ex based. And even even Kentic, you know, we'll use configs and look at again, it's part of observability and correlating and saying that or sorry, correlating, which is, you know, did did I do something? The old, don't let the, don't let the butt crack out of the CO, you know, catch the outage when they spark the wires and took your, you know, t one down. So Yeah.

So I I I am definitely hopeful, but maybe I just found the wrong, you know, intent and automation, marketing messages. So Well, I mean, it's incremental though. Right? I mean, every everything that we're doing is we're not like, you you mentioned something like going zero to a hundred earlier when we started recording, but we don't go from, you know, automating zero to, you know, it's a completely autonomous network that just runs and you know, everything just changes behind the scenes and the But that is what what vendor c and vendor j tell the world they have built.

Yeah. Yeah. That's true. So that's And that is a problem because that does, you know, the the that the fluff is out there for sure.

But I don't but it is but it's still good. It's still progress to say, Hey, you know, we we, we're just changing, interface tags be more consistent. We're gonna automate that. We're gonna automate these low level things that aren't disrupted to the network of something Life Cycle automation is, like, key step.

And and Yeah. The, you know, the wifi automation that the world's been in, you know, before missed. And then after, you know, and then what Juniper's doing, with a lot of really great stuff, you know, being done, with parts of it. But maybe maybe I'm just too grumpy because I hear I hear these broad messages about everything is now self driving or or, you know, closed loop.

And, you know, I sometimes I just I see some of our customers, like, Oh, I suck. I'm so far behind. It's like, no. No.

No. It's it's all good. It's all good. Yeah. Yeah. You know, just yeah. Just don't have don't be that network where you have, you know, forty thousand devices.

And if there's an interface description, it's wrong. Like, have have a you know, move towards whether it's Netbox or, you know, iPad or whatever, move towards the source of truth. Like, you know, these are journeys that we're taking together. And, you know, life will, life will get better over time.

And you can start with a corner of the network. You don't have to you won't have to start, like, if you have, you know, hundred thousand interfaces and whatever, you know, two two thousand sites around the world, you could start with one site, one small branch or one closet, whatever. Whatever. And then say, alright, we're gonna do this stack of switches and then Yeah.

You know, we're gonna look at our wireless infrastructure and, let we can just use some programmatic tools and visibility to, you know, manage just this particular overlay, you know, Yeah. And, and so that's a good place to start. And, you know, and and and we're gonna and we're gonna, you know, build on that over time. So, you know, where are we today?

You know, we we're I think it's very, very early stages of that where folks are still doing you know, I mean, think about it. Isn't isn't me typing, commands into my Cisco router intent based? You know, I I mean, it's kinda, you know, I had this discussion with, with Greg Ferrow over over back and forth over a couple blog posts a couple years ago. Where I was like, you know, in Tennessee, it's kind of a panacea, you know, we're not there.

And then and then he made the argument that DHCP was kind of intent based working. Right? I'm like, well, no, it's not because it doesn't have the closed loop. So I went through that whole argument, and he made the point.

It's like, well, not not exactly because, you know, think about process of back in the day, you know, the Discover offer request acknowledge at whatever it is today. I don't know. But You know, that's an automated process to get an IP address. I know this is just a simple small example, but I'm Okay.

I guess I have to I have to join this blog argument four years later. Yeah. Right. It was it was a few years ago, but I remember I think there's a lot of of, you know, people on the journey to intent, but I think of it as not just the automation of something that's a single vector, but combining a few vectors so that you're not gonna get them out of, you know, sync.

So it's make sure that when this happens, that happens. And ultimately, if you actually wanna get to intent, it's you sort of say I want it to look like this rather than I need the IP address to be like that. So maybe I talked myself into it. Maybe DHCP is Just like that.


You know?

I would just say that we're probably unless you count, you know, the routing protocols themselves and what they do figuring out reachability as that, which now we're getting really deep. I would say that, again, Kubernetes for all its warts and, you know, I still have to read that you know, all the iceberg, there's, like, a bunch of series about all the issues, you know, that you need to come up to speed on or that create opportunities for vendors in the kubernetes space. But Yeah. You know, has sort of pushed that world forward maybe more than, you know, the the network world has despite all the talk about it.

But, you know, we'll get there. And I can say that the ultimate foundation to get there though is what we're doing now with collecting, you know, mining data from the network and and moving forward with much more intelligence, with observability now. That is absolutely gonna be the foundation of it because otherwise, you know, you know, you have your reference architecture and you have all these moving parts. And and when I say that, that's an understatement.

Right? You have you have millions and and and billions of objects in a network, if you count up everything that exists. And like that butterfly effect, you know, what this this thing over here putting my hand in the frame here. If you put this thing over here, how does it affect this thing halfway across the world ultimately ultimately, in the context of the service delivery or an application delivery.

Right? It's performance or its reachability, that kind of thing. And so that's gonna be the foundation for for, layering those, programmatic configuration push it pushes, you know, programmatic and and automated, whether it's remediation or or just pushing config and things like that, whether it's a security remediation as well. You know, that's something where I'm seeing a little bit of advancement where, you know, there's there seems to be more automated remediation in the security realm alone.

Right? Yeah. We got this issue over here. Shut down this port. Shut down these things, you know.

So Well, and then that becomes data that you need so that you're not trying to figure out looking at the data why those ports were shut down. So you think that has metadata too. I I absolutely agree. And that's, you know, I think the thing for me that, is the single biggest criteria is is really the reason that, people asked for Kantik in the first place as opposed to Arbor was squinting at roll ups later in the network world where there's so many different dimensions of things and unique values of of and and things flying around.

Yeah. Having to know the question in advance, really limit you in in operational, way and and and only being able to do analytics on summaries of the data is really is really tough and, you know, also limits you. And so You know, I still struggle when I see net in in in network world and application world and SRE world, everyone says observability because it's the thing. Even on top of platforms that have very limited abilities to do.

Not only, you know, whether you call it baseline or trending or anything more than simple predefined things, but, but especially ultimately when the engineer, she needs to get in there and, you know, like, okay. Do I need to validate this before I push the button? What's really going on? And and I'll come I'll come back to it again, bugs.

And I say that not ever wanting to build a router operating system ever, ever, ever, ever, ever, much less the hardware and all that stuff. I don't ever wanna do that. Yep.

You know, and there's a reason I I love SAS a lot more than, you know, shipping software and people running it and doing all sorts of crazy stuff with it. But there are so many bugs that, you know, just even the best models, you know, sometimes you do need to poke around, you know, into that. So What would you love to see more of, next year at Cisco Live? You know, where'd you like to see us, us all be?

And Yeah. First of all, I don't wanna go to Las Vegas, but I guess that's already in the cards. Oh, it's on Orlando or or I the last one or two is I think twenty nineteen, and it was in San Diego, and I absolutely loved it. I love San Diego.

So that was that was nice. But that that would be cool, but obviously they've already scheduled it for for Vegas.

I'd like to see, you know, I'd like to see more of a variety of innovation. You know, it's, you know, the industry seems to everybody jumps on a similar bandwagon a lot of the time, and I'd like to see what's what people are doing. The thing is that they're out there, the people are doing different things and solving different problems, but, you know, when you when you set up a booth, you know, you're you're looking at other booths and, you know, you wanna make the there's not camaraderie, but there's some, you know, overlap with what folks are doing. I'd like to see a little bit more variety. I did appreciate that there was a coffee station almost everywhere at this particular Cisco live because I'm a big coffee drinker and it was decent coffee. So I hope they continue to do that. That was good.

But, you know, I think I think the advancements in in observability and continuing to differentiate it from traditional visibility is gonna be a big thing because, you know, with intent based networking, I totally saw the the marketing fluff. I saw the intent washing that people were doing. Observatory, I don't see it the same way. Although, you you can, you can just say, we're doing observability and and you're not.

But it really, to me, it really is a different, a different realm of visibility. It really is the evolution. It's the next the next step and requires you know, new underlying technology. So I'd like to see where that goes.

And if we start scratching the surface of of some more automated remediation based on whatever insights. That would be pretty cool. I mean, we have a year. So it's not a lot of time.

No. Time is pretty fast. I I I'd like to see that.

I think there'll still be, a lot of people using terms, you know, to describe them that are sort of off and as well as a a ton of progress, that, that I look forward to.

Maybe we can, do some combined vendor torture and live blogging, which is, you know, break it down, what people are doing, and what's cool, or get a group together. I don't know Did did any of the field day delegates do that in Cisco live? Okay. So, like, if that could be the delegate thing one of those folks was fun.

Okay. Okay. Take some pictures. I, actually, that's a good point. Next year, I'm gonna try to be a little bit more social rather than just like learn and absorb and and listen and talk to people, which is really, you know, that's great.

That's fine. I'm a nerd. I wanted to talk to people about how they plug this into that. But, you know, I have some decent cameras and stuff.

I have a road podcast, Mike. I can put you know, maybe get around and maybe get perspectives of folks and say, hey, what do you think? Right there on the floor. And I mean it not to I mean it not to you know, ridicule or demean, but, like, it's just the same thing that I had when I was at Akamai.


You know, really the entire time, but, you know, I remember two thousand, two thousand one. Some of my friends were like, Hey, I know what Ocama does, but I go to the website and it's, you know, extending control your infrastructure. Like, where's your metadata manual? How do I understand, like, how do I understand how you how does this go with this?

And, like, where's that? It's like, oh, you have to be a customer. It's like, don't you think it'd be nice if If you could, like, show that to us, and, you know, it's like, at the time, that was not what the world was. And so I think that world is going more that way.

So, you know, if they're I've I've certainly had plenty of times. I'd love to have someone help me, you know, tell the story. So.

Yep. Cool. Well, I'll hold you to that. And, help if I can. I I would look look forward to, distributed learning, from, enabled by, good question asking.

So, well, thanks for the time and insights, Phil. And, of course, thanks for joining Kentech, and, look forward to continue talking. Thanks. Thanks everybody for joining, network a f.

You can, listen to us, on, Apple and other forums. We have a website, past episodes, transcripts.

You can find, me, Abbyfriedman at LinkedIn, Twitter, the usual places on Avi at kintech dot com and Phil how should people find you?

Well, you can start with Twitter network underscore I wish I could get rid of that underscore, but I still have it. Work underscore fill at Twitter. You can search my name in LinkedIn. My blog is network fill dot com. And, Peter Vasi, Kentech for direct email.

Okay. Thanks everybody. See you next time.

Got a guest?

Network AF is accepting guests for upcoming episodes. If you’d like to be on the podcast or refer a friend, reach out to

About Network AF

Network AF is a journey of super-nerd proportions into the world of networking, cloud, and the internet. Avi Freedman, self-described internet plumber and podcast namesake, hosts top network engineering experts from around the world for in-depth, honest, and freewheeling banter on all-things-network — how-tos, best practices, biggest mistakes, war stories, hot takes, rants, and more.
We use cookies to deliver our services.
By using our website, you agree to the use of cookies as described in our Privacy Policy.