Campus Network Automation: Reality Check

The following blog post summarizes insights from a recent discussion among Network Automation Forum (NAF) community members about the state of network automation in campus environments. The conversation was sparked by a question about whether campus network automation is more buzzword than reality, with practical implementations seemingly focused elsewhere. These perspectives represent the diverse opinions and experiences of 11 individual NAF community members and may not reflect industry wide consensus or established best practices.

The Perception Gap

One community member kicked off the discussion by questioning whether network automation in campus environments might be "vaporware" - a term often used for promised technology that never quite materializes. They noted that while campus automation is frequently discussed as a buzzword, most practical examples seem focused on datacenters, cloud, or IoT/Edge applications rather than campus networks.

Campus Automation is Real

Multiple professionals quickly confirmed that campus automation is indeed happening and providing real value. As one respondent put it, they "do it for a campus fabric and wouldn't want to not do it," adding that they "don't treat campus and DC differently in terms of configuration management." Another experienced engineer shared that they actually started automation efforts in campus environments because "the risk was far lower of mistakes being impactful."

Common Approaches and Tools

Several tools and approaches emerged as popular among professionals implementing campus automation:

1. NetBox combined with Python to program network device APIs (particularly mentioned for Aruba CX switches)

2. Ansible and Nornir for configuration management

3. Homegrown Python solutions customized to specific environments

4. Vendor solutions like Juniper's Mist AI platform for campus networks

Unique Challenges for Campus Automation

Campus automation faces distinct challenges compared to datacenter automation:

1. Budget constraints - "No one wants to spend money on improving network infrastructure"

2. Staffing limitations - Finding or developing automation expertise

3. Diverse network types - Campus environments often require supporting vastly different networks (dorms, classrooms, office buildings, etc.)

4. Legacy hardware - Particularly access layer devices that may have limited automation capabilities

5. Scale - Often dealing with a very large number of devices in the access layer

The Idempotency Challenge

A significant technical challenge highlighted by several participants was achieving idempotency in network configurations. As one engineer explained, "many network vendors still force you to deal with the state of a configuration" rather than simply allowing you to apply a desired state. This makes true automation more difficult to achieve.

Only a few vendors were praised for supporting idempotent configurations, with Juniper, Arista, and Aruba CX (when using their JSON API) specifically mentioned.

Practical Advice for Getting Started

For teams looking to implement campus automation, community members offered several practical recommendations:

1. "Start small, read only if required"

2. Begin by automating routine BAU (Business As Usual) tasks to save time

3. Accept that each major iteration may be destructive of previous work

4. Avoid the instinct to "do this once and properly" - layering is a more successful approach

5. Leverage vendor resources: "use and abuse your sales engineers" to understand available options and connect with similar organizations

Shifting Mindsets

One of the most valuable insights shared was about the necessary shift in thinking required for successful automation:

"The key shift is moving away from thinking device by device — like 'this Cisco router has these CLI commands' — and instead stepping back and thinking in terms of services and functions."

Tools like Nautobot and NetBox were recommended for helping teams model networks based on intended states rather than running configurations. This approach involves defining network roles, functions, and services rather than focusing on individual device configurations.

The Single Source of Truth Challenge

A significant cultural challenge identified was getting teams comfortable with enforcing a Single Source of Truth (SSoT) model. As one contributor noted: "What is more challenging for people to swallow is the actual enforcing source of truth. It was peculiar to see how the notion of deploying services ONLY via the controller is often feared of."

Organizations that have successfully implemented this model have established clear principles like "what exists in reality that doesn't exist in the SSoT has no right to exist" and run regular processes to ensure configurations match their source of truth.

Conclusion

Network automation in campus environments is very real, not vaporware - but it often looks different from the high-profile automation stories coming out of cloud providers and datacenters. Campus automation tends to be more customized, budget-conscious, and geared toward specific operational challenges.

The journey to automation requires not just technical knowledge but also cultural shifts in how teams think about network management. By starting small, focusing on services rather than devices, and gradually building toward a single source of truth, organizations can successfully implement automation in campus environments and realize significant operational benefits.

As one participant aptly summarized, when it comes to campus network automation, "There are tons of pathways out there, but not many paved roads." Organizations must be willing to forge their own paths based on their specific needs and constraints.

Contributions to the Slack thread that lead to this post came from NAF community members: Christian Strauf, John Howard, Shannon Byrnes, Pete Crocker, Andy Sharp, Paul Schmidt, Ryan Shaw, Tyler Bigler, Jesse Ford, Roman Dodin, and others.

Join the NAF Slack to jump into the conversation today!