Why Is Networking So Hard?

I frequently encounter customers, sales folks, and even engineers, who ask me: why is computer networking so hard? I’ve found that there’s a simple metaphor that provides a great explanation.

Imagine you need to make a trip from a gated community somewhere in rural Canada, and your destination is another gated community somewhere in the rural United States.

You need to plan a route. But now, rather than just calling up your favorite booking site, your Travel Safety Team says, “You can’t just go via any route and stay in whatever motel you find—bad stuff will happen. You have to use only approved travel providers or show that no such provider exists. You may only use pre-vetted lodging destinations. And we’re happy to pay for the extra expense because that’s how important it is.”

So you diligently dig in. After several days of tediously plotting options and confirming approved layover points, you come up with a plan that beautifully conforms to your team’s guidelines. It is both safe and efficient: it uses private travel carriers, highly-reviewed and approved lodgings at your layover points, and minimizes your own travel time. Your Travel Safety Team looks at the budget estimate and their faces go pale. “We need you to be safe, but we’re not made of money. Isn’t there a cheaper alternative?”

You have to drive. Due to your team’s restrictions, you have to talk to the travel and road-planning commissions for every major municipality between you and your destination, so you need to do the following:

Figure out what the local ordinances are: some towns allow you to come in for as long as you like and then return home, but not to pass through—you can’t stay there overnight on your way to somewhere else: that’s illegal.
Find out if any private roads will grant you through-access or if you need to charter a helicopter for certain legs of the trip.
Negotiate with your Travel Safety Team: for places that don’t have private roads or helicopters, what if you use a dedicated lane? They’re going to ask you if it has double-white lines, double-yellow lines, medians, or something else. And you’re going to have to research that.
Know exactly what luggage you’ll be carrying, because certain checkpoints will only allow bags of a certain count, size, or weight. Frequently these restrictions are not publicly known or even documented, and you may have to redistribute your luggage when you arrive.
Obtain detailed interior maps—including cross streets and one-way street indications—of the gated communities that you’re departing and arriving at because the neighborhoods are labyrinthine.
Understand how the address/house numbers at each major municipality relate to “general” addresses because every place seems to have its own system.
Pre-write scripts to help you carefully explain your destination and purpose of visit to each of the border security agents along the way, each time using a location address that each particular agent will understand.
Make sure you have passports, contact names, and gate codes for every stop along the way.

Then, to top it all off, just when you think you’ve nearly completed your plan, you find out you need to make another stop at a third gated community along the way… and it’s nowhere along your existing route.

Every single one of the above real-world examples maps back to a specific network challenge that you could face when trying to establish routing from your local offices to the destination of your choice:

Your corporate LAN might feel like a sprawling local neighborhood with specialized address numbering; the broad private IP spaces and network address translated (NAT’ed) subnets can make the “simple” act of leaving your on-premises network a hurdle unto itself.
Carefully planned dialogs with border security agents are just like the negotiations between VPN routers or transit through firewalls: even completely valid traffic must be thoughtful about how to avoid rejection at the border crossing.
Local city ordinances around thru traffic are similar to SaaS vendors’ transit-routing policies: many network providers are fine with traffic that arrives and then returns home but have special (and often expensive) requirements for traffic that needs to be passed onward.
Unpublished luggage restrictions are like Maximum Transmission Unit limits, with individual routers along a path unexpectedly rejecting packets that are “too big” until a compromise in size can be negotiated.

It gets worse: unlike when a human is making this trip and can improvise when challenges arise along the way, a network packet taking such a route has no such agency or autonomy. If it gets stuck somewhere, it’s done. It can’t even call home to get help. It just languishes wherever it lands, never to be heard from again. It’s a good thing packets are so highly replaceable, unlike you and your luggage.

So even though you, as a traveler, might be able to tell me all about the difference between a freeway, a highway, and a toll road; know all about overpasses and underpasses and on-ramps; know the purpose of immigration checkpoints; and, be able to describe at length how gate codes work, all of that is only the beginning: you have to know the SPECIFIC on-ramps, freeways, immigration checkpoint routines, surface streets, addresses, and gate codes, all planned perfectly in advance, in order to make it all work.

And even though I, as a Network Engineer, might be able to tell you all about Skytap’s ability to facilitate your network needs, whether that be a VPN directly to your corporate premises, an ExpressRoute to Azure, or multiple cloned NAT’ed environment subnets, there’s no “right answer” to the question of how your application should route its connectivity into Skytap. In addition to your application’s specific destination and performance needs, your networking and security teams will have their own requirements, and your project will have its own specific budget targets. The right solution will be a specific network path that blends (or at least finds an acceptable compromise between) all of these constraints.

When each new journey requires this level of detailed knowledge, planning, and flawless execution, it should come as no surprise that establishing new network routes is so difficult.

So what do we do about it?

For starters, accept that networking is hard. Rather than denying or fighting it, attempt to mitigate the difficulty. Networking technology has had more than fifty years of brilliant engineers working hard to design systems to speed our traffic along its merry way. Unfortunately, we’ve also had equal time in which malicious actors have been working to exploit these systems for their own benefit. All of this time and tension has resulted in layer upon layer of complexity, checks, and balances, which need to be thought through carefully, with no one-size-fits-all solutions. Making sure that your team has the right stakeholders and support is critical. Missing knowledgeable stakeholders from certain legs of the trip will only result in flying blind.

Secondly, just like your original application wasn’t built in a day, neither will your new network route. In the best traditions of software development, it’s going to require iterative rounds of careful requirements gathering, planning, implementation, and testing to succeed. That kind of effort takes time, which cannot be crammed into a two-week intensive effort. Plan accordingly.

Next up, remember that—unlike you—network packets are dumb, and cannot improvise. And you’re not the one making this trip: your packets are. You’re spinning up a fleet of little robot drones to make the journey over and over. It’s natural that in the first few (maybe even several) attempts, there will be wrong turns and unexpected blockages. Plan for these failures to occur and build in ways to monitor the truth on the ground: Finding ways to get visibility on the real status and location of your packets at each leg of the journey will be critical to diagnosing wrong turns, and getting back on the right path. And just like an unexpected snowstorm or power outage can occasionally waylay even the most seasoned traveler, unexpected changes will cause delays and reroutes, and then you’ll need to improvise again. You’ll want to be able to switch your network visibility monitors back on, even after weeks or months of flawless autopilot.

Finally, the point about understanding the full path bears repeating. It’s so fundamental, it may seem obvious; but when a driver is relying on you for directions and you fall asleep during a leg of the trip, it’s always possible you’ll wake up to find yourself in the wrong place. Gather your requirements thoroughly, do your research, find out exactly how all of the points connect. If there’s a leg of the trip that seems mysterious or a bit of a black box, stop and ask about it, until you know exactly how it fits into the plan. It’ll save you from going through the same trouble later on, when “everything was working great before” but now you’re under much more pressure to get it magically working again.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-non-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
cookielawinfo-checkbox-preferences	1 year	This cookie is set by the GDPR Cookie Consent plugin to check if the user has given consent to use cookies under the "Preferences" category.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
55d66ab20f0ad28a_cfid	2 years	Set by ChatFunnels to store chat sessions
bcookie	2 years	This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
lidc	1 day	This cookie is set by LinkedIn and used for routing.
sc_anonymous_id	9 years	Cookie is placed by SoundCloud to provide functions across pages.

Cookie	Duration	Description
__utma	2 years	This cookie is set by Google Analytics and is used to distinguish users and sessions. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmb	30 minutes	The cookie is set by Google Analytics. The cookie is used to determine new sessions/visits. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmc		The cookie is set by Google Analytics and is deleted when the user closes the browser. The cookie is not used by ga.js. The cookie is used to enable interoperability with urchin.js which is an older version of Google analytics and used in conjunction with the __utmb cookie to determine new sessions/visits.
__utmt	10 minutes	The cookie is set by Google Analytics and is used to throttle the request rate.
__utmz	6 months	This cookie is set by Google analytics and is used to store the traffic source or campaign through which the visitor reached your site.
_gat_UA-4086838-1	1 minute	This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
_uetsid	1 day	Bing Ads sets this cookie to engage with a user that has previously visited the website.
_uetvid	1 year 24 days	Bing Ads sets this cookie to engage with a user that has previously visited the website.
YSC		This cookies is set by Youtube and is used to track the views of embedded videos.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, camapign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randoly generated number to identify unique visitors.
_gcl_au	2 months	This cookie is placed by Google Tag Manager to place and track conversions.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.
_uv_id	2 years	Slideshare: Collects data on the user's visits to the website, such as which pages have been read.
browser_id	5 years	This cookie is used for identifying the visitor browser on re-visit to the website.
bscookie	2 years	This cookie is placed by Linkedin to store performed actions on the website.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
GPS	30 minutes	This cookie is set by Youtube and registers a unique ID for tracking users based on their geographical location
li_sugr	2 months	This cookie is placed by Linkedin to store browser details.
lissc	1 year	Used by the social networking service, LinkedIn, for tracking the use of embedded services.
MR	1 week	This cookie is used to measure the use of the website for analytics purposes.
pardot		The cookie is set when the visitor is logged in as a Pardot user.
undefined	never	Wistia sets this cookie to collect data on visitor interaction with the website's video-content, to make the website's video-content more relevant for the visitor.
vuid	2 years	Vimeo

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well.
IDE	2 years	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
MUID	1 year	Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking.
SRM_B	1 year	Bing.com
SRM_I	1 year	Bing.com
u	2 months	Collects data on user visits to the website, such as what pages have been accessed. The registered data is used to categorize the user's interest and demographic profiles in terms of resales for targeted marketing
uid	1 year	This cookie is used to measure the number and behavior of the visitors to the website anonymously. The data includes the number of visits, average duration of the visit on the website, pages visited, etc. for the purpose of better understanding user preferences for targeted advertisments.
UserMatchHistory	1 month	This cookie is place by Linkedin to enable ad delivery or retargeting.
VISITOR_INFO1_LIVE	5 months	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Why Is Networking So Hard?

Join our email list for news, product updates, and more.

Product

Company

Help

Cookie	Duration	Description
_clck	1 year	No description
_clsk	1 day	No description
AnalyticsSyncHistory	1 month	No description
CLID	1 year	No description
ingrammicro.com	1 hour	No description
li_gc	2 years	No description
loglevel	never	No description available.
original_req_url	past	No description
visitor_id869971	10 years	No description
visitor_id869971-hash	10 years	No description