Technical Debt and the Hidden Cost of Network Management: Why it’s Time to Revisit Your Network Foundations
Maintaining existing network infrastructures often incurs huge technical debt before newer technologies are adopted over time.
April 4, 2024
Technical debt afflicts networks as well as software. Managing network infrastructure means swimming up a waterfall of new technology, while keeping up with software updates and security patches. The torrent of demands often drowns out the fundamental maintenance of the foundational network elements.
The idea of technical debt was first introduced by Ward Cunningham, best known for devising the Agile methodology that breaks each project into phases and emphasizes continuous review and improvement cycles. He compared software development shortcuts to financial debt. When first developing an application, rapid deployment is important to begin learning what users want. Rapid deployment may not be optimized code; however, developers will need to go back and optimize it later. This trade-off (rapidity versus performance) is like borrowing, and the debt must be paid off later.
In the context of network infrastructure, a running network is more urgent than an optimized network. New features may be added that make the network less optimal. Regular review of the infrastructure is like making interest payments on the technical debt incurred. Resources may be overloaded, or even stranded, because of moves, adds, changes, and removed connections.
If it isn’t broken, why fix it?
While investment in network security measures is easily justified by the clear and present dangers of cyber threats, it can be harder to prioritize necessary but not urgent housekeeping. In fact, deferred housekeeping may leave resources exposed to security risks or available for exploitation by malicious parties. Brittle or unstable configurations can cause a minor event to become a cascading failure—one that is often hard to troubleshoot.
An often-overlooked example of this growing debt is a failure to actively manage and optimize IP addresses and Domain Name System (DNS) configurations—the very pillars of corporate network communication. Internet service providers (ISPs) of dedicated Internet access (DIA) to businesses would often assign blocks of addresses to customers. If those customers ever cancel or change providers, there's often a clean-up process to recover those resources.
Businesses going through reorganizations or mergers and acquisitions may lose track (or may never have had good records) of IP address ranges. Security policies and routing policies may then become outdated, leaving an IP address hijacker a window inside the perimeter security measures.
Companies using Network Address Translation (NAT) or Carrier-Grade NAT (CGNAT) to share one IP address among many devices may find that those functions, which edit data packets in flight, create unexpected failure modes. Sometimes, they hide problems, such as when malware or address snooping is happening within the boundary of the NAT. Sometimes, small problems become disproportionately large when one malefactor ruins the reputation of an address shared by many. Troubleshooting day-to-day operations becomes more challenging, and costs increase as the network architecture that worked in the past is no longer the best fit due to expansion, perhaps due to organic growth or mergers and acquisitions.
Renewed interest in IPv4 addresses
Despite the continued growth of IPv6, IPv4 is still necessary for general Internet connectivity. Growing networks, therefore, still need additional IPv4 addresses, and this has led to a strong resale marketplace.
Where growing networks are buyers in this market, organizations that have been on the Internet for decades may be sellers. By conducting a systematic audit, companies may discover inefficiencies in their IPv4 address assignments, as well as stranded (unused) assets, and stale security and routing rules. Renumbering to clean up the network will help make it more efficient and may result in a windfall following the sale of unused addresses.
Often, in the millions of dollars, an address sale can provide resources to service their technical debt. The audit, clean-up, and sale often results in a much better-managed network. A cleaner network has less complexity, resulting in greater stability, less downtime, and faster problem resolution.
Lee Howard is Senior Vice President at IPv4.Global.
Related articles:
About the Author
You May Also Like