Network configuration is a crucial task for system administrators, network engineers, and cybersecurity professionals. Automating this process with Python helps in reducing manual errors, improving efficiency, and managing large-scale networks.
Python provides several libraries to interact with network devices such as routers, switches, and firewalls using SSH, Telnet, and APIs.
Why Automate Network Configurations?
✔ Saves time – No need to configure devices manually
✔ Minimizes errors – Reduces human mistakes
✔ Ensures consistency – Uniform configurations across devices
✔ Enhances security – Automate updates, patches, and policies
✔ Scalability – Manage thousands of devices with minimal effort
1. Using Paramiko for SSH Automation
Paramiko is a Python library for SSH communication, allowing secure remote access to network devices.
Installing Paramiko
pip install paramiko
Automating Router/Switch Configuration
import paramiko
# Device details
device_ip = "192.168.1.1"
username = "admin"
password = "password"
# Create SSH client
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# Connect to the device
client.connect(device_ip, username=username, password=password)
# Send commands
stdin, stdout, stderr = client.exec_command("show running-config")
config_output = stdout.read().decode()
print("Device Configuration:\n", config_output)
# Close connection
client.close()
✔ Connects to a network device using SSH
✔ Executes a command (show running-config)
✔ Retrieves the current configuration
2. Automating Network Configuration with Netmiko
Netmiko is a simplified library built on Paramiko, designed for network automation.
Installing Netmiko
pip install netmiko
Sending Commands to Cisco Routers
from netmiko import ConnectHandler
# Define the device
cisco_router = {
"device_type": "cisco_ios",
"host": "192.168.1.1",
"username": "admin",
"password": "password",
}
# Connect to the device
connection = ConnectHandler(**cisco_router)
# Send configuration commands
commands = [
"interface GigabitEthernet0/1",
"ip address 192.168.1.100 255.255.255.0",
"no shutdown",
]
output = connection.send_config_set(commands)
print(output)
# Save configuration
connection.send_command("write memory")
# Close connection
connection.disconnect()
✔ Logs into a Cisco router
✔ Configures an IP address
✔ Saves the configuration
3. Automating Network Configurations with NAPALM
NAPALM is a Python library for managing network devices from multiple vendors (Cisco, Juniper, Arista, etc.).
Installing NAPALM
pip install napalm
Retrieving Router Configuration
from napalm import get_network_driver
driver = get_network_driver("ios") # Change to 'junos' for Juniper devices
device = driver("192.168.1.1", "admin", "password")
device.open()
config = device.get_config()
print("Running Configuration:\n", config["running"])
device.close()
✔ Works across different network vendors
✔ Retrieves running configurations
4. Automating Network Configurations via REST API
Modern network devices expose REST APIs for automation.
Example: Using REST API to Configure Cisco Router
import requests
from requests.auth import HTTPBasicAuth
# Cisco router details
router_ip = "192.168.1.1"
username = "admin"
password = "password"
# API URL for configuration
url = f"https://{router_ip}/restconf/data/Cisco-IOS-XE-native:native/interface/GigabitEthernet=1"
headers = {
"Content-Type": "application/yang-data+json",
"Accept": "application/yang-data+json",
}
# Configuration payload
config_data = {
"Cisco-IOS-XE-native:GigabitEthernet": {
"name": 1,
"description": "Configured via REST API",
"ip": {"address": {"primary": {"address": "192.168.1.100", "mask": "255.255.255.0"}}},
}
}
# Send PUT request
response = requests.put(url, json=config_data, headers=headers, auth=HTTPBasicAuth(username, password), verify=False)
if response.status_code == 204:
print("Configuration updated successfully!")
else:
print("Failed to update configuration:", response.text)
✔ Uses REST API to configure a Cisco router
✔ Secures access using HTTP Basic Authentication
5. Backing Up Network Configurations
Automating backups prevents data loss due to hardware failures or misconfigurations.
Using Netmiko to Backup Configurations
from netmiko import ConnectHandler
device = {
"device_type": "cisco_ios",
"host": "192.168.1.1",
"username": "admin",
"password": "password",
}
connection = ConnectHandler(**device)
config_output = connection.send_command("show running-config")
# Save backup
with open("router_backup.txt", "w") as file:
file.write(config_output)
print("Backup saved successfully!")
connection.disconnect()
✔ Retrieves the configuration
✔ Saves it as a backup file
6. Automating Firmware Upgrades
Regular firmware updates fix security vulnerabilities and improve performance.
Automating Firmware Upgrade via SSH
from netmiko import ConnectHandler
device = {
"device_type": "cisco_ios",
"host": "192.168.1.1",
"username": "admin",
"password": "password",
}
connection = ConnectHandler(**device)
# Upload new firmware
output = connection.send_command("copy tftp://192.168.1.2/new_firmware.bin flash:")
print(output)
# Set new firmware as the boot image
connection.send_command("boot system flash:new_firmware.bin")
# Reload the device
connection.send_command("reload")
connection.disconnect()
✔ Uploads firmware from a TFTP server
✔ Sets it as the new boot image
✔ Reloads the device
7. Monitoring Network Devices
Automating network monitoring ensures uptime and performance tracking.
Checking Device Status
import ping3
device_ip = "192.168.1.1"
response = ping3.ping(device_ip)
if response:
print(f"Device {device_ip} is online. Ping time: {response} ms")
else:
print(f"Device {device_ip} is unreachable.")
✔ Pings the device to check availability