Modern networks are far more than routers and switches. At onway, we operate more than 500 VMs across several data centres, distributed between customer production environments and internal services. And all of this with only 12 systems engineers on the team. Without automation, it would not be possible. Our central solution: NetBox.

Networks have always been complex, and this complexity increases as they grow. While a network once consisted of a few routers, switches and servers, today’s networks are highly dynamic systems with a wide range of device types. All existing IoT devices such as CCTV cameras, access systems, blinds or even coffee machines need to be integrated and secured. And everything must be able to communicate. At the same time, compliance requirements continue to tighten. Manual processes quickly reach their limits: they are error-prone, difficult to maintain and no longer scalable.

We face exactly these challenges at onway. We provide mobile routers for public transport in buses, trains and trams. This means we operate not only a central network, but also complete vehicle fleets for multiple customers. Each customer receives an individual cloud environment with its own infrastructure. In addition to routers, switches and firewalls, we install and configure further virtual machines (VMs) depending on the use case, such as:

• mpp as a guest WLAN portal
• macman for MAC-based access control
• onway director for fleet management

In total, we operate more than 500 VMs today, split between productive customer environments and internal services. Added to this are geo-redundant data centres that require configuration across multiple locations. For our systems engineering team of 12 people, this represents a considerable challenge. The solution: NetBox.

From a technical perspective, NetBox is a tool for managing IP addresses and data centre resources. For us, it is much more: the central database in which all relevant IT assets are recorded. NetBox not only knows IPs, VLANs and VMs, but also where they run and, most importantly, how everything is interconnected.

In the past, there were Excel sheets, network diagrams or the phrase “Ask Bob, he built it”. Such methods are not only difficult to maintain, they are also highly error-prone – yet still common in many organisations. Today, every change is entered in NetBox first: whether it’s creating a VM, configuring a service or adjusting a router. This not only ensures clean documentation but also provides the foundation for genuine network automation.

NetBox serves as our Source of Truth (SoT), the central instance from which all automation processes retrieve their data. Through the REST API, objects such as VRFs, VLANs, prefixes and virtual machines are queried. Our automation tools (primarily Python and Ansible) read this data and automatically generate configurations for routers, switches and firewalls. Changes are therefore no longer applied manually to devices but documented and versioned in NetBox. Ansible then handles the rollout – secure, reproducible and traceable.

This is where NetBox truly shines: all data is stored in a structured manner, and we use exactly this structure to automate.

Example: if configuration changes need to be rolled out to 200 routers, an engineer no longer performs this manually. Instead, our automation retrieves the data from NetBox and automatically generates the correct configuration for each device. This approach is not only fast and consistent but also significantly reduces the risk of errors.

This model also provides strong compliance benefits. We define the desired state, and our automation checks daily whether the infrastructure matches it. Any deviation appears in a report, making manual changes immediately visible. We can then review whether we want to keep or revert these modifications. For critical infrastructures, this is a decisive advantage.

Another essential component of our infrastructure is monitoring. Stable long-term operation is only possible if all systems are continuously observed. NetBox again plays a key role. Every component registered in NetBox – such as a VM or router – is automatically added to the monitoring system. This ensures that no system is left unmonitored and that all monitoring data always reflects the current state of the infrastructure. New or modified systems appear automatically in dashboards without manual configuration effort.

NetBox reduces error sources, simplifies processes and provides full visibility across the entire infrastructure.

This is the start of our series on NetBox and network automation – a topic that plays a central role in our daily work at onway.

In the next articles, we will show:

• how we centrally manage and configure more than 500 VMs with Ansible,
• how we automatically deploy a new cloud environment using NetBox and Python,
• and how we integrate monitoring seamlessly.

At onway, we have many years of experience in network automation and know how to operate complex infrastructures efficiently and reliably. Are you facing similar challenges? Would you like to see how network automation with NetBox could work for you?

We will be happy to show you how to make your network future-proof.