Python Netmiko Network Automation — Core Concepts

How Netmiko simplifies SSH-based network device automation with multi-vendor support, command execution, and configuration management.

What Netmiko solves

Network devices (routers, switches, firewalls) are managed through command-line interfaces over SSH or Telnet. Unlike servers that run Linux with a standard shell, each network vendor has its own CLI behavior: different prompts, different ways to enter configuration mode, different ways to save changes.

Netmiko abstracts these differences. Built on top of Paramiko (Python’s SSH library), it adds a layer that understands vendor-specific behavior — prompt detection, pagination handling, configuration mode entry, and commit workflows. You write one script; Netmiko adapts it to each device type.

Connecting to a device

from netmiko import ConnectHandler

device = {
    "device_type": "cisco_ios",
    "host": "192.168.1.1",
    "username": "admin",
    "password": "secret",
}

with ConnectHandler(**device) as conn:
    output = conn.send_command("show ip interface brief")
    print(output)

The device_type is the key parameter. It tells Netmiko which vendor patterns to use. Supported types include cisco_ios, cisco_nxos, juniper_junos, arista_eos, paloalto_panos, and over 60 others.

Sending commands

Netmiko distinguishes between show commands (read-only) and configuration commands (changes settings):

Show commands

output = conn.send_command("show version")

send_command() sends one command, waits for the device prompt to return, and gives you the output as a string. It automatically handles pagination — if the device says ”--- More ---”, Netmiko presses space to continue.

Configuration commands

config_commands = [
    "interface GigabitEthernet0/1",
    "description Uplink to Core",
    "ip address 10.0.0.1 255.255.255.0",
    "no shutdown",
]
conn.send_config_set(config_commands)
conn.save_config()

send_config_set() enters configuration mode, sends each command in order, then exits configuration mode. The save_config() method writes the running configuration to persistent storage — the equivalent of write memory or copy running-config startup-config.

Structured output with TextFSM

Raw CLI output is just text. Parsing “show ip interface brief” into structured data is painful with regular expressions. Netmiko integrates with TextFSM templates to return parsed data:

output = conn.send_command("show ip interface brief", use_textfsm=True)
# Returns a list of dictionaries:
# [{"intf": "GigabitEthernet0/0", "ipaddr": "10.0.0.1", "status": "up", ...}, ...]

TextFSM templates exist for hundreds of common commands across all major vendors through the ntc-templates project. This turns unstructured CLI output into data you can filter, sort, and export.

Multi-device automation

The real power comes from running commands across many devices:

from netmiko import ConnectHandler

devices = [
    {"device_type": "cisco_ios", "host": "10.0.0.1", "username": "admin", "password": "secret"},
    {"device_type": "cisco_ios", "host": "10.0.0.2", "username": "admin", "password": "secret"},
    {"device_type": "arista_eos", "host": "10.0.0.3", "username": "admin", "password": "secret"},
]

for device in devices:
    with ConnectHandler(**device) as conn:
        hostname = conn.find_prompt().rstrip("#>")
        output = conn.send_command("show version")
        print(f"{hostname}: {output[:100]}")

Notice the Arista device uses a different device_type, but the code is identical. Netmiko handles the vendor differences internally.

Common misconception

People often think Netmiko is just a wrapper around Paramiko. While Paramiko provides raw SSH transport, Netmiko adds substantial intelligence: prompt detection using regex patterns, automatic pagination handling, configuration mode state management, and commit/confirm workflows for platforms like Junos. Writing this logic yourself for even one vendor takes hundreds of lines. Netmiko provides it for 60+ vendors.

When to choose Netmiko

  • Quick scripts — check versions, gather interface status, push a config change
  • Multi-vendor environments — same script works on Cisco, Juniper, Arista, and more
  • Teams new to automation — gentle learning curve for network engineers learning Python
  • Brownfield networks — existing devices that only support CLI-over-SSH

For large-scale, model-driven automation, tools like NAPALM or Nornir build on top of Netmiko and add features like configuration diffing, rollback, and inventory management.

The one thing to remember: Netmiko eliminates vendor-specific SSH complexity so you can automate any network device with the same Python patterns — connect, send commands, parse output.

pythonautomationnetworkingsshdevops

See Also

  • Python Fabric Remote Execution Run commands on faraway computers from your desk using Python Fabric — like a universal remote for servers.
  • Python Invoke Task Runner Automate boring computer chores with Python Invoke — like teaching your computer a recipe book of tasks.
  • Python Schedule Task Scheduling Make Python run tasks on a timer — like setting an alarm clock for your code.
  • Python Watchdog File Monitoring Let your Python program notice when files change — like a guard dog that barks whenever someone touches your stuff.
  • Ci Cd Why big apps can ship updates every day without turning your phone into a glitchy mess — CI/CD is the behind-the-scenes quality gate and delivery truck.

Related Topics

ab-testing How tech companies run thousands of experiments at once to improve their products — the scientific method applied to everything from button colors to recommendation algorithms. 3 levels → activation-functions Why neural networks need these tiny mathematical functions — and how ReLU's simplicity accidentally made deep learning possible. 3 levels → ai-agents-architecture How AI systems go from answering questions to actually doing things — the design patterns that turn language models into autonomous agents that browse, code, and plan. 3 levels →