Turning LLM-Generated Network Configurations into Verified, Safe Updates with Artanis

In intent‑driven networking, large‑language models (LLMs) greatly improve the translation from natural‑language intent to configuration updates, but guaranteeing the safety and deployability of the generated configurations remains a new challenge. Error analysis (Figure a) shows that 66% of failures are parameter hallucinations, 19% are missing constraints, and 10% are syntax errors, which can cause policy violations, routing loops, blackholes, unreachable paths, or SLA breaches. Existing "verify‑then‑rewrite" pipelines are simple yet require protocol‑specific rule adaptation and often fail to converge in multi‑round iterations (Figure b).

Artanis addresses these issues by inserting verification and learning steps after generation, forming a closed feedback loop. The process consists of three stages: (1) the Translator converts intent into candidate configuration updates (CU); (2) the Verifier conducts multi‑objective verification, checking routing behavior and service‑level metrics; (3) GRPO (Group Relative Policy Optimization) transforms verification outcomes into reward signals that are used to further train and refine the Translator. Compared with prompt‑based rewrite methods, this loop directly leverages verification information, yielding stable performance across different network scales.

Core Technology 01: GRPO – Reinforcement Learning Replaces Prompt Feedback

GRPO converts the multi‑task verification scores into relative advantages within a group, applying a KL‑divergence constraint to keep updates stable. By generating multiple candidate configurations per training step and scoring them, GRPO computes group‑wise reward differences, which guide the Translator’s parameter updates and progressively reduce policy violations.

Core Technology 02: Multi‑Objective Verification – Millisecond‑Level Guarantees

The Verifier supports six verification tasks: routing isolation, routing loops, blackholes, reachability, link overload, and SLA violations. It combines graph‑structural features with statistical features to achieve fast verification. On the Colt topology (154 nodes), the Verifier completes all tasks in 2.70 s, a 38.07% improvement over SLA‑Verifier (4.36 s) and dramatically faster than Batfish (1267.39 s). Accuracy and inference latency remain high across network sizes.

Core Technology 03: Data Pipeline – Semi‑Automated Sample Generation

To lower the cost of high‑quality training data, Artanis employs a semi‑automated pipeline that leverages existing configuration parsers to reverse‑engineer samples, producing uniformly structured entries for model training and evaluation while reducing manual labeling effort.

Experimental Results – Breakthroughs in Reliability and Efficiency

Performance is measured by Text Similarity (TS) and Policy Violation Rate (PVR). As network size grows to 100 nodes, baseline methods (GPT‑4o, Cosynth) see rapidly increasing PVR, whereas Artanis maintains TS at 94.9% and limits PVR to 9.7%, demonstrating superior reliability. The Verifier consistently achieves >90% accuracy, with inference time around 100 ms at 100 nodes, enabling rapid multi‑round optimization.

Real‑World Deployment – End‑to‑End Enterprise Network Validation

Artanis was integrated into a full configuration‑update platform where operators submit intents via a UI; the system automatically generates update proposals and displays real‑time routing‑level and traffic‑level verification results, showcasing product‑grade usability.

Conclusion and Outlook

Artanis provides a novel implementation for intent‑driven network configuration updates by embedding verification feedback as a core constraint and continuously improving the model through reinforcement learning. This design yields configurations that are both semantically accurate and policy‑compliant, bringing automated updates closer to real‑world reliability requirements. Future work will explore further extensions as model capabilities and verification technologies evolve.