Not really working on the microNOC website monitoring this week as I’m offsite doing network consulting for an old friend while the companies normal network admin is out of town.
Now I’ve done work for them before, remotely, on network issues, but I’m actually onsite and doing far more this week.
One of the issues that I’ve got is that there isn’t any real network map or diagram. There are a few around here and there, but for the most part they are out of date. Especially given that the company is consolidating servers from one data center to another right now.
Part of the work that I’m doing while I’m here, other than just support, is getting a network map together that is accurate. While that doesn’t sound that hard, given the fairly flexible nature of the network, the fact that they are always expanding and contracting space and are currently in a fairly major server move, just doing a network diagram in Visio isn’t really going to help anyone tomorrow when the network changes again.
Part of the issue that I’m having is that it’s pretty difficult to do network discovery here with the seemingly random security that’s in place on the network devices. SSH to one, telnet to another, CDP enabled or disabled on various systems, SNMP access not always configured. All things that add up to making it a pain in ass to do enough discovery to create a diagram in the first place.
So what’s the solution?
Well, there are several solutions available, but what we are going to try first is one that anyone is free to try out: Nedi (actually Nedio44 - a bootable install version).
I’m not going to get into Nedi installation, configuration and use here (though I will soon, I promise), but it is a great opensource tool for network management.
Other than a tool, the biggest issue that I need resolve to make any solution work is to clean up the security and running services on the devices. While there are lots of ways of doing that, I’m going with the manual method of logging into each device that will be involved in this discovery and making the needed changes manually. While I’d normally script something to do that, because this is a network that I’m not familiar with I’m leery of making automated changes. And it actually helps in understanding the topology of the network.
So I’m back to making those changes and waiting on the server team to get my Nedi server over to me to configure. I’ll do an update later letting everyone know how it’s going.
