Slashdot Mirror
Complex Network Design Tools?
I'm-Not-A-BOFH asks: "How do you do your large scale network design? I am currently designing a large enterprise network - and there is a ton of information to track and think about. I use AutoCAD, Visio and Cisco Configmaker (which sucks) and many other applications. I am looking for software specifically designed to help you design a network.
What tools do you use - and what tools are out there that maybe are little known? How do you begin to manage network documentation when your hosts get into the thousands and your routers and routes into the hundreds? I am really just interested in the tools used to accomplish this - as all the tools I have been finding are just not adequate or well thought out. Please let me know what you think is invaluable to you when you design your systems."
http://www.research.att.com/sw/tools/graphviz/
http://www.lumeta.com/ipsonar.html
The whiteboard.
A good knowledge of networking protocols, etc.
The hardcore network engineer doesn't need diagrams - sh ip route, sh ip bgp, sh ip ospf, sh cdp neigh, sh arp, sh cam dyn, etc. (in Cisco-speak; there are equivalents for other vendors) are enough to visualize/plan/troubleshoot, quite frankly.
We use Netviz. It is data-driven and all the data for the diagrams can be stored in a database. Create one instance of a router, and that instance can appear in any of your diagrams with all of the properties, links and any number of user-defined attributes. Diagrams can be constructed in a hierarchy with drill-down-to-detail capability. Obviously, this is only one component of many you will need in the design process. It doesn't contain all the device specific config-checking tools that some other vendor-specifc tools have, but who needs those anyway?
Also, another set of tools that you might find useful is Opnet IT guru. If you need to model a proof of concept involving a complex network and application interaction, this can do it.
If you run a very Cisco-centric network (or totally Cisco) you can use IPAT Plus from WANDL. It takes Cisco router configs and builds a network model that can be used for reachability proof and various what-if scenarios.
Opnet
I've been looking at this recently to see how different things will affect my network, since I can't really test them on the live network without making a lot of people and clients really mad. I have not used it yet though.
I prefer to design the network simply using Visio to get a good logical design, and then once that is down, I create another map with the physical layout. Worry about your routing protocols after you have figured out the best logical design (redundancy, required link speeds, etc.). Most network admins have a favorite routing protocol, which for most seems to be EIGRP with cisco equipment. I personally like OSPF because it offers enormous flexibility, and it works with equipment from vendors other than Cisco.
There's a fine line between an ingeniously designed network and something that is overly complex. It takes experience to figure out where that line is. If it seems like you are doing something screwed up, you probably are.
Need Free Juniper/NetScreen Support? JuniperForum
For something that complex, no single tool will do it for you. That said, consider doing your documents in layers. Having a single document that includes all of the gory details of such a large network will be useless. Instead, do a document that describes the high level architecture, then open up each cloud into another document and describe the network topology there, then open up those clouds into documents that get into individual host level information. It is the only reliable way to grow the diagram as necessary and make it possible for others to understand what is going on at a glance.
I generally use Visio for this sort of thing, but planning out a large network using an automated software tool is impossible, at least in my experience. If you can logically group your network at some level, you will find that it will make planning, and/or diagramming your network much easier. Even the largest networks are broken down into several groups at some level, and you have to keep those groups in mind. You should know the usage patterns of these groups, how much bandwidth each group needs, and where they connect to, etc. Logically map out the best performance scenario for these groups. Then start with your smallest groups, and find similarities to form larger groups, until you have encompassed the entire network. I'm assuming that there are probably departmental connections needed, as well as outside connections, but the key is how much each group of people use each resource available.
Many "well-planned" networks fail because they aimed to provide all resources evenly, but in the real-world, this is not the case. Most of the time, a certain group of people use specific resources, and use very little of other resources. Also keep in mind that you must be able to adapt if the resource requirements for a group change, because it will happen. It's the same thing as trying to use a database wizard to optimize your database. A computer just can't do that for you. The software doesn't have all the necessary input parameters to the problem, and even if it did, the problem is NP Hard. So, in reality, it doesn't matter what tool you use to diagram the network, but actual design still has to be done by human insight, or at least a well-trained monkey...
--That's the point of being root, you can do anything you want, even if it's stupid.
If you want to make design, why head to cisco configmaker instead of cisco network designer ?
#include "coucou.h"
First, use visio to design your CORE network. This would include all your high bandwidth, long haul fibre links. Choose a routing protocol (ISIS and OSPF are what most carriers use). If you want to implement newer protocols like MPLS, you still need OSPF or ISIS to run underneath it. Your core network should be layer three only. Avoid using ATM links becuase they add an extra "layer 2.5".
Then, off of each core router, drop gig-e links off to your layer 2/3 routers. If redundancy is a huge issue (which is probabally is), you will probabally have two core layer 3 routers (probably cicso, juniper) with a small number of ports, and two layer 2/3 routers (riverstone, foundry, extreme) with a large number of layer two ports at each major location with gig-e multimode links btween them to provide extra redundancy. Before you go and buy everything, spend time testing this four router configuration (see how long it takes to reroute traffic when links go down). This is especially important if you ever intend on implementing VoIP on your new network.
All critical systems (DNS servers, domain controllers, application servers, VoIP gateways, database servers) should be on the layer 2/3 routers, not on the smaller routers underneath that most "end users" will be connected to throughout each location. Essentially the layer 3 routers are just for core routing, and the layer 2/3 routers will provide most of your functionality.
Once you have everything up and running, use SNMP to monitor your links (most SNMP management software draws your network for you, and it will draw nice broken links when links go down). Good SNMP software will map every network device on you network, as long as you configure SNMP on all your new nodes. Also, make sure you have a really cool NOC (Network Operations Center) with lots of LCD projectors and linux/unix workstations. Make sure you have a good naming convention for all your network links and routers.
Don't deploy at 100% capactiy immediately, run at 10% capacity then work your way up.Many unforseen problems WILL come up (Routers have more bugs than you can imagine). In the end, you will probably have a nice buildingwide, statewide, nationwide, or worldwide modern next-generation (VoIP etc) capapable network.
-n