understanding a network?

JNeko

Still waiting for things to calm down to find a date to sit the CCNA, I will keep you guys posted, until then...

Can I ask your guys' opinion on something? this may be a stupid question

lets say you are brought in as top network coordinater in medium sized enterprise company, to manage an already existing network.
you know nothing about the network, topology, hardware, nothing. where do you begin? what do you need to find out? what questions do you begin to ask?

off my head:

server/user platforms
previous problems
tech budget
server/switch room
hardware vendor and specs: computers, servers, medium, net devices
routing protocol methodology
topology schema, blue prints of the building structure
administrative hierarchy, support above and below you
address flexibility, predictability, scalability
what security precautions where taken before
peripherals and their netware, like print management and LPT one
limits and breaking points, how much throughput can the network take before creating storms or getting really bogged down

Another reason I ask this is because if I wanted to understand the network framework of an institution, for whatever reason, I would like a kind of comprehensive check list to go by.

What else should we look at?

Thanks very much.

J

rakem

i would physically walk around and see what they have for myself. then check how everything is cabled up. then check configs and stuff....

ignign0kt

Umm.. the first thing I'd do was ask for any documentation they have :P

rakem

ignign0kt wrote:

Umm.. the first thing I'd do was ask for any documentation they have :P

and if its a typical I.T department they will say "documentation? ummmmm........"

lol

JNeko

rakem wrote:

ignign0kt wrote:

Umm.. the first thing I'd do was ask for any documentation they have :P

and if its a typical I.T department they will say "documentation? ummmmm........"

lol

Exactly my point. Also, many companies will not give out documentation of some of this stuff, even if they had them, for security reasons. Many people are just put into these situations with nothing to go from. So where do you begin? Anyone with experience care to comment. Thanks.

J

networker050184

Like said before walk, around and see what equipment you have and go from there. Also talk to the other personell that work there. How can they expect you to work on this equipment if they won't give you documentation???? Security reasons???? Usually if your position requires you to work on systems you are cleared to see the documentation that goes along with it.

gabrielbtoledo

I agree with networker050184, unless they brought you to make "that" documentation.

datchcha

I also agree. If the client/company will not show you documentation for the network, you can safely guess they do not have documentation, and they want you to document/map the network infrastructure.

Walk around and inspect the equipment. Also log into reach router via Concole cable, and map the network out by using the sh cdp neighbor detail command. This would be a nice start.

r_durant

...but you guys know that "most" companies don't have their network documented. Even if you do get documentation, I can bet it's not up-to-date...things upgraded or relocated to another part of the network and so on...

Best bet is as most said...ask for documentation, but do your own walk-around, then compare your findings to the documentation....asking questions along the way.

Trust me..I'm the newest member of my IT group and I've been taxed with a similar task...imagine that!! It can be frustrating, but fun...you get to learn the network inside out...

Cucumber

lets say you are brought in as top network coordinater in medium sized enterprise company, to manage an already existing network.
you know nothing about the network, topology, hardware, nothing. where do you begin? what do you need to find out? what questions do you begin to ask?

You wont get many answers if you just ask for information, there is usually one guy who may give the info, but you will surely have to gather it on your own. The first things I would do:

1. map the network, maybe using show cdp neighbors

2. get to know the cabling routes, racks, equipment positions, even telephone lines patch panels

3. Save all the configs of all the equipment, for routers save the startup-config,
for servers having databases, do a complete backup. Implement a backup
plan ASAP if there isnt one operating already.

4. do a complete hardware and software inventory, get to know what spare equipment you have and what equipment is installed, gather part numbers vs serial numbers, try to verify this is what you should have. This will help you know how big can your network grow in the short term, and whether you are ready for sudden equipment failure. Also, you can spot missing hardware
from day one. Software inventory will help you know what solutions you can offer and which
you cant.

5. Look after existing support contracts and what are you entitled for.

6. ascertain what WAN/MAN links and telephone trunks (whether digital or analog) the company is paying for, these are expensive and usually there are links and/or telephone lines that are being payed but not being used.

7. check how good is the redundancy design of the network, check servers have dual
cards connecting to different switches, check the access switches have redundant
connections to distribution switches, check there is redundancy between core switches,
verify you have WAN redundancy with remote offices, etc, make failover tests over the weekend.
If you find a redundancy design problem, fix this ASAP, you dont want to have your network down the first week in the job.

8. look after big security holes, like wireless networks not using authentication, improper
switch trunk configurations, make sure only authorized users can access the network
equipment, etc

9. Everything else would take some time, like gathering the IP addressing scheme and deciding whether it is good or not, check the routing protocols being used and make sure you are not using too many of them, monitor the network -run a sniffer on span ports, monitor your WAN links-, etc

r_durant

Some really good info there....got to add those points to my notes

Just be wary that it may not be a cisco shop and you may need to get some third-party tool to try to map out the network...

1. map the network, maybe using show cdp neighbors

We have a mixed Cisco & Nortel shop and I wasn't too experienced with Nortel, so I had to get some support with those devices....but once SNMP is enabled, you should be able to monitor or get some info from the devices....

dtlokee

networker050184 wrote:

Like said before walk, around and see what equipment you have and go from there. Also talk to the other personell that work there. How can they expect you to work on this equipment if they won't give you documentation???? Security reasons???? Usually if your position requires you to work on systems you are cleared to see the documentation that goes along with it.

A company I wrked for had a clause about requiring all security clearences required by the company to be taken care of before of before the contract went into effect. This stemmed from a multi million dollar contract that we could not deliver on becaue the company had a lenghty background check requirement before people were allowed into their datacenters (I held government securty clearence at the time but they required their own background check). The end result was we were sued for failing to deliver on the contract by the company. I don't kow the outcome of the lawsuit, it was ongoing for 2 years after I left the company.

JNeko

Thanks everyone for the replies so far and to Cucumber for that great one.

Just to clarify, the reason I said they might not let me see any documentation (providing it is available) for security reasons is because I mentioned in the first post that I might be just wanting to gather information on the network, for whatever reason, so might not even be an employee there, maybe I just go there often and want to become more technological aware of my surroundings. That's all.

I thank Cucumber again for his post, you see, as I heard a guy said the other day, there are a 1000 different things you need to do if you were brought in to admin a network, and while "walking around and checking equipment" might mean 1000 different tasks to me, it might mean only 10 to the next guy, it might also mean 1000 tasks to another guy, but each one of those 1000 being different than mine. I think we will all go about this in a different way, in the least, a different order.

So what else? What other tasks does your guys "walking around and checking equipment" compose of?

J

SanKuKaï

Inventory... I really think that's THE starting point of any IT management, and then you can have a coffee break! Because it is for sure a pain in the neck if you are entering a company which has never heard about standardization....

datchcha

r_durant wrote:

Some really good info there....got to add those points to my notes

Just be wary that it may not be a cisco shop and you may need to get some third-party tool to try to map out the network...

1. map the network, maybe using show cdp neighbors

We have a mixed Cisco & Nortel shop and I wasn't too experienced with Nortel, so I had to get some support with those devices....but once SNMP is enabled, you should be able to monitor or get some info from the devices....

Doesn't Nortel equipment use UNIX commands? Never really worked on one.

r_durant

datchcha wrote:

r_durant wrote:

Some really good info there....got to add those points to my notes

Just be wary that it may not be a cisco shop and you may need to get some third-party tool to try to map out the network...

1. map the network, maybe using show cdp neighbors

We have a mixed Cisco & Nortel shop and I wasn't too experienced with Nortel, so I had to get some support with those devices....but once SNMP is enabled, you should be able to monitor or get some info from the devices....

Doesn't Nortel equipment use UNIX commands? Never really worked on one.

The commands are kinda similar to Cisco to be honest...for example

show ip routes, but you can't abbreviate them it seems...
show ip circuits, is something similar to "sh ip int bri"
show ip rip interfaces....

But I use an application called Site Manager, that basically allows you to do everything....so i'm not too familiar with most of the commands, plus we are swapping them out for cisco routers...

dtlokee

If you have access to the router/switch consoles there are a number of commercially available network mapping software packages which will automatically log into the routers and switches, gather information and produce diagrams (visio or otherwise). This can save hundreds of hours of time spent mapping a network.

Pash

ignign0kt wrote:

Umm.. the first thing I'd do was ask for any documentation they have :P

Ohh god no, don't do that

Like others have said, IT always look a litttle bemused when people ask for documentation or "up to date" documentation. Although most customers we have often have IT managers who give you reasonably well kept network digrams, although always check IP's for yourself.

I would do what others have suggested above, arrange visits to check the network out. Check where everything is installed, check cabling, update the network diagrams and make sure the information is correct. Bobs your uncle.

Cheers,