Network Mapping

chmorin

I'm tasked with needing to create a map of our current networking scheme where I work, and it is been poorly documented in the past. I'm trying to fix this.

I currently run ubuntu on this machine, but could get windows running if needed. Is there a tool I could use to give myself a rough graphical network map? So far my research has been for naught.

Thank you,

Chris

jwedlund

Ok I'm not sure if this will answer the question about documenting the network or not. But Microsoft has visio which i think you have to purchase separately and if i'm reading the question right that will allow you to do what you need. I don't know of anything for linux so maybe someone else does.

thenjduke

Visio is a really good tool for this or smart draw. Both you have to pay for.

qplayed

Linux : Kivio or Dia
Windows: Dia or Cade

HTH

chmorin

Sorry if my initial post was not detailed enough, what I am looking for is something to go through out the network and get the active connections, and devices they are connected to.

We use visio to document this, and I will use that. What I am looking for now is a means to have a quick graphical representation of my network generated on the fly.

mikem2te

chmorin wrote: »

Sorry if my initial post was not detailed enough, what I am looking for is something to go through out the network and get the active connections, and devices they are connected to.

We use visio to document this, and I will use that. What I am looking for now is a means to have a quick graphical representation of my network generated on the fly.

You could try nagios or zenoss

dynamik

Topology map in Zenmap: Surfing the Network Topology

chmorin

Thank you very much mike, and everyone!

DevilWAH

Just to add my thoughts..

assuming you are looking to make one physical site, I would say do it the old fassion way. Log on to each device and see where it is connected to manualy.

I found that most mapping software assumes that you network is configured to a degree that it all makes sence. When I came in to this job I tried a few mapping softwares, but they all either completly failed, or left so many gaps that it was quicker at the end of the day to do it by hand.

If for instance you network devices don't have host names or snmp set up, then mapping software will get you no where, apart from a big pretty picture that dosent acutualy tell you much more than you already know.

I used VISIO and the CLI, and as i went round I labled/corrected devices and link names on they way.

trackit

yeah, i would do it manually too... this way you can at least be sure of what you did, maping software is usually far from perfect.

chmorin

Absolutely. What good am I if I don't do things the detailed correct way.

I'm just looking for a quick reference for a temporary fix to show progress.

mikem2te

chmorin wrote: »

Absolutely. What good am I if I don't do things the detailed correct way.

I'm just looking for a quick reference for a temporary fix to show progress.

I would start off with the scanner mapping software (it's usually quick and gets you 25-75% of the way there) then hit the manual approach. Manual using "show cdp neighbours" is cool and the "walk around" identifying all the boxes is good but there is almost always an ethernet cable going off to some obscure location.

Roof spaces above suspended ceilings are a nightmare, I've seen switches hidden in roof spaces, wifi access points behind cupboards, all sorts. Infact in some cases I was told they were there but could never actually find them.

A network scanner would more often that not reveal these little mischievous network devices!!

DevilWAH

When I startee mapping my network I was for ever going of to find a device and plug in the consol calbe becuase the password had been lost, or it jsut had never been configured. And to be honset I found my self doing this with about 90% of the devices.

I agree find any freee mapping tool you can get your hands on and run it on your network. it will give you an "idea" in a very lose sence in 5min. But then if you want something that is any use be prepared to do a lot of walking and even crawling before you have a network map any where near accatable.

The funny thing is by the time you have got your network in a state that mapping software will work on it. you will know it inside out any way.

ColbyG

I've yet to find one that works all that well.

mikem2te

ColbyG wrote: »

I've yet to find one that works all that well.

Fortunately (or unfortunately) in my last place of work the head network guy would just unbox the switches, set the password, enable full public snmp access and rack em' up.

An SNMP scan would give soooo much information.

DevilWAH

mikem2te wrote: »

Fortunately (or unfortunately) in my last place of work the head network guy would just unbox the switches, set the password, enable full public snmp access and rack em' up.

An SNMP scan would give soooo much information.

But did he set usefull host names??? That's the big one.

mikem2te

DevilWAH wrote: »

But did he set usefull host names??? That's the big one.

Some hand names, not that they helped in identifying things. Before I joined the company they had a habit of naming things after mythical / fantasy characters.

chrisone

Normally you would do this manually. CDP is a network engineers best friend, also tracing MAC addresses and finding out which ports they are sourced from can do wonders in mapping out a network. I never have used software to do this type of work. Doing it manually will help you to better understand the Network in the end.

mzinz

sh cdp nei

There are some programs that can draw it for you, but you'll get a better understanding if you use CDP and trace it out yourself.

DevilWAH

mikem2te wrote: »

Some hand names, not that they helped in identifying things. Before I joined the company they had a habit of naming things after mythical / fantasy characters.

LOL great!! nope names should be meaning full (even if cryptic and you need a key to resolve them)

It's amazing how user full the show CDP neighbour command is in day to day use, so its worth really taking the time to not only get a drawn map, but label trunks, and put as much info on the devices them selves. So when you are logged on and work, you don't have to hunt around for documentation just a few show commands and its all there.

show cdp neighbours and
show int description

are so useful but only if you take the time to set it up in the first place.

mikem2te

DevilWAH wrote: »

LOL great!! nope names should be meaning full (even if cryptic and you need a key to resolve them)

It's amazing how user full the show CDP neighbour command is in day to day use, so its worth really taking the time to not only get a drawn map, but label trunks, and put as much info on the devices them selves. So when you are logged on and work, you don't have to hunt around for documentation just a few show commands and its all there.

show cdp neighbours and
show int description

are so useful but only if you take the time to set it up in the first place.

Do you guys find many non Cisco switches and routers supporting CDP? I have a few non Cisco IP phones which send CDP packets - they show up on the cdp neighbours command.

Please forgive me for suggesting anyone uses non Cisco gear.

DevilWAH

you have a very good point and I was thinking that as well. however you can still use mac address tables and so forth to carry out a manual map.

And to be honest devices that don't support some kind of discovery protocal are going to struggle with mapping software.

Do HP devices had an equilivent of CDP? (sorry i'm 100% cisco here)

And lasty this is the CCNP forum

chrisone

DevilWAH wrote: »

Do HP devices had an equilivent of CDP? (sorry i'm 100% cisco here)

And lasty this is the CCNP forum

Yes the HP devices support CDP. I have many access layer HP switches that do the job just fine and on our Cisco core devices i see the HP Access layer switches fine with CDP.

mikem2te

DevilWAH wrote: »

And lasty this is the CCNP forum

I know but it is a nice discussion

chrisone wrote: »

Yes the HP devices support CDP. I have many access layer HP switches that do the job just fine and on our Cisco core devices i see the HP Access layer switches fine with CDP.

Cool, I wonder if anything will change now Cisco and HP have fallen out with each other - probably not.

DevilWAH

chrisone wrote: »

Yes the HP devices support CDP. I have many access layer HP switches that do the job just fine and on our Cisco core devices i see the HP Access layer switches fine with CDP.

Cool nice to know its a kind of standard. I was lucky (on may be not) in that I was thrown in with no experience to a 100% (or moving to 100%) cisco site. It has been a massive help in my certificates, but I do wonder how other manafactures deal with networking. How easy is it to go from HP to CISCO and back? I was just wondering if its worth getting some non cisco kit for my rack just to play around on.

mikem2te

DevilWAH wrote: »

Cool nice to know its a kind of standard. I was lucky (on may be not) in that I was thrown in with no experience to a 100% (or moving to 100%) cisco site. It has been a massive help in my certificates, but I do wonder how other manafactures deal with networking. How easy is it to go from HP to CISCO and back? I was just wondering if its worth getting some non cisco kit for my rack just to play around on.

I have a couple of Netgear switches, they are nice but they seem to strip of the vlan tags on PVST BPDUs resulting in loads of spanning tree errors showing on the Cisco gear.

Stopped it by doing a "no spanning-tree" on all vlans apart from vlan 1. I'll investigate a proper solution one day.

chmorin

Ah STP... those labs made me giggle. It was fun watching packets fail at life.

Anyway, thanks for the wise words! Because of my part time status I'm straining to get access to the switches, but I plan on doing a walk around of show cdp neigh commands on every switch in the network. It could easily take a month or two. My goal is properly label all lines to switches, and label to what location each patch panel port goes to on a clipboard or something. This way you can walk in, and know exactly what goes where just by looking at the switches in front of you, or a clipboard reference for the locations on the patch panel. This would be on top of the map I would be making.

This makeover is much needed in my environment, the previous LAN Admin had no clue how to properly manage his switches. I left zen running when i left work, hopefully ill have some results!

tiersten

chrisone wrote: »

Yes the HP devices support CDP. I have many access layer HP switches that do the job just fine and on our Cisco core devices i see the HP Access layer switches fine with CDP.

HP have dropped support for CDP in the ProCurves made in the last few years. At one point they only had receive capability but it eventually got replaced with LLDP only. For some ProCurves which originally had CDP no longer have it after firmware upgrades.

Forsaken_GA

if you want good reliable information on your network, I've yet to find one tool that's perfect for it. I've tried pretty much everything, and come to the conclusion that a manual walkthru to physically inventory all of the network gear, along with an nmap scan of your ip space will pretty much find everything (of course, there's always the chance that there's a dumb switch/hub sitting in a wiring closet somewhere that's been lost to memory, but still have a network connection...)

Once that's done, develop a provisioning MOP and make sure it is followed to the letter (cables labelled properly, cables proper color, network documentation updates appropriately, monitoring enabled, etc).