Your servers and the applications they run are probably well maintained and thoroughly documented. But if you're like most organizations, your network—that is, the switches, routers, access points (APs), and cabling that make up the physical infrastructure backbone of your organization—might be overlooked. Most networking equipment, when it's configured correctly at the start, "just works," requiring little day-to-day intervention.
Until something goes wrong.
Having a well maintained and well documented network is crucial to easing the burden of recovery in the event that something does go wrong. This is especially true in today's always-connected, Web 2.0, cloud-based world. In this article, I'll highlight some of the best practices that I often see in strong SMB networks. Many, if not all, of these practices are steps you can start taking today with minimal effort.
Mapping
A critical piece of documentation that you must have in your environment is a network diagram. Network diagrams range in size from scratches on the back of a napkin to multipage Microsoft Office Visio diagrams that show every last piece of hooked-up equipment, including serial number, IP address, name, location, and color. For SMB networks, keeping things simple often works best. Highlighting the major components and how they're connected in a high-level diagram is the most crucial aspect.
So, it's time to buckle down and draw a diagram. I recommend illustrating your connection(s) to the Internet, any and all routers and firewalls, and any switch that supports 24 or more ports. If you have smaller desktop switches, consider highlighting them on a separate diagram that shows nothing but these switches and their uplinks to your larger switches. If you have only smaller desktop switches, include them in the primary diagram. Having diagrams that you can refer to that show the entire physical switching topology of your network is critical, especially if you're not utilizing the Spanning Tree Protocol (STP) to protect your network from switching loops.
Figure 1 shows an example of a high-level diagram, and Figure 2 shows an example of a diagram consisting of smaller desktop switches and their uplinks.
Figure 1: High-level network map
Figure 2: Granular network map
Although you can perform this task manually, several tools are available for simplifying the process. If you have Microsoft Office Visio, plug-ins such as SolarWinds LANsurveyor Express will attempt to sniff your network and determine the devices you have and their location. Free tools, such as the uber-management tool Spiceworks, also include the ability to create a network map. Be aware, however, that such tools might not be able to detect all your devices. In my case, when I ran Spiceworks' mapping tool, it omitted some unmanaged desktop switches, which I then had to manually add to the diagram. So, these kinds of tools are a great starting point, but make sure you reconcile their output and not consider their findings 100 percent accurate.
Once you have your diagram created, commit yourself to keeping it up to date. By doing so, you ensure that you have a document that you can easily refer to when you need to make topology changes—and you'll no longer have to just guess how your equipment is interconnected. Likewise, if you're subject to any type of audit that requires a topology diagram, you’ve already accomplished one part of the audit requirements!
Addressing
You also need to maintain a list of statically assigned IP addresses—often assigned to servers and fixed equipment such as large printers and APs, as opposed to desktops—that you can refer to and keep updated. Again, simplicity is best: A Microsoft Office Excel spreadsheet is ideal for this purpose.
Resist the urge to be too simple, however, by including only the name of the server or equipment and the IP address you assigned to it. You should also consider including details such as any DHCP scopes you've assigned, public IP addresses assigned by your ISP that you've mapped with NAT to private IP addresses assigned by you within your network, as well as Internet hostnames (e.g., the hostname for your mail server—mail.youdomain.com, for example—and web server). Figure 3 shows a sample Excel spreadsheet that displays the information you might consider including.
Figure 3: IP address list
Software is available to help with this task. Vendors such as Colasoft and SolarWinds would love to sell you a suite of appropriate network-management tools, but they also offer free utilities that can help you. Colasoft offers a free MAC address scanner that scans entire subnets and provides a list of IP and MAC address pairs, and it attempts to determine the equipment manufacturer based on the first 24 bits of the MAC address. If you don't want to use Excel at all, you don't have to! SolarWinds offers a free IP address management tool that scans your network to determine the IP addresses in use, then provides a report. You can rerun the scanner to stay up to date without having to remember to update your spreadsheet. This solution helps you avoid any "fat finger" errors.
Once you've created your list of IP addresses, commit yourself to keeping it current. As with your network diagram, you're ensuring that you have a document that you can easily refer to when changes are necessary. Nothing is more frustrating than assigning an IP address that’s already in use to the new server you just bought!