Rediscovering the Lost Network
As your network grows, your organization changes or new technologies come and go, it becomes harder and harder to keep up with what's running on your infrastructure. You should rein in "the lost network" with a combination of Layer 2 and 3 discovery tools.
Sir Arthur Conan Doyle's novel "The Lost World" depicts a plateau in South America complete with dinosaurs and other prehistoric creatures. To think that an entire sub-continent could lie undiscovered hidden from the rest of civilization.
Yet a similar thing could be happening in networks all over the world. How? It's all to do with the hectic pace of change. Planned or unplanned changes happen all the time: IT integration of branches and locations due to mergers and acquisitions; disruptive technology like virtualization; global corporate expansions; office reallocations; purchasing of new hardware; and datacenter consolidation projects. They all introduce the need for a complete re-discovery of the infrastructure, hardware assets and port to port connectivity.
"If you don't know what you have running in your infrastructure, or how devices in your network are connected, their interdependencies, and their locations; how simple can it be to secure your network, or locate problems and resolve them before the impact of a failure is realized," asked Marina Gil-Santamaria, director of product marketing management for Ipswitch's network management division. "Establishing that device connectivity is not the source of problems is one of the first priorities when troubleshooting network issues."
She suggested the use of a Layer 2/3 discovery tool to identify the physical server and virtual resources that have been deployed, how they are mapped and how everything is connected down to the individual port. Further, discovery should be run periodically, more frequently for larger organizations or if the network is distributed.
"Layer 2/3 discovery is an eye opener for many organizations since they discover pieces of hardware unaccounted for or inter-device connections that they didn't even know they were there," said Gil-Santamaria. "Once you have a hardware inventory in place, you can use it to document your network to simplify troubleshooting tasks, for auditing purposes or simply to try to reduce costs by repurposing unused resources."
WLANs can also be a factor in "lost" networks. WLANs include Access Points (APs) to which the users connect, the controllers behind the APs (alternatively, the AP's can be intelligent), the Layer 2 LAN switches the APs connect to, authentication servers, routers and the protocols in use. All of the elements have to be configured properly in order for the user to connect to the WLAN infrastructure and for data to be transmitted successfully over that connection. From a Layer 2 perspective, each AP must physically connect to a LAN switch and reside in a VLAN. These can be single-port connections (one VLAN) or trunk connections (multiple VLANs). Secondary to the Layer 2 LAN/VLAN is the routing of the traffic. In most cases, the APs reside on one VLAN, the authentication servers reside on another, and DHCP servers reside on yet another. In order to communicate across VLANs, the traffic must be routed, and in most cases, this requires adding the WLAN VLANs to the router interfaces. So a WLAN architecture adds an extra later of complexity when discovering and mapping devices and port-to-port connectivity.
On the Layer 3 side, discovery identifies systems or network devices in the infrastructure using higher layer protocols such as ICMP (ping), SNMP, or IP addressing. Many organizations have some type of Layer 3 discovery in place based on whichever network management tool they use, and Layer 3 discovery tools are more prevalent than Layer 2 discovery tools in organizations of all sizes.
"The major limitation of Layer 3 discovery is that the physical connectivity between devices in the network is not automatically established," said Gil-Santamaria. "Connectivity between devices or systems (a Layer 2 discovery) must be manually established by network management personnel and this process is really tedious, time consuming, resource intensive and prone to errors."
Ipswitch WhatsUp WhatsConnected offers a stand-alone solution (that can also integrate with an existing WhatsUp Gold installation) that can discover, map and document network devices, servers, VMware virtual machines, VLANs and port to port connectivity.
According to Gil-Santamaria, WhatsConnected uses a number of Layer 2 and Layer 3 discovery technologies, including ARP, SNMP,SSH, Virtual Infrastructure Management, IP addressing, ICMP and LLDP in combination with proprietary mechanisms to build a complete picture of network devices and their interconnections. This includes devices without IP addresses.
"You can see which routers are attached to which switches and how switches are connected to one another and any other device in your network," she said. "For example, you can discover base hardware, VMware OS and all virtualized machines and operating systems, and provides the associations, interdependencies and characteristics of every virtualized system."
This saves time and resources versus manually documenting a VMware deployment, or conducting a visual port-by-port connectivity verification and documentation process. Having accurate topology and connectivity information also aids in faster troubleshooting (easier to deduce network paths); ensure compliance with audits (e.g. accurate and up-to-date inventory is required by most regulatory frameworks) and helps optimize monitoring workloads (for e.g. stop monitoring ports without connected end points).