There are all types of networks with different types of redundancy and connections and all types of environments with all levels of skills and change management processes, but the uptime of the network will often be dependent on the diligence of the network administrator. This list outlines good habits that prevent common pitfalls. Although this one is geared towards Cisco, it is true across many platforms.
1. Train your eyes for mistakes.
I’ve seen networks down for not just hours but days because one part of the configuration has a mistyped IP address in the second or third octet and it just keeps getting looked over. Read the entire IP address; memorize valid masks and their corresponding wildcard masks.
2. If you redistribute, filter.
Route redistribution will kick you in the teeth if you do it carelessly. Redistribute only when it is the right solution for the job. Use a distribution list, prefix list, or route map to obtain the specific results you want.
You should be even more careful with two-way route redistribution, look into using tags to tag the routes you’ve already redistributed to make sure you are not bringing them back into the process again.
3. Improve your test plan.
Making a network change and then pinging a couple of interfaces may be a typical test plan in many environments but it doesn’t mean too much if your customers come in the next day and their systems can’t get across the network. Test your change by running or having a customer run critical systems after the change.
4. Turn on logging for any critical process and interface.
Enabling log-neighbor-changes on your routing processes, logging event link-status on important interfaces, setting the logging level to informational, expanding the logging buffer, and sending logs to one or more syslog servers will allow you to get key incite to a network outage. It’s better to be told what is wrong then for fishing around for clues later.
5. Be vigilant; look for errors, and if you don’t know why something is in your configs, research.
Take a little time in a device if you haven’t logged into it in a while, or schedule some time to go through and review each device. Check for interface errors and queue drops. Look for configuration items that look wrong, out of place, or you are unfamiliar with and find out why they are there or if they are supposed to be there. Identify parts of the configuration that should have been removed during a previous maintenance.
6. Dump the ‘do’ command mentality.
I have a real love-hate relationship with the "do" command. While it may be convenient at times to make sure things are progressing as expected, it drives me absolutely bonkers when I am assisting other network administrators who log in and go straight into global configuration mode. Be sure to separate all of your work in to the stages of planning, implementation, and verification; and you’ll find you get much better results.
7. Get another pair of eyes on your implementation plan.
Have an implementation plan that is very detailed, so you can basically paste in the changes you need to make and let someone else perform a serious review. Many environments have a peer review process or a Change Advisory Board that is supposed to do this, but all too often something slips through the cracks. The other benefit behind a detailed implementation plan is that your time implementing is significantly reduced.
8. Take your duplex seriously.
Auto-duplex could be the biggest gremlin in the history of networking. Vendors have not been so careful in their implementation of 802.3u and there is no such thing as a Fast Ethernet compliancy testing body like there is for WIFI. There have been documented cases of auto-duplex working fine for years and then it just stops and you have an awful duplex mismatch problem on your hands. Because of the manufacturer’s lack of diligence, that means it falls on you. Never take your duplex settings lightly, it is a serious network change. Even when both sides negotiate full-duplex, switching from auto to full-duplex can bring the link down as it can also disable MDIX when MDIX was making up for your lack of a cross-over cable.
9. Include other sections in your plans.
Let your server administrators and desktop support in on your plans. They will have input on how it will affect them and take their input seriously. If you have a separate engineering and administration section, check with the administrators who will end up maintaining the design you come up with and get their input on the old design; you’ll have a better product.
10. Practice gathering all the information you can without "show run."
The novice knows to look at their configuration for errors. This really only lets you verify the commands you think are there, are actually there. The expert, however, is familiar with the cornucopia of show commands and (use with caution) debug commands out there to tell you the specific problem or verify your implementation.
The world is changing fast. people are also being transformed. day by day we are becoming more dependant on degital system. you are making me think of this really. You have a great method of sharing your thoughts Jelly Gamat
ReplyDelete