Based on work by DoIT Network Services, UW-Madison The Network and the Role of Tools January 6, 2006 Based on work by DoIT Network Services, UW-Madison Ron Kraemer, Deputy CIO

The Campus Network was… ATM LANE with 5 or 6 routers. Centrally-managed configurations for 50-75 devices. Campus departments administered their own local networks (no qualification process). “Hodgepodge” of hardware, software, procedures and network designs.

The Campus Network is… Standardized on Cisco equipment. 10 Gb/s backbone. 1 Gb/s departmental connections. A centrally-purchased and centrally-managed core network. Embracing department engagement.

Campus Network Details Nearly 900 Cisco network devices. A few Juniper and NetScreen devices. 49,700+ managed ports. The number of managed buildings, devices, and ports grows daily. Common network management tools.

Network Management Strategy Data current as of December 2005

Key Strategies and Tools Sustainable funding model Continuous communications Campus-wide wireless service with distributed guest account administration 24x7 network operations center Relationship with UW Police and Physical Plant Continually update tools Empower department IT staff to manage some things that are important to them using a powerful set of web-based network monitoring and administration tools

AANTS: Authorized Agent Network Tool Suite Loosely-coupled set of web-based utilities for network administration. Tools are team-developed in-house, optimized toward local networking practices, driven by user need. About 244 trained network administrators. Allow users (campus LAN administrators and network engineers) to manage network devices, change device configurations, troubleshoot, inspect traffic data, coordinate with users, and perform other network management tasks.

LookingGlass Run command-line operations on devices and view results. View ethernet switch logs. Useful for troubleshooting.

NetStats Graph router interface and switch port statistics. Time-series summary graphs displaying different types of traffic statistics at the campus network border. Searchable interface to traffic statistics. Uses free tools (like MRTG) to gather and present stats

NetWatch Locate a host given a MAC or IP address. Discover which devices are connected to a specific switch.

EdgeConf Configure device ports (2,079 port changes 1/4/2006). Perform multiple port changes as one transaction. Examine switch port configurations and other switch information. Users can only change devices/ports for which they are authorized.

VlanFinder Discovers all currently active VLANs. User selects one or more VLANs. Display devices and ports on which the VLANs are active. Display VLAN attributes: Configuration of routed VLAN interfaces Any trunk allowed VLANs VLAN Spanning Tree Protocol priorities Device names and ports will be hot-linked (where applicable) to EdgeConf.

MailByDevice Select one or more network devices. Find all VLANs on each device. Get all technical and administrative contacts for each VLAN from the WiscNIC database. User can compose an email message. Message will be mailed to all users. Used to alert users when certain devices are going to be affected by NS actions.

CodePusher Push commands, operating code, or configuration code to selected network devices. Run command-line directives (e.g. ‘show int’). Upgrade system software. Modify device configurations. Manage ACLs. Parallelized for maximum efficiency. Can specify a delayed device restart date/time. Parses results into log files which can be viewed from the web browser . Performs error-checking. Reports results via email.

Summary Most network administrators throughout campus feel empowered. Users manage their local networks. Users determine tools emphasis and direction. Improved campus relations. Improved security management. “Cost-smart” for campus. Enables more effective response to challenges (security) and opportunities (better services).