There is a credit card commercial that asks, "What's in your wallet?" I'm going to ask, "What's in your network?" Sure, you might be able to tell me what's in your network right now, but can you still tell me about a device when it's down? Its model and serial number? The modules or line cards installed? Which interfaces are in use and how much bandwidth they use?

 

Maybe you have all that, so let's kick it up a notch. Can you tell me what the configuration of the device was last night? What about last week or last month? Some of these bits of information can be important when troubleshooting or when you have to replace a failed piece of equipment. If you are new at this, you may not realize that some changes can take long periods of time to impact your network. Sometimes they don't actually kick in until a device is rebooted or when a failover takes place. This can lead to misdiagnosing the cause of a failure.


I actually had something like this happen last week. I did a failover to a secondary load balancer so I could install a new license on the primary. While I was working on this, we started getting reports of an encryption certificate. It turned out the certificate configuration on the secondary unit hadn't been completed correctly months ago. However, from my immediate perspective, no configuration had changed...


On a related note, are you using centralized logging or are all your logs on your devices? If you aren't using centralized logging, you are taking away an important troubleshooting tool. Don't turn off local logging, it's really inconvenient when it's not there, but supplement that with centralized logs that you keep longer and will survive a reboot. Centralized logs also let you see all the events happening in your environment at the same time. This makes it much easier to correlate events when tracking down a root cause.


So I ask, do you know what's in your network? What other ideas and tools do you have for helping know your network?