Networking Device Standards

17 May 2010 by 8 Comments

When you configure a networking device – a router or switch for purposes of this discussion – do you “wing it”, or do you work off of a standards document?  I prefer to work from a standards document.  I want every device I and my team manage to be as close to identical as possible.  I want to be able to depend on certain features always being the same, no matter what device I’m logging into.

I came from a networking environment that was very structured, with standards governing virtually all aspects of router and switch configuration.  Now that I’m working on a new-to-me network, I’m finding that there were no standards employed.  The result is that the network is configured almost randomly, with no consistency across configurations – very little that can be counted on to function the same from device to device.  Here’s a standards outline I threw together – a dry run at what I need the standards to govern.  What are your additions to this?

1. Naming convention

1.1. Region 1

1.2. Region 2

2. Power connectivity

2.1. Multiple power supplies

2.2. Single power supplies

3. Device management

3.1. Console port & console servers

3.2. Telnet / SSH

3.3. HTTP / HTTPS

3.4. SNMP

3.5. Network management stations

4. Authentication

4.1. Region 1

4.2. Region 2

5. System clock

5.1. NTP

5.2. Timezone

6. Spanning-tree

6.1. Root bridge & backup root bridge

6.2. Connecting access-layer switches

6.3. Port-channeling

7. Production IOS versions

7.1. 6500

7.2. 4500

7.3. 3750

7.4. 3550

7.5. Older hardware platforms

8. Miscellaneous settings

8.1. Logging

8.1.1. Local

8.1.2. Remote

8.2. Enable passwords

8.3. Banners

8.4. Disabling unnecessary services

9. Routing settings

9.1. CEF

9.2. EIGRP

9.3. Static

9.4. Redistribution

9.5. ECMP

9.6. BGP to public Internet

9.7. Multicast

10. Device interface standards

10.1. Access ports

10.1.1. Description

10.1.2. STP settings

10.1.3. Trunking

10.1.4. Storm-control

10.2. Inter-switch links

10.2.1. Description

10.2.2. STP settings

10.2.3. Trunking

10.2.4. Storm-control

10.3. Layer 3 links

10.3.1. Description

10.3.2. STP settings

10.3.3. Trunking

10.3.4. Storm-control

10.4. Tunnels

10.5. Interfaces not in use

11. End-to-end QoS

11.1. Marking

11.2. Congestion management

11.2.1. Routers

11.2.2. Switches

Filed Under: Blogs, Network Management
About Ethan Banks

Ethan Banks, CCIE #20655, is a hands-on networking practitioner who has designed, built and maintained networks for higher education, state government, financial institutions, and technology corporations. Ethan is a host of the Packet Pushers Podcast, which has seen over one million unique downloads, and today reaches a global audience of over ten thousand listeners. Also a writer, Ethan covers network engineering and the networking industry for a variety of IT publications. He is also the editor for the independent community of bloggers at PacketPushers.net. Follow @ecbanks.

  • http://etherealmind.com Etherealmind

    MSTP regions and names
    VLAN numbering schema
    Etherchannel numbering convention
    OSPF settings

  • http://jamdatadude.wordpress.com/ Jason Myers

    IP Address Subnet and Usage standards
    Acceptable Equipment Lists

  • Santino Rizzo

    My engineer group chose to break access ports into data, voice, servers, and wireless_ap since these all have slightly different port configurations.

    PoE
    Port Security
    Flowcontrol
    Netflow

  • Robert Juric

    That is leading to one very large document. Has anyone thought about breaking that up into separate documents for quick reference? I definitely need to document our standards but if I have to browse through a book every time I need to configure a device I can see myself letting that slip.

  • http://kpjungle.wordpress.com Kim Pedersen

    Its a very good idea to create a standards document, but just as important is to make sure ALL engineers do their work based on this document. I find that when you have alot of people working on and especially troubleshooting an outage, they tend to forget these conventions.

  • http://astandofbirches.wordpress.com Ethan Banks

    All great comments, and this article has seen a lot of traffic. I am going to work on revising this list with these comments in mind. I’ll try to get it to a point where people could use it as a starting point for standards of their own and re-post in a fresh article.

  • http://www.mcmis.co.uk John McManus

    VTP Setting
    DNS
    Point to Point Link Standard – numbered/unnumbered
    Port Security standards – might be different for Fix Desktop Area to Laptop Touchdown area for example
    Loopbacks Standards – For Management for Router ID in selection processes like PIM etc
    OSPF Bandwidth Reference.

    Probably a bit to deep but its where to stop.

  • http://www.melcara.com Cody Dumont

    I think you are correct with standards, there are several published stands with NIST and CIS. Also I started makeing tools I call config builders. The config builder is a tool using MS Excel to map standard configs fields in Excel and then I use Excel formulias to build standard configs. You can find these config builders on my blog http://www.melcara.com.