| QUESTION & ANSWER |
When router management is your worst nightmare |
 |
By Amy Storer, News Writer
11 Apr 2005 | SearchNetworking.com |
|
|
Michael W. Lucas is a network engineer with decades of experience in corporate networks. Recently, Lucas authored Cisco Routers for the Desperate, which he said is "designed to be read once, and then left on top of the router until something breaks."
Lucas spoke with SearchNetworking.com about networking issues and Cisco router futures and provided helpful tips for the "desperate" IT pros who need quick fixes to common router problems.
Your book addresses the person that's not necessarily IT savvy, but instead just found himself "in charge" of his organization's network. Is this a growing phenomenon?
Michael W. Lucas: I see a lot of people that I think of as "tangential IT" -- project managers, developers and graphic designers -- being stuck managing the network. This is the "computer guy" phenomenon: "You're the computer guy, you know all about this stuff, take care of it!" I haven't made any sort of formal study, but it certainly seems to be more common than it was a decade ago.
Can you pinpoint a few helpful tips for network managers to keep in mind when dealing with a Cisco router?
Lucas: The most common error I see is that people don't back up their router configurations. Once you start changing the configuration, it's easy to reach a point where nothing works anymore. Cisco routers keep their configuration as a text file, so there's really no excuse for not keeping a working configuration on hand. You can even print it out and store it in your desk.
Many small organizations don't have the manpower to staff a full-time help desk, let alone a full-time network person. Yet they have a T1 to the Net, and someone has to take care of it. It might as well be the tangential IT person, because he or she is probably somewhat better qualified than the secretary.
Security is a big issue across the board. Can you give me any secrets to securing Cisco router weaknesses?
Lucas: Use Secure Shell (SSH) to log in. Telnet has been known to be insecure for years now, and a lot of people still use it with no regard for the safety of their networks. SSH provides a huge level of protection for very little pain. Also, log your router activity -- not all the packets, but basic facts such as interface changes, manager logins and system problems. These logs are invaluable when you're trying to solve a problem.
Between SSH and logging, it's very easy to set up individual usernames for each network administrator. This lets you track down who logged in last, and when changes were made.
How common is it that misconfigurations contribute to overall network latency?
Lucas: Quite common, sadly. Very few of us actually use our whole Internet bandwidth, meaning that the upstream bandwidth isn't really the problem. It's something internal to the user's network. Most times, this is due to a lack of knowledge on the network manager's part.
How does Cisco fare in its router manageability?
Lucas: Cisco has done the best job possible in keeping their routers manageable. Its Web site is an excellent resource for even the most modern configurations. I'm especially pleased by the way that it has kept older commands around for compatibility.
The problem is that the real world has gotten a lot more complicated! A decade ago, if you had a T1 you were a big shop. Today, you're expected to cope with at least the bandwidth of a T1 and it's much more mission critical than it used to be. We have to cope with VoIP, with denial-of-service attacks, with the whole hostile world that the Internet has become. This makes the router harder to manage, but it's not Cisco's fault.
Is IOS an asset or a liability when it comes to router configuration?
Lucas: I think it's an asset, but then I've been playing with Unix for a couple of decades now. I find a reliable command line infinitely easier than some GUI that may or may not run on your particular desktop at the moment you need it.
I strongly recommend tracking your bandwidth usage with Multi Router Traffic Grapher (MRTG) or some other tool that generates graphs over time. Most companies -- not all, but most -- are over-served with bandwidth.
Can you forecast anything that will be of increasing/decreasing importance with the Cisco routers of tomorrow?
Lucas: I think that we'll have to deal more and more with real-time traffic on a network designed largely for asynchronous communication. People are delivering TV and teleconferencing over the Internet, which is about as real time as you can get. This means we'll have to focus more on traffic prioritization over networks that were never meant for it.
Has router complexity reached the point where companies must invest in third-party configuration management software?
Lucas: Absolutely not! Routers are simple. If you know the very basic facts about networking, you can manage your router. Many companies have tried to develop products to replace knowledge in a variety of fields; most of them have failed. These configuration management tools most often provide a sense of false confidence.
Do you see Cisco routers becoming easier or more difficult to manage during the next decade?
Lucas: Harder, unquestionably. Not because the routers will change that much, but because the real world will be so much more complicated. The routers will be bigger and faster, of course, but they'll still be shuffling packets from one place to another.
We'll still have IP addresses, even if they might look a little different or have extra features, and we'll still have our default routes on most networks, dumping our Internet traffic out our one lone router.
|
|
|
|
