Network Management Strategies for the CIO
For the vast majority of organizations, network design is a very high-level task. It consists almost exclusively of picking boxes, ports and blades, assigning IP addresses and implementing a brief routing configuration that generally uses all the default choices possible. However, if you're looking to distinguish yourself from your peers, take the time to put some thought into the details of your next network design. Specifically, carefully consider one of the most overlooked and neglected concepts in modern networking, which is the interrelation of the network protocols that operate at different layers.
In most modern corporate networks, you have an Interior Gateway Protocol (OSPF, RIP, etc.) in the core, HSRP or VRRP in the access layer and Spanning-Tree Protocol scattered around. Each of these protocols allow routers or switches to communicate with each other and each protocol has configurable timers to control their convergence. If you're in a larger environment, using more complex hardware, you may also add an Exterior Gateway Protocol (BGP) and proprietary protocols like Cisco's "Nonstop Forwarding with Stateful Switchover" (NSF and SSO) into this mix.
The key here is understanding that "network convergence" doesn't happen at each layer in a vacuum. Each layer affects the other layers. So, when it comes to fine-tuning your network design, you want to understand which protocols you plan to use, because there are a lot of options available to you, and
Requires Free Membership to View
then tweak the timers so that you minimize the time it takes to restore service in an outage, without creating instability in the network.
For example, if BGP advertisements depend on the IGP, as they often do, before BGP will converge, your IGP needs to converge. Before your IGP converges, often, your Spanning-Tree Protocol will have to converge, since it usually waits until after it converges before it puts ports into a forwarding state, and if your ports aren't forwarding, your IGP can't send its announcements out. So, if your STP takes a while to converge, and your IGP takes a while, and BGP takes a while, outages will be a lot more noticeable to users.
The exact timer values you should use for each protocol depend on your network, which is why they're configurable, of course. But generally, you'll want to pay close attention to the following:
the "timers spf" command in your OSPF configuration
the "ip ospf hello-interval" and "...dead-interval" commands
the Spanning Tree Protocol "forward-time"" and "max-age" time for each VLAN
any Spanning Tree hacks like "Portfast" and "Uplinkfast" etc.
the HSRP "standby timers" command which controls how fast failover happens
the HSRP "standby preempt delay" command when controls how fast failback happens
Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.
This was first published in February 2004
Join the conversationComment
Share
Comments
Results
Contribute to the conversation