Prepare network diagram to see the config of router, firewall and core switch

General
1

Hello,
I have two questions and need detailed answer on these, so that I can perform this action -
1>If I do not have access to devices, I have the running config of router , firewall and core switch , and I need to prepare the network topology and network diagram and route flow diagram. what should be the approach, what all things to consider to prepare it.
2> If I have access to devices of Router, Firewall and Core switches, what should be the approach and commands to be used to know about the network and using those information to prepare the topology and network diagram.

2

Hello Ravi

If you just have the configuration files, you can still determine the network topology and route flow diagram. Looking at the interfaces, the IP addresses and subnets, as well as the routing configuration, you should be able to get most of the info you need. If you want to get a hands-on approach, use GNS3 or another emulator to recreate the topology and see how it behaves.

Now either from the real topology, or your emulated one, looking at additional things such as routing tables, CDP neighbors, and initiating traceroutes will also help you to get a clearer picture of how things are configured, to verify your results.

I hope this has been helpful!

Laz

1 Like
3

Hello Lazaros,

Thanks for your answers.

what is the commands we should use for site discovery , for example if I want to migrate one site to other network topology, so I should collect some information for existing network like , what are the vlan configured in switches, what routes is being adveritised etc. so that those information can be used for migration and actual cutover.
Thanks

4

Hello Ravi

It really depends upon your network topology. Whether it is for a migration or simply for network documentation, the things that you should keep track of include:

  1. VLANs
  2. Subnets and IP addressing
  3. dynamic and static routing configurations
  4. Physical interconnectivity - which ports on which devices are connected to which other devices including things like
    a) trunk ports
    b) routed ports
    c) ports connecting to ISPs/WANs
  5. Any additional configurations such as port security, VPNs, DHCP, VTP, STP, IP SLAs, Access list, security parameters etc…

As you can see, it depends upon what you have implemented. By keeping a backup of the configs you can have a complete record of what has been configured, but interpreting those configs and getting the info into consolidated forms such as tables that can be viewed and understood at a glance is the real challenge.

I hope this has been helpful!

Laz