[123755] in North American Network Operators' Group
Re: Network Naming Conventions
daemon@ATHENA.MIT.EDU (Greg Whynott)
Mon Mar 15 10:40:34 2010
From: Greg Whynott <Greg.Whynott@oicr.on.ca>
CC: nanOG list <nanog@nanog.org>
Date: Mon, 15 Mar 2010 10:39:55 -0400
In-Reply-To: <F272BFF2-8124-4DC4-9EF2-3626BAD751F6@daork.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
ours is a small network, so is ok to have fun. 8)=20
we do use CNAMES to provide useful information(and make managers happy).. =
and name servers after the service the provide, eg ldap1.auth.mgt
here is an example:
gwhynott@ops:~$ host rma.mgt
rma.mgt.oicr.on.ca is an alias for RiserRoom5a.hp8212.rack2.mgt.oicr.on.ca.
RiserRoom5a.hp8212.rack2.mgt.oicr.on.ca has address 10.3.200.35
gwhynott@ops:~$=20
-g
On Mar 15, 2010, at 10:08 AM, Nathan Ward wrote:
> On 16/03/2010, at 2:10 AM, Adcock, Matt [HISNA] wrote:
>=20
>> I've used a Jimmy Buffett theme in test labs before.
>=20
> Naming themes are fine in test labs, because devices have a different fun=
ction/role several times per day, a name acts like an asset tag in that it =
sticks with it through its lifetime.
>=20
> Same goes for those servers that sit in our networks that I can only real=
ly think to call "bitch boxes". They do all sorts of random one-off network=
hackery tasks, and never get any love. They're not supposed to scale, they=
were only supposed to be there for one job 5 years ago and they're still t=
here.
>=20
> If I've got guys out there rolling out gear according to cookie cutter de=
signs, I don't want them coming up with names and using ex girlfriends or T=
V shows or whatever. They're going to run out of ideas, and I don't want to=
have 50 boxes called "rachel" on the network with no idea what they do. Th=
at sort of thing works fine when you're the only person putting the names i=
n to boxes - like in a lab - but no good if you've grown much.
>=20
> I'm a contractor/consultant type thing, and getting my customers to use n=
aming schemes like the rant that follows helps me understand their network =
if they do things without me, and helps anyone else who comes along too.
>=20
>=20
> So, for production network and server gear, I like domain names built wit=
h city and site codes:
> site.city.domain
>=20
> Perhaps if I had a bigger network I'd have .country.domain on the end of =
that instead.
>=20
> Hosts within each site are told to search within their site, then city, t=
hen domain. Here's how in resolv.conf:
> search site.city.domain, city.domain, domain
>=20
> This lets me refer to a host called 'access-1' as, access-1, or access-1.=
site, or access-1.site.city depending on where I am. That's handy and saves=
my lazy ass typing lots. It also means we can have standard configs for lo=
ts of things. For example, we can syslog to "syslog" and it will choose eit=
her the one in the local site if its size warrants it, or one in the city, =
or a network-wide one. I'm sure you can think of other ways this can be use=
ful.
>=20
> It can be annoying when a box doesn't let you display a full hostname in =
a prompt, or fudge it and set the "hostname" to "hostname.site.city" becaus=
e hostnames shouldn't have periods in them. YMMV, etc. The benefits outweig=
h the negatives for me I think. Things can get a bit hairy when devices ide=
ntify themselves by their hostnames in some other protocols though. Ignorin=
g that and using DNS is encouraged, etc.
>=20
> As for hostnames themselves, I have varying ways of doing that, but I nev=
er use a naming scheme that won't scale for.. a long time.
> I always use numbers, but never use leading zeros - ie. access-1, not acc=
ess-001. It's not hard to sort numerically, come on now.
> I generally try to use something that describes the devices function. "ac=
cess-[1-9][0-9]*" =3D access router. "core-[1-9][0-9]*" =3D core router. "I=
P" is implied unless it's something else, ie. "(eth|atm)-access-[1-9][0-9]*=
" are Ethernet or ATM switches.
>=20
> For places where I collapse functionality, ie. a small site with collapse=
d core and access boxes, I call them access, because they are less to move =
and hence need renaming when core boxes come in the future to support addit=
ional access boxes.
>=20
> Interface addresses in DNS include the interface name and VLAN or some ot=
her logical circuit details (PVC, etc.), as is common.
>=20
> Juniper boxes have re0-hostname.domain and re1-hostname.domain, and also =
re-hostname.domain if I've got a moving master IP address configured.
>=20
> That's about all I can think of to write, I hope it's useful to someone, =
YMMV, etc.
>=20
> --
> Nathan Ward
>=20
>=20
