Sys Admin Pocket Survival Guide - Network Architecture
Home	Solaris	HP-UX	AIX

Network Architecture

Multiple VLAN vs one huge segment

Is it better to have 4 class C vlan or one big /26 network? The answer obviously is "it depends". Some admin like to do things one way and other another. But if there are no specific reasons to choose one versus the other, then I would choose multiple vlans, over merging everything into one. This is because:

Segregate windows from unix. One has lot of broadcast and viruses, the other is closer to nirvana :)
...

Routable vs Non-Routable IP in DMZ, Internal Network

I choose non-routable for the extra security. Not unless traffic goes thru the NAT device, they can't get to the internet.

Host Naming Convention

Users like to use fun names that they like, such as Abott, Costello, Stinky, Itchy, etc etc. Admins like cryptic name such as sc-smtp01, nacascxch007, etc. But names like pc35c7b6 and s432678 is probably the worse of both world, hated by both users and most sys admins.

Fun Names

Users obviously like to name machines after their favorite mascot, toy, cars, etc. This is definately easy to remember, and if there are only a few machines around, it is fine. But for Sys Admin working at large companies with many machines, not getting any clue of what the machine from the name is usually a draw back. So, it depends whether you want to be a BOFH or a user-pleaser :)
That said, if you are in a university environment, and you see machines named Fermat and Descartes, Hydrogen, Helium, Lithium, Quark, Positron, Photon, you can probably guest that they are machines in the Math, Chem and Physics department. If you are in a dot-com, your web server can probably be named Ferrari, your file server as Durango, and your desktop as Pinto. It is actually very reasonable as long as you publish what the different naming themes are for what purpose.

SysAdmin Names

If you are like me and not creative with naming things, then name the machines with simple acronyms are fine. User desktops probably should be named as lnx-, win-, lap-. Servers would probably be DB01, Web01, App01. Boring, but they are to the point. If you work in large company that spans many location, adding a short prefix to the name is fine, such as CA-Ora01, NY-Web02, etc. But keep them short, don't go overboard and name your exchange server in North America, California, Santa Clara as nacascxch007. sc-xch7 would likely do the job better. Keep the name short and easy to remember, that's what naming is all about!

Cryptic Names

Some admins that really don't know how to name their machines like to put Sercie Code, Serial Number or Asset Code for the machine name. While they claim that this pack lot of info about the machine into the name, it is flawed in the sense that it defeats the purpose of naming the machine: It was supposed to be easy to remember and talk about! Such cryptic names are essentially the worse of both world and hated by users and sys admins alike.
Certainly, if a user call and say my laptop lp3c4d7e battery isn't charing anymore, you can probably call dell and give them the service code that is embeded in the name to get a replacement battery. But if you get a page that pc78df53 has a virus, would you know who to talk or where to go to work on the machine?? Serial number, asset tag, and other such info should be kept in the inventory database and refered when necessary.
The whole exercise of naming machine is that they can be remembered. Those cryptic serial numbers and service code are so hard to remember that IP address may as well be used instead of the machine name!! Furthermore, IP address that one needs to remember is probably only one octet or two. Calling a machine x.x.13.25 is only 4 digits and may add the info that machine is on in building 1, floor 3. It would certainly be easier to remember and more meaningful than tag834761, as asset tag is not used 99.999% of the time of dealing with a machine.

So, in summary, don't upset everyone, try to at least please one set of people, and keep in mind that a name is supposed to be meaningful!

[Doc URL: http://www.cs.fiu.edu/~tho01/psg/netArch.html]
(cc) Tin Ho. See main page for copyright info.

"LYS on the outside, LKS in the inside"
"AUHAUH on the outside, LAPPLAPP in the inside"