Overview
Network devices within the enterprise should maintain a consistent, easy-to-understand, format that includes logical, physical, and functional descriptions.
- Four labels are required when naming the physical chassis of a device to which this standard applies.
- Floor (optional); device class and number; and logical location and number.
- Regional code.
- Top level domain.
- Five labels are required when naming network interfaces or ports in the DNS.
- Network port and slot information.
- Floor (optional); device class and number; and logical location and number.
- Regional code.
- Top level domain.
A break-down of the requirements can be found in the following sections.
Classes of Devices
Devices shall be assigned exactly one (1) class to declare their function. A list of functions follows:
| Class | Short Name in DNS | Function |
| Router | rt | A device whose purpose is to forward traffic between networks. |
| Switch | sw | A device which connects nodes on networks using packet switching technology. |
| Firewall | fw | A network security device that controls traffic based on a pre-determined set of policies. |
| Wireless Access Point | ap | A device that connects wireless devices to a computer network using Wi-Fi technologies. |
| Server | sv | A device whose purpose is to act as an end-node on the network. |
Multiple instances of devices classes are permitted and must include an incrementing number. Example: fw1, fw2, etc.
Device Hierarchy Layers
Devices shall be assigned exactly one (1) layer to declare their logical placement in the network hierarchy. A list of placements within the network follows:
| Layer | Short Name in DNS | Function |
| Access | ax | Access layer devices which connect directly to nodes on the network. |
| Distribution | ds | Devices which interconnect broadcast domains to the core. |
| Core | co | Central devices which terminate downstream trunk connections to a distribution device or terminate wide area connections within the enterprise. |
| De-militarized Zone | dz | A sacrificial network specifically designed for inbound access from untrusted networks. |
| Edge | eg | The edge of the enterprise network where point-to-point connections with external carriers terminate to pass traffic to/from untrusted networks. |
Network Interface Names
Devices may contain several network interfaces of varying types based on their respective functions. Although the table below is not an exhaustive list, it should be used when determining the name of known interfaces at the time of publication.
| Type | Short Name in DNS | Function |
| Aggregate Ethernet | ae | Ethernet bundle. |
| Auxiliary | aux | Auxiliary port used for out-of-band management. |
| Console | con | Console port (usually a serial interface). |
| Ethernet | eth | Generic ethernet interface. |
| Fiber Channel | fc | Generic fiber channel interface. |
| Fast Ethernet | fe | Fast-ethernet interface (100Mbps). |
| Gigabit Ethernet | ge | Gigabit ethernet interface (1000Mbps). |
| Generic Routing Encapsulation | gre | Tunnel interface. |
| Loopback | lo | Loopback interface. |
| Management Ethernet | me | Generic management interface (usually ethernet). |
| Serial | se | Generic serial interface for point-to-point links (T1, T3, etc.). |
| Ten-gigabit Ethernet | te | Ten-gigabit ethernet interface (10Gbps). |
| Virtual LAN | vl | Generic layer-2 802.1Q interface. |
| Ten-gigabit Ethernet | xe | Ten-gigabit ethernet interface (10Gbps). |
Network Interface Slot Numbering
Network devices frequently contain several slots in which blades or banks of interfaces reside in. Interface names in DNS must contain slot information - in the first position of it’s fully qualified domain name - based on the configuration of the slot/port on the physical device.
- Example: Gigabit Ethernet 0/2/1 would be named ge-0-2-1 as the first part of it’s FQDN.
Geographic Location
Device names shall include representation of their geographic location based on common-used site locations within the enterprise. A sample table is below:
| Code | Location |
| solution | Solution, XX |
Floor Information
Device naming conventions shall include floor number and location.
- Example: Gigabit ethernet interface 3/15 contained in a distribution switch on the south side of the 17th floor at SOLUTION Center would be named ge-3-15.fl17s-sw1-ds1.solution.Chicago.loc
- Exception: Remote locations that do not include multiple floors (e.g. a co-located cage at a hosting facility) may be excluded from this standard.
Point-to-Point Links
Point-to-point links to remote sites shall be specially named to represent the near/far side devices. A “double-dash” is used to represent the demarcation of physical or regional locations.
- P2P links in which both peers are maintained by CHICAGO shall be named as follows:
- Local location code, local interface + slot (double-dash) Remote location code, remote interface + slot.
- Local floor (optional); local device class and number; local logical location and number.
- Local regional code.
- Top level domain.
- P2P links in which the remote peer is not managed by CHICAGO shall be named as follows:
- Local location code, local interface + slot (double-dash) Remote entity and number.
- Local floor (optional); local device class and number; local logical location and number.
- Local regional code.
- Top level domain.
- Example (Connection from Reston, VA edge to Cogent):
- ASH: ash-ge-0-0-0—-cogent1.rt1-eg1.ash.Chicago.loc
- Example (Connection from Reston, VA edge to Cogent):
- Note: This convention may also be used for floor-to-floor trunk names.
Case Sensitivity
Names of devices covered by this standard shall be maintained in lower-case within both the operating system and DNS.
Legacy Names
Legacy names may be maintained for existing network devices by creating CNAME records in the DNS.
Examples of this Standard
- Reston external firewall pair protecting the enterprise from Internet-sourced traffic:
- fw1-eg1.ash.Chicago.loc
- fw2-eg1.ash.Chicago.loc
- SOLUTION Center core switch on 17th floor:
- fl17s-sw1-co1.solution.Chicago.loc
- The management interface of a wireless access point located at SOLUTION Center on the 19thfloor in the north location of the building:
- A TenGigabit ethernet port located in slot 1 of a switch at Data Center, Cali, CA:
- te-1-2.sw1-co1.chc.Chicago.loc
- VLAN437 on a core switch at Data Center, Reston, VA:
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
