[c-nsp] Naming Conventions

Streiner, Justin streiner at stargate.net
Mon Aug 23 01:06:33 EDT 2004 

On Sun, 22 Aug 2004, Paul Stewart wrote:

> We're a mid-sized ISP and I'm looking at trying to standardize our
> naming conventions for routers/switches/firewalls.
>
> Just looking to see what the "norm" is that makes sense.  Currently we
> use gw-7513, gw-5513 etc. but this doesn't really make sense nor is it
> good from a security perspective in my opinion.

You'll probably get lots of different answers to this :-)

I've found it's better to name devices based on what they do, not that
they are.  That way if you replace that 5513 with a 6513, you don't need
to change DNS, and potentially other things like monitoring software,
etc...

I've worked for a mid-size ISP and designed the network device naming
conventions for them, so I have some experience here.  These are just my
thoughts.  You may choose to do something completely different.

What I've done in the past is something like this:

core routers
------------
crX.location/pop.state/country.isp.net

I see lots of places use either a general location ID, such as "paix01" or
or something based on telco CLLI codes, like "nycmny" for New York City
(Manhattan).

example:
cr1.paix01.ca.isp.net

This would normally point to the primary loopback interface on the device
specific interfaces could be identified in much the same way

p1-0-0.cr1.paix01.ca.isp.net
t3-2-0-0.cr1.paix01.ca.isp.net

customer attach/access routers
------------------------------
arX.same-format-as-above

Specific interfaces could be identified the same way.  Interfaces with
sub-interfaces (frame relay, ATM, 802.1q ethernet trunks, etc) could also
be identified the same way

t1-1-2-1-24.ar1.paix01.ca.isp.net
s2-0-17-0.ar1.paix01.ca.isp.net
a2-0-1-305.ar2.paix01.ca.isp.net

core switches
-------------
csX.same-format-as-above

If your switches are doing any layer 3 routing, you can label specific
interfaces

g5-1.cs1.paix01.ca.isp.net
f2-48.cs2.paix01.ca.isp.net

distribution/access switches
----------------------------
asX.same-format-as-above

firewalls
---------
fwX.same-format-as-above

specific interfaces would depend on your firewall's interface naming
standards, e.g. ethernet0,1,2.... for Cisco PIXes, etc.  I'd recommend
that rather than using things like "dmz1" or "outside0" because that can
reveal more than you want about your network architecture.

jms

More information about the cisco-nsp mailing list