[c-nsp] Naming Conventions

Paul Stewart pauls at nexicom.net
Mon Aug 23 06:26:55 EDT 2004


Thanks Justin... that's great information... makes sense :)  Also,
thanks to Richard for that pointer to Sun's document.  Between the two
of them I should be able to draft up something specific to our
operations.

Take care,

Paul


On Mon, 2004-08-23 at 01:06, Streiner, Justin wrote:
> On Sun, 22 Aug 2004, Paul Stewart wrote:
> 
> > We're a mid-sized ISP and I'm looking at trying to standardize our
> > naming conventions for routers/switches/firewalls.
> >
> > Just looking to see what the "norm" is that makes sense.  Currently we
> > use gw-7513, gw-5513 etc. but this doesn't really make sense nor is it
> > good from a security perspective in my opinion.
> 
> You'll probably get lots of different answers to this :-)
> 
> I've found it's better to name devices based on what they do, not that
> they are.  That way if you replace that 5513 with a 6513, you don't need
> to change DNS, and potentially other things like monitoring software,
> etc...
> 
> I've worked for a mid-size ISP and designed the network device naming
> conventions for them, so I have some experience here.  These are just my
> thoughts.  You may choose to do something completely different.
> 
> What I've done in the past is something like this:
> 
> core routers
> ------------
> crX.location/pop.state/country.isp.net
> 
> I see lots of places use either a general location ID, such as "paix01" or
> or something based on telco CLLI codes, like "nycmny" for New York City
> (Manhattan).
> 
> example:
> cr1.paix01.ca.isp.net
> 
> This would normally point to the primary loopback interface on the device
> specific interfaces could be identified in much the same way
> 
> p1-0-0.cr1.paix01.ca.isp.net
> t3-2-0-0.cr1.paix01.ca.isp.net
> 
> customer attach/access routers
> ------------------------------
> arX.same-format-as-above
> 
> Specific interfaces could be identified the same way.  Interfaces with
> sub-interfaces (frame relay, ATM, 802.1q ethernet trunks, etc) could also
> be identified the same way
> 
> t1-1-2-1-24.ar1.paix01.ca.isp.net
> s2-0-17-0.ar1.paix01.ca.isp.net
> a2-0-1-305.ar2.paix01.ca.isp.net
> 
> core switches
> -------------
> csX.same-format-as-above
> 
> If your switches are doing any layer 3 routing, you can label specific
> interfaces
> 
> g5-1.cs1.paix01.ca.isp.net
> f2-48.cs2.paix01.ca.isp.net
> 
> distribution/access switches
> ----------------------------
> asX.same-format-as-above
> 
> firewalls
> ---------
> fwX.same-format-as-above
> 
> specific interfaces would depend on your firewall's interface naming
> standards, e.g. ethernet0,1,2.... for Cisco PIXes, etc.  I'd recommend
> that rather than using things like "dmz1" or "outside0" because that can
> reveal more than you want about your network architecture.
> 
> jms



More information about the cisco-nsp mailing list