Routing design in operational networks: a look from the inside
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Characterizing VLAN usage in an operational network
Proceedings of the 2007 SIGCOMM workshop on Internet network management
Shedding light on the glue logic of the internet routing architecture
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Towards systematic design of enterprise networks
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Impact of distributed denial of service (DDoS) attack due to ARP storm
ICN'05 Proceedings of the 4th international conference on Networking - Volume Part II
Automated information flow analysis of virtualized infrastructures
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Automated verification of virtualized infrastructures
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
The evolution of network configuration: a tale of two campuses
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Hi-index | 0.00 |
Virtual Local Area Networks (VLANs) are extensively used in enterprise networks. However, their configuration remains an ad-hoc, complex and error-prone process today. We believe that to eliminate these difficulties, there is need for automation tools, and also need for visualization tools. In this paper, we report on our experience building a VLAN management toolkit, which automates and visualizes common VLAN configuration tasks. We begin by describing common misconfigurations, and their impact on network performance and security. We next present a set of algorithms that automate the VLAN configuration tasks. These algorithms form the back end of the toolkit. The front end of the toolkit consists of an interactive graphical user interface which provides visualization of VLAN operations at multiple granularities, and can be accessed remotely from a web browser. We are in the process of deploying the toolkit at a large campus network which has thousands of switches, and around 800 VLANs. Our initial operational experience shows that the toolkit is effective in both automating configuration tasks, and identifying common misconfigurations. In particular, we have found that (i) more than 40% of the VLANs in the network have redundant links that may lead to security and performance issues. (ii) more than 30% of the VLANs in the network have missing links which may result in connectivity issues and (iii) the root-bridge placements of more than 30% of the VLANs are not optimum, which again may result in performance issues. We believe these insights highlight the benefit and importance of such a toolkit.