A toolkit for automating and visualizing VLAN configuration

Quantified Score

Visualization

Abstract

Virtual Local Area Networks (VLANs) are extensively used in enterprise networks. However, their configuration remains an ad-hoc, complex and error-prone process today. We believe that to eliminate these difficulties, there is need for automation tools, and also need for visualization tools. In this paper, we report on our experience building a VLAN management toolkit, which automates and visualizes common VLAN configuration tasks. We begin by describing common misconfigurations, and their impact on network performance and security. We next present a set of algorithms that automate the VLAN configuration tasks. These algorithms form the back end of the toolkit. The front end of the toolkit consists of an interactive graphical user interface which provides visualization of VLAN operations at multiple granularities, and can be accessed remotely from a web browser. We are in the process of deploying the toolkit at a large campus network which has thousands of switches, and around 800 VLANs. Our initial operational experience shows that the toolkit is effective in both automating configuration tasks, and identifying common misconfigurations. In particular, we have found that (i) more than 40% of the VLANs in the network have redundant links that may lead to security and performance issues. (ii) more than 30% of the VLANs in the network have missing links which may result in connectivity issues and (iii) the root-bridge placements of more than 30% of the VLANs are not optimum, which again may result in performance issues. We believe these insights highlight the benefit and importance of such a toolkit.