Network Documentation and Diagramming

Creating accurate network documentation from live devices - essential for troubleshooting, planning changes, and knowledge transfer.

Information to Document

Device Information:

• Hostname
• IP address
• Interface names
• Device type (Router/Switch/Firewall)
• IOS version
• Management access (SSH/Console)

Connection Information:

• Local interface
• Remote device
• Remote interface
• Link speed (10M/100M/1G/10G)
• Connection type (Trunk/Access)
• Allowed VLANs (if trunk)

Network Segmentation:

• VLAN IDs and names
• IP subnets per VLAN
• Gateway addresses

Gather Information with LLDP

Step 1: Get neighbor information

SW_Core# show lldp neighbors

Device ID           Local Intf     Hold-time  Capability      Port ID
SW3                 Gig0/1         120        B               Gig0/1
SW2                 Gig1/1         120        B               Gig0/1
SW1                 Gig2/1         120        B               Gig0/1
Main_L3             Gig3/1         120        R               Gig1/0/2

Step 2: Get IP addresses

SW_Core# show lldp neighbors detail | include IP
    IP: 10.30.0.6
    IP: 10.30.0.5
    IP: 10.30.0.4
    IP: 10.30.0.1

Step 3: Verify trunk/access mode

SW_Core# show interfaces Gig0/1 switchport | include Mode
Administrative Mode: trunk
Operational Mode: trunk

Step 4: Check link speed

SW_Core# show interfaces Gig0/1 | include BW
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,

Or simpler:

SW_Core# show interfaces status | include Gig0/1
Gig0/1    Trunk to SW3       connected    trunk      a-full a-1000 1000BaseSX

Document Network Topology

Example documentation table:

Local Device	IP Address	Interface	Remote Device	Remote Interface	Speed	Type	VLANs
SW_Core	10.30.0.2	Gig0/1	SW3	Gig0/1	1 Gbps	Trunk	20,21,22,23,30
SW_Core	10.30.0.2	Gig1/1	SW2	Gig0/1	1 Gbps	Trunk	20,21,22,23,30
SW_Core	10.30.0.2	Gig2/1	SW1	Gig0/1	1 Gbps	Trunk	20,21,22,23,30
SW_Core	10.30.0.2	Gig3/1	Main_L3	Gig1/0/2	1 Gbps	Trunk	All
Main_L3	10.30.0.1	Gig1/0/1	Edge	Gig0/0/0	1 Gbps	Routed	N/A
Main_L3	10.30.0.1	Gig1/0/2	SW_Core	Gig3/1	1 Gbps	Trunk	All
Edge	172.16.0.2	Gig0/0/0	Main_L3	Gig1/0/1	1 Gbps	Routed	N/A
Edge	172.16.0.2	Gig0/0/1	SW_Back_01	Fa0/2	100 Mbps	Trunk	20
FIREWALL	172.16.20.2	Gig0/0/1	SW_Back_01	Fa0/1	100 Mbps	Trunk	20
SW_Back_01	172.16.20.5	Fa0/1	FIREWALL	Gig0/0/1	100 Mbps	Trunk	20
SW_Back_01	172.16.20.5	Fa0/2	Edge	Gig0/0/1	100 Mbps	Trunk	20

Network Layer Identification

Core Layer:

• Central switching/routing
• High-speed interconnections
• Typically multilayer switches or routers
• Example: SW_Core, Main_L3

Distribution Layer:

• Aggregates access layer devices
• Routing between VLANs
• Policy enforcement
• Example: SW1, SW2, SW3

Access Layer:

• End-user device connections
• VLAN assignment
• Port security
• Example: Access switches with PC connections

Identify layers in your documentation:

Core Layer:
- SW_Core (10.30.0.2) - Core switch
- Main_L3 (10.30.0.1) - Layer 3 routing

Distribution Layer:
- SW1 (10.30.0.4) - Access aggregation
- SW2 (10.30.0.5) - Access aggregation
- SW3 (10.30.0.6) - Access aggregation
- SW_Back_01 (172.16.20.5) - Backend distribution

Access Layer:
- Switch ports connected to end devices
- VLANs: 20 (Productie), 21 (KlantenService), 22 (HRM), 23 (Marketing), 30 (IT_Beheer)

Create Network Diagram

Visio/Diagram Elements:

1. Device Icons:

   • Router (circle with arrows)
   • Layer 3 Switch (square with diagonal line)
   • Layer 2 Switch (square)
   • Firewall (brick wall icon)
   • Server (tower icon)

2. Connection Labels:

   • Interface names on both ends
   • Speed (1G, 100M, 10G)
   • Link type (Trunk/Access)

3. Device Labels:

   • Hostname
   • IP address (management)
   • Key role (Core, Distribution, Access)

Example diagram structure (text representation):

                    Internet
                       |
                   [Edge Router]
                   172.16.0.2
                       |
                  Gig1/0/1 (1G, Routed)
                       |
                  [Main_L3]
                  10.30.0.1
                  L3 Switch
                       |
            Gig1/0/2 (1G, Trunk: All VLANs)
                       |
                  [SW_Core]
                  10.30.0.2
                  Core Switch
                       |
        +-------------+-------------+
        |             |             |
    Gig0/1        Gig1/1        Gig2/1
  (1G,Trunk)    (1G,Trunk)    (1G,Trunk)
  VLANs:20-23,30 VLANs:20-23,30 VLANs:20-23,30
        |             |             |
     [SW3]         [SW2]         [SW1]
   10.30.0.6     10.30.0.5     10.30.0.4
Distribution   Distribution   Distribution
        |             |             |
    Access        Access        Access
    Ports         Ports         Ports

Document VLANs and Subnets

VLAN Table:

VLAN ID	Name	Subnet	Gateway	DHCP Server	Purpose
20	Productie	10.20.0.0/16	10.20.0.1	10.30.0.175	Production systems
21	KlantenService	10.21.0.0/16	10.21.0.1	10.30.0.175	Customer service
22	HRM	10.22.0.0/16	10.22.0.1	10.30.0.175	HR department
23	Marketing	10.23.0.0/16	10.23.0.1	10.30.0.175	Marketing department
30	IT_Beheer	10.30.0.0/16	10.30.0.1	10.30.0.175	IT management
99	Ongebruikt	-	-	-	Unused ports

Document Port Assignments

Switch Port Table (example for SW1):

Port Range	VLAN	Name	Connected Devices
Fa0/1-5	20	Productie	Production workstations
Fa0/6-10	21	KlantenService	Customer service PCs
Fa0/11-15	22	HRM	HR department PCs
Fa0/16-20	23	Marketing	Marketing department PCs
Fa0/21-23	99	Ongebruikt	Unused (disabled)
Fa0/24	30	IT_Beheer	Management access
Gig0/1	Trunk	Uplink	Connection to SW_Core

Document Servers

Server Inventory:

Server Name	IP Address	VLAN	Purpose	Protocols
NTP/Syslog	10.30.0.100	30	Time sync & logging	NTP, Syslog
DHCP	10.30.0.175	30	IP address assignment	DHCP
HTTP	10.10.0.100	-	Intranet web server	HTTP/HTTPS
FTP	10.30.0.50	30	File transfer	FTP
DNS	10.30.0.200	30	Name resolution	DNS
Controller	-	-	Wireless controller	CAPWAP

Complete Documentation Example

Comming Soon!!