Preventing the Crime & The 7Ps

Preventing the Crime & The 7Ps

In honor of Father’s Day… I’d like to pass a gift along that my Dad gave me.  The gift of the “7Ps”.    What are the 7Ps and what do they have to do with Preventing Crimes?

The “7 Ps”

The 7Ps apparently started off (according to wikipedia) as a British Military adage.  I didn’t, actually, know that until I started writing this blog and googled “prior proper preparation”.  Voila!  Wikipedia was the first hit – 7 Ps (military adage).  I was raised on one of the varieties of the 7Ps: “Prior Proper Preparation Prevents Piss Poor Performance“.

How do the 7Ps relate to being a Network Detective? Yup — you guessed it…. CRIME PREVENTION!

An example you say? Wow… Where ever to begin on this….. Let’s see… hmmmmm

  • Maybe the static routes that were put in for a “quick & temporary” solution that are still in there?
  • Maybe the network diagram that would hinder and not help as a “crime scene map”?
  • Maybe the silos on your team that just make so many  network “whodunnit” more of a competition and finger pointing exercise instead of a collective team of network detectives all jumping in to solve the crime in a quick and timely fashion for the customer?

You know your network better than I do. You know where to start.  So what is stopping you?

He who does not prevent a crime when he can, encourages it. -Seneca the Younger

While I would LOVE to go after that 3rd one (Silos)…. that is … in and of itself… a whole other blog.  So let’s just go with a safe and simple example.

Router IDs

A “router ID” is a “router identification” and is commonly used by many protocols – BGP, EIGRP, OSPF, and MPLS to name a few.  What happens if 2 routers in one of these environments has a duplicate router ID?  Network “whodunnits”.  🙂

“Duplicate Router IDs Won’t Happen to Us!”

I hear this a lot.  “It’s okay”, I’m told, “We just let it default to Loopback0 and it is unique for every router, so we will never have duplicate router ids happen to us”.  I have to say I find that word “never” very entertaining.  But, I digress.

There are two common situations where the duplicate router id will hit even these people:  “Anycast” RPs and Migrations.

Anycast RP

What is “Anycast RP?”

In Anycast RP, two or more RPs are configured with the same IP address on loopback interfaces.

Wait!  What did that say?  Did that say that “two or more RPs are configured with the same IP address on loopback interfaces”?  Yup!  It most certainly did.  So now what about that perfect “uniqueness” of Loopbacks?  So riddle me this.  What happens if the IP address that y’all decide on is higher than the loopback 0 in your box?  Truth?  Nothing.  At first.   Which can also make this much much more difficult to troubleshoot.  Cause it may be quite awhile before this bites you.  Why?  The BGP, EIGRP, OSPF, or MPLS already has a router-id assigned to the process.  Creating a new one that happens to be higher isn’t going to preempt your already existing router-id.   Just think of it as a nice little boobytrap all ready to be triggered to cause a fun little “whodunnit” due to lack of “prior proper preparation”.

Migrations

So say that you have an existing router and you are going to migrate to a new router on the same segment.  Your plan is to add the new router to the network and then slowly phase out the other one.  When the router you are phasing out is doing iBGP with its loopback it is very common to think that you can just give this loopback to the “new” router and stop the “old” router from advertising it’s loopback so it “won’t matter”.  Don’t do this.  You’re just setting up the boobytrap again as long as the “old” router is still up and running.

“Configure with Intent”

I love this expression.  A friend of mine, Russ White, used this phrase years ago during a CiscoLive techtorial I was attending.  What he was talking about was the concept of “using your configs to make your design intention clears”.

So I ask you, “What are your “design intentions” in reference to what router-id BGP, EIGRP, OSPF or MPLS should use in each of your routers”?

Next question.  “Why aren’t you “configuring with intent” and hard-coding your design intention into the configurations and instructions for your routers”?

The Bigger Question…..

How can YOU help your network be better prepared?  What can YOU do to help prevent network outages and poor performance?

Take 10 minutes right this very second. Yes… NOW.  You had thoughts and ideas about things you could do while you were reading this blog.  Write them down now.

He who does not prevent a crime when he can, encourages it. -Seneca the Younger

reduce_risk_badge


NOTE:  The above blog originally appeared on Network World, August, 2013. It was modified slightly and posted here as part of the Techniques of a Network Detective Series.

Comments are closed.