In search of beautiful network diagrams
January 7, 2014 9:09 AM Subscribe
I am looking for examples of beautiful or unusual, yet effective, computer network diagrams - the more complex and extensive the networks, the better.
Similarly, I'd like to find tutorials and how-to's on making same - preferably avoiding Visio/OmniGraffle as much as possible (most of the people I work with just want to swap .pdfs or Power Point presentations when it comes to delivering design documents, anyhow.)
I deal with very intricate and large networks, and it's always a struggle to present them visually to various project stakeholders. I'd like to catch their attention with something striking that will help them actually understand what's going on.
Visual Complexity has lots of examples. You can use a format like dot to represent networks. There are tools out there, like GraphViz, which render dot files.
posted by Blazecock Pileon at 9:23 AM on January 7, 2014
posted by Blazecock Pileon at 9:23 AM on January 7, 2014
If you are familiar with the typesetting program TeX then the tikz package can help you make beautiful networks/graphs/anything. It can be a bit challenging to learn, but once you do you will recognize your full awesomeness.
Texample is a great place to find tikz samples to modify and to see what other people have come up with. The link for graphs might be a good place to start.
posted by El_Marto at 9:25 AM on January 7, 2014
Texample is a great place to find tikz samples to modify and to see what other people have come up with. The link for graphs might be a good place to start.
posted by El_Marto at 9:25 AM on January 7, 2014
Check out the diagram on page 3 of this report (pdf) from the NY Fed. It shows how the shadow banking system (ie, non-banks that perform credit or maturity transformations similar to those done by banks) worked as of 2009. Honestly, no one knew all the pieces before they had the diagram.
posted by shothotbot at 10:33 AM on January 7, 2014
posted by shothotbot at 10:33 AM on January 7, 2014
As a network admin I've struggled with this for more than a decade. Some things I've discerned...
There are distinct differences in representing layer 1 (physical connections), multi-access layer-2 (ethernet broadcast domains, vlans), and layer 3 (IP). When you start creating a diagram you basically have to pick one of these to form the base set of nodes and connections. You can start adding textual descriptions of that set of nodes within the same layer -- for example if you're diagramming layer 1, you can add text descriptions of device port numbers, cable types, cable ID numbers, etc. If you're doing layer 2, you can do vlan ids, mac addresses, use spans of color to designate broadcast domains/vlans, etc.
*But* when you start crossing those layers on the same diagram, things seem to start to fall apart unless you're really careful and set a consistent style for describing different things. Does a connection between two nodes represent a physical cable or does it represent one of many vlans. You can use things like line styles, colors, or text callouts to keep this under control to some degree. But my experience has been that you hit a wall of complexity where the amount of detail needed to describe the operational reality of the network just isn't feasible to put in one place. You have N-dimensions to describe, and once N goes over about 3 or 4, I run out of visual tools to deal with it -- "hmm, is a vlan a dotted line or dashed on this diagram?", or "is a blue line gig-e native on cat-6 or is it a vlan from a gig-e aggregation switch merged onto a Nx10gig LAG QinQ trunk across a metro?" You are severely culling information from reality to present a particular picture, and making those restrictions is time consuming and difficult to do with consistency.
I'm not sure whether you're coming from a service provider or enterprise network point of view. In service provider networks, you quickly have N go to 10+ -- think outside fiber or copper plants, DWDM systems or OTN, ethernet (multiple layers), MPLS (multiple layers), IP (multiple layers with customer MPLS or IPSEC VPNs), etc. And note I'm avoiding even dealing with servers/services/layer4+ here. The only way I've found to deal with this sanely is to use a custom database-driven set of tools, or a bunch of vendor-specific NMS systems with some glue-on integration (at best!) to bridge systems together. Any given diagram is going to be a 2 or 3-dimensional slice of this N-dimensional reality, and so diagrams tend to be one-off creations that are labor intensive to create and maintain. The resulting picture is of limited utility to operations if it is useful for communication on a large scale to management. The raw database system is more useful for operations because you can do queries and reports and dependencies on hundreds of nodes at a time, which is what you need to really managed hundreds of nodes and thousands of edges.
So in summary... I share your struggle and have already spent years on it without a lot of progress. Visualizing all that without sucking up months of people-effort per diagram is unsolved as far as I'm concerned. My perspective is from small-to-medium ISP land. I like to imagine that large service providers have teams of people automating these things and spitting out useful visualizations that throw away specific information depending on the need. The paucity of good looking examples making it out to network operations groups makes me think that nobody really is putting big money or time into it.
posted by frontmn23 at 11:04 AM on January 7, 2014 [1 favorite]
There are distinct differences in representing layer 1 (physical connections), multi-access layer-2 (ethernet broadcast domains, vlans), and layer 3 (IP). When you start creating a diagram you basically have to pick one of these to form the base set of nodes and connections. You can start adding textual descriptions of that set of nodes within the same layer -- for example if you're diagramming layer 1, you can add text descriptions of device port numbers, cable types, cable ID numbers, etc. If you're doing layer 2, you can do vlan ids, mac addresses, use spans of color to designate broadcast domains/vlans, etc.
*But* when you start crossing those layers on the same diagram, things seem to start to fall apart unless you're really careful and set a consistent style for describing different things. Does a connection between two nodes represent a physical cable or does it represent one of many vlans. You can use things like line styles, colors, or text callouts to keep this under control to some degree. But my experience has been that you hit a wall of complexity where the amount of detail needed to describe the operational reality of the network just isn't feasible to put in one place. You have N-dimensions to describe, and once N goes over about 3 or 4, I run out of visual tools to deal with it -- "hmm, is a vlan a dotted line or dashed on this diagram?", or "is a blue line gig-e native on cat-6 or is it a vlan from a gig-e aggregation switch merged onto a Nx10gig LAG QinQ trunk across a metro?" You are severely culling information from reality to present a particular picture, and making those restrictions is time consuming and difficult to do with consistency.
I'm not sure whether you're coming from a service provider or enterprise network point of view. In service provider networks, you quickly have N go to 10+ -- think outside fiber or copper plants, DWDM systems or OTN, ethernet (multiple layers), MPLS (multiple layers), IP (multiple layers with customer MPLS or IPSEC VPNs), etc. And note I'm avoiding even dealing with servers/services/layer4+ here. The only way I've found to deal with this sanely is to use a custom database-driven set of tools, or a bunch of vendor-specific NMS systems with some glue-on integration (at best!) to bridge systems together. Any given diagram is going to be a 2 or 3-dimensional slice of this N-dimensional reality, and so diagrams tend to be one-off creations that are labor intensive to create and maintain. The resulting picture is of limited utility to operations if it is useful for communication on a large scale to management. The raw database system is more useful for operations because you can do queries and reports and dependencies on hundreds of nodes at a time, which is what you need to really managed hundreds of nodes and thousands of edges.
So in summary... I share your struggle and have already spent years on it without a lot of progress. Visualizing all that without sucking up months of people-effort per diagram is unsolved as far as I'm concerned. My perspective is from small-to-medium ISP land. I like to imagine that large service providers have teams of people automating these things and spitting out useful visualizations that throw away specific information depending on the need. The paucity of good looking examples making it out to network operations groups makes me think that nobody really is putting big money or time into it.
posted by frontmn23 at 11:04 AM on January 7, 2014 [1 favorite]
Gephi is a free program with a moderate learning curve, specifically meant to draw networks. Some other threads you can check out on MetaFilter with various recommendations and reviews: Visualize this, Buzzing about network graphs, Best network/graph theory software for non-techies?
posted by knile at 1:26 PM on January 7, 2014
posted by knile at 1:26 PM on January 7, 2014
Response by poster: There are distinct differences in representing layer 1 (physical connections), multi-access layer-2 (ethernet broadcast domains, vlans), and layer 3 (IP). When you start creating a diagram you basically have to pick one of these to form the base set of nodes and connections.
Yeah, this is my hell. I deal mostly with "Next Generation" security appliances (Firewall vendors don't like to call them firewalls anymore) - so you have one box that does firewalling all the way up the OSI stack, IDS, AV, web proxy/filter, load balancing, WAN acceleration, SSL VPN concentrator, IPSEC VPNs, a zillion VLANs with varying QoS, MPLS and BGP and OSPF flying everywhere, and, oh yeah, it's a also a wireless AP controller and DHCP server. It's also not one box, but at least two in an HA cluster.
Illustrating how these guys fit into a network is... challenging. I wind up laying out a data cabinet map, a layer 2 map to show how the HA works, a layer 2 map to show how it hooks into all of the various VLANs and wireless networks, a routing, load balancing and VPN map, and then an illustration that shows how we're mangling the traffic going through the beast. All that for just one piece of the network.
It's all ugly and hard to parse, especially in visio. I'd like to tidy it up for visual punch and clarity of concept. The OFA map jangle linked to up top is reaaaal nice, tho, and close to what I was thinking of.
posted by Slap*Happy at 5:21 AM on January 8, 2014
Yeah, this is my hell. I deal mostly with "Next Generation" security appliances (Firewall vendors don't like to call them firewalls anymore) - so you have one box that does firewalling all the way up the OSI stack, IDS, AV, web proxy/filter, load balancing, WAN acceleration, SSL VPN concentrator, IPSEC VPNs, a zillion VLANs with varying QoS, MPLS and BGP and OSPF flying everywhere, and, oh yeah, it's a also a wireless AP controller and DHCP server. It's also not one box, but at least two in an HA cluster.
Illustrating how these guys fit into a network is... challenging. I wind up laying out a data cabinet map, a layer 2 map to show how the HA works, a layer 2 map to show how it hooks into all of the various VLANs and wireless networks, a routing, load balancing and VPN map, and then an illustration that shows how we're mangling the traffic going through the beast. All that for just one piece of the network.
It's all ugly and hard to parse, especially in visio. I'd like to tidy it up for visual punch and clarity of concept. The OFA map jangle linked to up top is reaaaal nice, tho, and close to what I was thinking of.
posted by Slap*Happy at 5:21 AM on January 8, 2014
« Older What can I take with me on walks to keep dogs away... | Typophiles: What's the Hominis Font Like? Newer »
This thread is closed to new comments.
posted by jangie at 9:19 AM on January 7, 2014 [2 favorites]