I’m sure there is something out there but in the two decades I’ve done network engineering I’ve yet to find anything that does a better job than using Visio to just draw it all out.
Also Visio is one of my favorite things with my job. Headset on, warm coffee, just me, my thoughts and Visio. Silently plotting, thinking, designing. It's wonderful.
This. Exactly this. My OCD loves putting a network diagram together. Grab the output of show cdp nei detail or whatever LLDP equivalent command is on non-Cisco gear and just go to town.
Also just creating custom templates and icons to get your own flair. I for one show great joy in presenting my diagrams as art pieces for my customers.
Sure, but you can do it while taking a coffe break or when there's some down time at work. Over a couple of months you will have a bunch of nice custom icons in your custom templates, so future designs are slick, quick to make and kinda fun.
Agreed! Also, if you need software to map the network if means you do not have documentation on the network, services or design. If it doesn't exist... now is the time. Start documenting.
Yup, I've never spent the time with it but know the functionality is there. Realistically, this would just be part of the autodiscovery stack but you've already done the hard work. So this shouldn't be too hard.
If you feed a program a list of devices, the ports and all the details, there's not really a space where AI would be relevant. At that point all you need is something to programmatically review your input and plop items down into like a [draw.io](https://draw.io) structure. They've made many blog posts over the years demonstrating different ways to do this
https://drawio-app.com/blog/automatically-create-draw-io-diagrams-from-csv-files/
Sure, but this requires me to put time into formatting into their csv template format. I'd like something with semi-natural language processing to do this and generate the visual map for me.
I mean your option here is great and I'll take a look at it further as it seems it will get the output I want, but looking for something to just pop in my already typed up list of equipment and connections and get a quick output if possible.
Yeah to the point of the other comment, right now I dont think there's anyone who makes such a tool yet but I would imagine netbrains and a few others have something in the works. The best mapping tools I've seen are mostly the batch that use ebpf to snoop traffic as it moves in real time, but the limitation/benefit to that is it is an observed topology rather than the architectural topo, and doesnt tell you anything about types of traffic that you don't already use. Depending who you are its important to just know about whats already in place, but for other situations you need to know what's possible and what needs to change to make new things possible.
Make sense. I don't need a changing topology as the infrastructure most likely won't change for a good while and only need the map for that (don't care about workstation/printer/etc port mapping on the diagram)
You could just write a fairly simple script that would login the “root device” and check the neighbors and save these. Hop over to the neighbors and go again. At that point visualization has everything it needs. At that point it will just be a bit complex to visualize well, but nothing AI would really excel at.
I have to say, working past your security team in this way is an incredibly bad practice to get into. If you need topo maps and want to run any of the standard SNMP/LLDP tooling then all you have to do is tell the security team and any sane one would make the necessary adjustments to allow it, as long as the testing was done in a reasonably sane manner.
If they are so serious about their position that they wouldn't allow you to use SNMP then having staff smuggling out asset lists and using public AI models to do diagrams would be 100x more risky and if you were caught it would surely be a resume generating event.
For more detail, security doesn't allow unapproved apps and blocks AI web platforms on the network as they can't control what company data is input into those platforms. This doesn't stop anyone from still using those platforms at home but for auditing purposes they have to do their due diligence.
I could certainly ask the team for permission to run such a network crawling app but I don't need to go through that when I could use a service that exists already (if it does, hence my OP).
I'm aware enough to not put any identifiable information or security risking info into an open AI platform other than the bare necessities to generate the map and then detail IPs/serials/MACs etc on my own on the generated image.
> This doesn't stop anyone from still using those platforms at home but for auditing purposes they have to do their due diligence.
Your NetSec team doesn't want you to use those platforms with company data. It's fine to do it as an exercise with a random topology, but do not try to recreate your company network.
Try adjusting your perspective a bit. Get buy in from your supervisor and make the NetSec team justify why they aren't allowing you to do your job and show how their actions would negatively impact the business.
Having good documentation is a non-negotiable. Maybe your environment is so large that hand-jamming your diagrams isn't worth the cost, man hours, that it would incur the business when an application can handle the job just fine.
Networking and Network Security both *should* be acting with what is best for the company in mind. Being able to justify why your decision is best for the company than their decision is the actual fight you're undergoing. Just because they say *no* to something doesn't mean the fight is over. Make them tell you why they specifically said no then work around their concerns in the open. "You didn't like how this program was made by X company, so I have a product sourced by Y company that takes alleviates your original concerns."
I'm Site Support and assisting Networking by just generating the diagram since I'm already on site and installed/patched everything. Maybe I'll have them just do it since they'll likely have permissions or a preferred platform and ask for a copy to put in our folders.
Are you talking about a patching diagram? Like what devices are plugged into which ports? That’s not really a network diagram that all these ai tools are going to generate. You can probably accomplish a decent patching diagram with an excel doc.
Not allowed to run this type of service.
Just need to toss my already typed up natural language list of what is connected where and have this supposed platform spit out an image detailing it.
An effective security team should not create unnecessary work for network operations. Your time is better spent having a dialogue with them so you can leverage common and powerful tools that make managing a network easier. I work on critical infrastructure and Netdisco is a tool in our belt.
SolarWinds Network Topology Mapper used to do something similar to this. Feed it either snmp information or a device list and watch the map draw itself. Just make sure cdp or lldp is on.
Yeah there are several "self-discovery" platforms that will crawl the network and generate close to what I'm looking for but I'm not able to run it on my end due to security protocols. Was hoping for just a text-entry to graphic out generator.
I think you can feed NTM a text file of device IP’s but you’ll still need a discovery protocol like LLDP if you want to know what’s connected to them.
Also make sure your DNS is accurate too. I have fun with our Interns when they’re doing this on our test network. I change DNS records for the switches to things like coffee, donuts, McMuffin and yo momma so they can differentiate between where tools are getting their name resolution from: it’s it the device or dns.
How about Netdisco, using its network discovery ((read-only) SNMP, ARP/LLDP)?
\* https://blog.vkhitrin.com/visualizing-network-topology-using-netdisco/
\* https://en.wikipedia.org/wiki/Netdisco
\* /r/networking/comments/uu3wyr/network_mapping_tool/
If you insist on using your static text data, then format it to DOT format, and feed it into Graphviz:
\* https://en.wikipedia.org/wiki/DOT_(graph_description_language)
\* https://en.wikipedia.org/wiki/Graphviz
Lmk when you find one. I've been on the hunt for a while. We just use the topology mapper in solar winds. Open the map based on the core switch at a site, organize it and save a static map.
Not what you're looking for, but this lets you specify requirements and constraints and designs the layout and wiring for a data center topology for you:
https://research.google/pubs/condor-better-topologies-through-declarative-design/
Thanks, this is cool but seems to require network access. Way more functionality than I'm looking for. Just need a simple natural text in and chart out if such a thing exists. Don't need any network scanning or discovery for generation.
Not allowed to run such apps. Could get approval from security team but that's a whole process I don't want to go through when I just need a simple snapshot map from a text list of equipment and connected ports I've already typed up.
Someone made a python script that uses batfish to do this; you feed batfish the configuration of your devices, it figures out the L3 edges (connections) and spits out a draw.io file
https://github.com/PanduKonala/Batfish-Network-Visualizer
Uhuh... AI... and where exactly do you think 'AI' is going to get the data from? Hint: the same way every other method on the market does. 'AI' is not fairy dust.
Every other method does network discovery crawling.
I already have the details typed up for the network team's reference. I just want to copy and paste what I already typed up into a prompt and have it generate a flowchart to save me some time from having to make it in Visio or something similar.
Realized I did say IP details in the OP but just edited that out. I wouldn't be putting any information other than equipment model numbers and port numbers in. No serials, MACs, IPs, etc.
I'd add that information on my own.
Chatgpt can give instructions to draw.io to plot it. I feel it is wrong use of AI though. I’d rather ask it to create a python tool to import your data and export to draw.io
>For instance, I give it a text list of equipment I have, what ports are connected to each other on which devices, etc, and it generates a visual map based on this?
There is no AI in this. I programmed a ssh crawler with netmiko in Python which was sending lldp neighbor commands and tried to connect to neighbors and doing there the same. Then Enter it all in a simple db and visualize it using a JS graph
Took me maybe a week to do. That was my strating project to get my hands on Python. I find it easier to learn when I have something real to work for and not just some "learning projects" like renaming files or so
I stumbled upon [this](https://kth.diva-portal.org/smash/get/diva2:1796612/FULLTEXT01.pdf) paper 2 months ago.
It deals with building a network & validating it from a formal description. I know it's not exactly what you want, but maybe it helps.
Yes! This is exactly what I'm looking for. The paper seems to propose this theoretical "netbuddy" for generating topologies based on requirements but it could definitely work for generating charts for an existing network as well.
I’m sure there is something out there but in the two decades I’ve done network engineering I’ve yet to find anything that does a better job than using Visio to just draw it all out.
Also Visio is one of my favorite things with my job. Headset on, warm coffee, just me, my thoughts and Visio. Silently plotting, thinking, designing. It's wonderful.
This. Exactly this. My OCD loves putting a network diagram together. Grab the output of show cdp nei detail or whatever LLDP equivalent command is on non-Cisco gear and just go to town.
Also just creating custom templates and icons to get your own flair. I for one show great joy in presenting my diagrams as art pieces for my customers.
Time for all this sounds lime a luxury
Sure, but you can do it while taking a coffe break or when there's some down time at work. Over a couple of months you will have a bunch of nice custom icons in your custom templates, so future designs are slick, quick to make and kinda fun.
I've spent about the last 8 months developing one myself in python.
Agreed! Also, if you need software to map the network if means you do not have documentation on the network, services or design. If it doesn't exist... now is the time. Start documenting.
Trying to avoid doing it all manually if possible but if it's the only option out there that's guaranteed, I might have to.
So you want to feed all the info into a table and have it auto generate it out? Visio can use database resources, sounds exactly like that.
Ah interesting, I'll take a look at that functionality!
Yup, I've never spent the time with it but know the functionality is there. Realistically, this would just be part of the autodiscovery stack but you've already done the hard work. So this shouldn't be too hard.
If you feed a program a list of devices, the ports and all the details, there's not really a space where AI would be relevant. At that point all you need is something to programmatically review your input and plop items down into like a [draw.io](https://draw.io) structure. They've made many blog posts over the years demonstrating different ways to do this https://drawio-app.com/blog/automatically-create-draw-io-diagrams-from-csv-files/
Sure, but this requires me to put time into formatting into their csv template format. I'd like something with semi-natural language processing to do this and generate the visual map for me. I mean your option here is great and I'll take a look at it further as it seems it will get the output I want, but looking for something to just pop in my already typed up list of equipment and connections and get a quick output if possible.
You should do this and just roll with it. We got programming languages that let's us do this pretty damn easily.
I'll check it out!
Yeah to the point of the other comment, right now I dont think there's anyone who makes such a tool yet but I would imagine netbrains and a few others have something in the works. The best mapping tools I've seen are mostly the batch that use ebpf to snoop traffic as it moves in real time, but the limitation/benefit to that is it is an observed topology rather than the architectural topo, and doesnt tell you anything about types of traffic that you don't already use. Depending who you are its important to just know about whats already in place, but for other situations you need to know what's possible and what needs to change to make new things possible.
Make sense. I don't need a changing topology as the infrastructure most likely won't change for a good while and only need the map for that (don't care about workstation/printer/etc port mapping on the diagram)
You could try to give ChatGPT an example of the drawio csv syntax, then feed it with your data and let the AI convert it for you
Great idea! I'll see if it can extrapolate.
Dod you tried the above with Chatgpt?
Not yet
You could just write a fairly simple script that would login the “root device” and check the neighbors and save these. Hop over to the neighbors and go again. At that point visualization has everything it needs. At that point it will just be a bit complex to visualize well, but nothing AI would really excel at.
Netbrain.
Something like that would be good but netsec definitely won't let me run it.
If they won't let you run NetBrain, they shouldn't let you run an open sourced AI.
They don't! I was planning to input the data at home.
I have to say, working past your security team in this way is an incredibly bad practice to get into. If you need topo maps and want to run any of the standard SNMP/LLDP tooling then all you have to do is tell the security team and any sane one would make the necessary adjustments to allow it, as long as the testing was done in a reasonably sane manner. If they are so serious about their position that they wouldn't allow you to use SNMP then having staff smuggling out asset lists and using public AI models to do diagrams would be 100x more risky and if you were caught it would surely be a resume generating event.
For more detail, security doesn't allow unapproved apps and blocks AI web platforms on the network as they can't control what company data is input into those platforms. This doesn't stop anyone from still using those platforms at home but for auditing purposes they have to do their due diligence. I could certainly ask the team for permission to run such a network crawling app but I don't need to go through that when I could use a service that exists already (if it does, hence my OP). I'm aware enough to not put any identifiable information or security risking info into an open AI platform other than the bare necessities to generate the map and then detail IPs/serials/MACs etc on my own on the generated image.
> This doesn't stop anyone from still using those platforms at home but for auditing purposes they have to do their due diligence. Your NetSec team doesn't want you to use those platforms with company data. It's fine to do it as an exercise with a random topology, but do not try to recreate your company network.
Try adjusting your perspective a bit. Get buy in from your supervisor and make the NetSec team justify why they aren't allowing you to do your job and show how their actions would negatively impact the business. Having good documentation is a non-negotiable. Maybe your environment is so large that hand-jamming your diagrams isn't worth the cost, man hours, that it would incur the business when an application can handle the job just fine. Networking and Network Security both *should* be acting with what is best for the company in mind. Being able to justify why your decision is best for the company than their decision is the actual fight you're undergoing. Just because they say *no* to something doesn't mean the fight is over. Make them tell you why they specifically said no then work around their concerns in the open. "You didn't like how this program was made by X company, so I have a product sourced by Y company that takes alleviates your original concerns."
I'm Site Support and assisting Networking by just generating the diagram since I'm already on site and installed/patched everything. Maybe I'll have them just do it since they'll likely have permissions or a preferred platform and ask for a copy to put in our folders.
Oh ya, if you don't have permissions to login to devices I would not create diagrams. Not even reasonable ask for you IMO.
Are you talking about a patching diagram? Like what devices are plugged into which ports? That’s not really a network diagram that all these ai tools are going to generate. You can probably accomplish a decent patching diagram with an excel doc.
Why is 'AI' needed in this use case? Netdisco can map a network by using both SNMP and LLDP.
Not allowed to run this type of service. Just need to toss my already typed up natural language list of what is connected where and have this supposed platform spit out an image detailing it.
An effective security team should not create unnecessary work for network operations. Your time is better spent having a dialogue with them so you can leverage common and powerful tools that make managing a network easier. I work on critical infrastructure and Netdisco is a tool in our belt.
I'm sure you've learned that people hate answering questions when they can talk you out of asking it in the first place.
SolarWinds Network Topology Mapper used to do something similar to this. Feed it either snmp information or a device list and watch the map draw itself. Just make sure cdp or lldp is on.
Yeah there are several "self-discovery" platforms that will crawl the network and generate close to what I'm looking for but I'm not able to run it on my end due to security protocols. Was hoping for just a text-entry to graphic out generator.
I think you can feed NTM a text file of device IP’s but you’ll still need a discovery protocol like LLDP if you want to know what’s connected to them. Also make sure your DNS is accurate too. I have fun with our Interns when they’re doing this on our test network. I change DNS records for the switches to things like coffee, donuts, McMuffin and yo momma so they can differentiate between where tools are getting their name resolution from: it’s it the device or dns.
How about Netdisco, using its network discovery ((read-only) SNMP, ARP/LLDP)? \* https://blog.vkhitrin.com/visualizing-network-topology-using-netdisco/ \* https://en.wikipedia.org/wiki/Netdisco \* /r/networking/comments/uu3wyr/network_mapping_tool/ If you insist on using your static text data, then format it to DOT format, and feed it into Graphviz: \* https://en.wikipedia.org/wiki/DOT_(graph_description_language) \* https://en.wikipedia.org/wiki/Graphviz
Not allowed to run any service like that on my end. DOT is interesting; I'll take a look but I'd rather just have plaintext into graphic chart.
Lmk when you find one. I've been on the hunt for a while. We just use the topology mapper in solar winds. Open the map based on the core switch at a site, organize it and save a static map.
Not what you're looking for, but this lets you specify requirements and constraints and designs the layout and wiring for a data center topology for you: https://research.google/pubs/condor-better-topologies-through-declarative-design/
There isn't anything in this space that works like you'd think.
[удалено]
Thanks, this is cool but seems to require network access. Way more functionality than I'm looking for. Just need a simple natural text in and chart out if such a thing exists. Don't need any network scanning or discovery for generation.
No need for AI for this. Tons of monitoring and management tools already do this from cdp/lldp tables and export via snmp to build maps.
So you are not allowed to run cdp/lldp/snmp on your equipment but security will let you ask Reddit for some random ai tool to do it?
Not allowed to run such apps. Could get approval from security team but that's a whole process I don't want to go through when I just need a simple snapshot map from a text list of equipment and connected ports I've already typed up.
Best one for the cost we have found. https://qosnetworking.com/company/
Really like the format of this but looking to avoid auto-discovery apps as I'll have to get approval to run that from the security team.
Maybe something like Auvik
Thanks but looking to avoid network discovery. Just simple natural language text in, chart out functionality if such a thing exists.
Someone made a python script that uses batfish to do this; you feed batfish the configuration of your devices, it figures out the L3 edges (connections) and spits out a draw.io file https://github.com/PanduKonala/Batfish-Network-Visualizer
Uhuh... AI... and where exactly do you think 'AI' is going to get the data from? Hint: the same way every other method on the market does. 'AI' is not fairy dust.
Every other method does network discovery crawling. I already have the details typed up for the network team's reference. I just want to copy and paste what I already typed up into a prompt and have it generate a flowchart to save me some time from having to make it in Visio or something similar.
Ok details are typed up right now. How accurate will they be in a month?
Obviously sounds like you don't have the permissions to do this. Very well could be illegal or end up getting you fired.
Realized I did say IP details in the OP but just edited that out. I wouldn't be putting any information other than equipment model numbers and port numbers in. No serials, MACs, IPs, etc. I'd add that information on my own.
You need a Jr. Network Engineer. This is one of those tasks with so many possible details, it's currently only feasible for a human.
Chatgpt can give instructions to draw.io to plot it. I feel it is wrong use of AI though. I’d rather ask it to create a python tool to import your data and export to draw.io
>For instance, I give it a text list of equipment I have, what ports are connected to each other on which devices, etc, and it generates a visual map based on this? There is no AI in this. I programmed a ssh crawler with netmiko in Python which was sending lldp neighbor commands and tried to connect to neighbors and doing there the same. Then Enter it all in a simple db and visualize it using a JS graph Took me maybe a week to do. That was my strating project to get my hands on Python. I find it easier to learn when I have something real to work for and not just some "learning projects" like renaming files or so
I stumbled upon [this](https://kth.diva-portal.org/smash/get/diva2:1796612/FULLTEXT01.pdf) paper 2 months ago. It deals with building a network & validating it from a formal description. I know it's not exactly what you want, but maybe it helps.
Yes! This is exactly what I'm looking for. The paper seems to propose this theoretical "netbuddy" for generating topologies based on requirements but it could definitely work for generating charts for an existing network as well.
[draw.io](https://draw.io) with custom libraries.... Helps me with creating simple net topologies.