1ba5ce851d
Features: - Automated datacenter documentation generation - MCP integration for device connectivity - Auto-remediation engine with safety checks - Multi-factor reliability scoring (0-100%) - Human feedback learning loop - Pattern recognition and continuous improvement - Agentic chat support with AI - API for ticket resolution - Frontend React with Material-UI - CI/CD pipelines (GitLab + Gitea) - Docker & Kubernetes deployment - Complete documentation and guides v2.0 Highlights: - Auto-remediation with write operations (disabled by default) - Reliability calculator with 4-factor scoring - Human feedback system for continuous learning - Pattern-based progressive automation - Approval workflow for critical actions - Full audit trail and rollback capability
404 lines
12 KiB
Markdown
404 lines
12 KiB
Markdown
# 02 - Networking
|
|
|
|
**Ultimo Aggiornamento**: [DATA_AGGIORNAMENTO]
|
|
**Versione Documento**: [VERSIONE]
|
|
**Responsabile**: [NOME_RESPONSABILE]
|
|
|
|
---
|
|
|
|
## 1. Architettura di Rete
|
|
|
|
### 1.1 Topologia Generale
|
|
```
|
|
[DIAGRAMMA_ASCII_TOPOLOGIA_RETE]
|
|
```
|
|
|
|
### 1.2 Segmentazione Rete
|
|
- **Core Layer**: [DESCRIZIONE_TECNOLOGIA]
|
|
- **Distribution Layer**: [DESCRIZIONE_TECNOLOGIA]
|
|
- **Access Layer**: [DESCRIZIONE_TECNOLOGIA]
|
|
- **DMZ**: [SI/NO] - [N] zone
|
|
- **Management Network**: [SUBNET]
|
|
|
|
---
|
|
|
|
## 2. Switch Core e Distribution
|
|
|
|
### 2.1 Inventario Switch Core
|
|
| Hostname | Marca/Modello | Ruolo | Management IP | Porte | Uplink | Firmware | Posizione |
|
|
|----------|---------------|-------|---------------|-------|--------|----------|-----------|
|
|
| [HOSTNAME] | [VENDOR/MODEL] | [CORE/DIST] | [IP] | [N] | [TIPO/SPEED] | [VERSION] | [RACK-U] |
|
|
|
|
### 2.2 Configurazione Ridondanza
|
|
- **Protocollo**: [VRRP/HSRP/STACKING/MC-LAG]
|
|
- **Topology**: [RING/MESH/STAR]
|
|
- **Link Aggregation**: [LACP/STATIC]
|
|
- **Failover Time**: < [SECONDI]s
|
|
|
|
### 2.3 Spanning Tree
|
|
- **Protocollo**: [STP/RSTP/MSTP]
|
|
- **Root Primary**: [SWITCH_ID]
|
|
- **Root Secondary**: [SWITCH_ID]
|
|
- **Protezioni Attive**: [BPDU_GUARD/ROOT_GUARD/LOOP_GUARD]
|
|
|
|
---
|
|
|
|
## 3. Switch Access
|
|
|
|
### 3.1 Inventario Switch Access
|
|
| Hostname | Modello | Management IP | Porte | PoE | Stack | Posizione | Uplink a |
|
|
|----------|---------|---------------|-------|-----|-------|-----------|----------|
|
|
| [HOSTNAME] | [MODEL] | [IP] | [N] | [W] | [MEMBER] | [RACK-U] | [DIST_SW] |
|
|
|
|
### 3.2 Standard Configurazione Access
|
|
- **VLAN Management**: [VLAN_ID]
|
|
- **VLAN Nativa**: [VLAN_ID]
|
|
- **Porta di Default**: [VLAN/SHUTDOWN]
|
|
- **Port Security**: [ENABLED/DISABLED]
|
|
- **DHCP Snooping**: [ENABLED/DISABLED]
|
|
|
|
---
|
|
|
|
## 4. VLAN e Subnetting
|
|
|
|
### 4.1 Piano VLAN
|
|
| VLAN ID | Nome | Subnet | Gateway | Scopo | ACL | DHCP |
|
|
|---------|------|--------|---------|-------|-----|------|
|
|
| [ID] | [NOME] | [SUBNET] | [IP] | [DESCRIZIONE] | [ACL_ID] | [SI/NO] |
|
|
|
|
### 4.2 Inter-VLAN Routing
|
|
- **Metodo**: [ROUTER-ON-STICK/L3-SWITCH/FIREWALL]
|
|
- **Device**: [HOSTNAME]
|
|
- **Protocollo Routing**: [STATIC/OSPF/BGP]
|
|
|
|
### 4.3 Piano di Indirizzamento IP
|
|
| Rete | Range | Utilizzo | Allocati | Disponibili | Note |
|
|
|------|-------|----------|----------|-------------|------|
|
|
| [SUBNET] | [RANGE] | [SCOPO] | [N] | [N] | [NOTE] |
|
|
|
|
---
|
|
|
|
## 5. Routing
|
|
|
|
### 5.1 Router e Firewall
|
|
| Hostname | Tipo | Marca/Modello | Management IP | WAN IP | LAN IP | Throughput | Posizione |
|
|
|----------|------|---------------|---------------|--------|--------|------------|-----------|
|
|
| [HOSTNAME] | [ROUTER/FW/UTM] | [VENDOR/MODEL] | [IP] | [IP] | [IP] | [GBPS] | [RACK-U] |
|
|
|
|
### 5.2 Protocolli di Routing
|
|
| Protocollo | Area/AS | Router | Reti Annunciate | Neighbors | Stato |
|
|
|------------|---------|--------|-----------------|-----------|-------|
|
|
| [OSPF/BGP/STATIC] | [ID] | [HOSTNAME] | [N] | [N] | [UP/DOWN] |
|
|
|
|
### 5.3 Route Statiche Critiche
|
|
| Destinazione | Next Hop | Metric | Interfaccia | Scopo |
|
|
|--------------|----------|--------|-------------|-------|
|
|
| [NETWORK] | [IP] | [N] | [IF] | [DESCRIZIONE] |
|
|
|
|
---
|
|
|
|
## 6. Firewall e Sicurezza
|
|
|
|
### 6.1 Configurazione Firewall
|
|
- **Marca/Modello**: [VENDOR/MODEL]
|
|
- **Versione Software**: [VERSION]
|
|
- **Modalità**: [ROUTED/TRANSPARENT]
|
|
- **High Availability**: [ACTIVE-PASSIVE/ACTIVE-ACTIVE]
|
|
- **Throughput**: [GBPS] Gbps
|
|
- **Concurrent Sessions**: [N]
|
|
|
|
### 6.2 Zone di Sicurezza
|
|
| Zona | Trust Level | Interfacce | Reti | Policy Default |
|
|
|------|-------------|------------|------|----------------|
|
|
| [ZONA] | [0-100] | [IF_LIST] | [SUBNET] | [ALLOW/DENY] |
|
|
|
|
### 6.3 Regole Firewall Principali
|
|
| ID | Nome | Source | Destination | Servizio | Azione | Log | Hit Count |
|
|
|----|------|--------|-------------|----------|--------|-----|-----------|
|
|
| [ID] | [NOME] | [SRC] | [DST] | [SERVICE] | [ALLOW/DENY] | [SI/NO] | [N] |
|
|
|
|
### 6.4 NAT Configuration
|
|
| Tipo | Original IP | Translated IP | Servizio | Scopo |
|
|
|------|-------------|---------------|----------|-------|
|
|
| [SNAT/DNAT/PAT] | [IP] | [IP] | [SERVICE] | [DESCRIZIONE] |
|
|
|
|
### 6.5 IPS/IDS
|
|
- **Sistema**: [VENDOR/MODEL]
|
|
- **Modalità**: [IPS/IDS/HYBRID]
|
|
- **Signature Set**: [VERSION] - Update: [FREQUENCY]
|
|
- **Policy**: [BALANCED/SECURITY/CONNECTIVITY]
|
|
- **False Positive Rate**: [PERCENTUALE]%
|
|
|
|
---
|
|
|
|
## 7. VPN
|
|
|
|
### 7.1 VPN Site-to-Site
|
|
| Nome | Remote Gateway | Local Subnet | Remote Subnet | Protocol | Encryption | Status |
|
|
|------|----------------|--------------|---------------|----------|------------|--------|
|
|
| [NOME] | [IP/FQDN] | [SUBNET] | [SUBNET] | [IPSEC/GRE] | [ALGORITHM] | [UP/DOWN] |
|
|
|
|
### 7.2 VPN Remote Access
|
|
- **Sistema**: [VENDOR/MODEL]
|
|
- **Protocollo**: [SSL-VPN/IPSEC]
|
|
- **Licenze**: [N] concurrent users
|
|
- **Utilizzo Medio**: [N] users
|
|
- **Picco Utilizzo**: [N] users - [DATA]
|
|
- **MFA Richiesta**: [SI/NO]
|
|
|
|
### 7.3 Policy VPN
|
|
| Gruppo | Split Tunnel | Route Pushed | DNS Pushed | Timeout | Rekeying |
|
|
|--------|--------------|--------------|------------|---------|----------|
|
|
| [GRUPPO] | [SI/NO] | [ROUTES] | [DNS_IPs] | [MIN] | [SEC] |
|
|
|
|
---
|
|
|
|
## 8. Load Balancing
|
|
|
|
### 8.1 Load Balancer
|
|
| Hostname | Tipo | Marca/Modello | VIP Managed | Throughput | HA Status | Posizione |
|
|
|----------|------|---------------|-------------|------------|-----------|-----------|
|
|
| [HOSTNAME] | [L4/L7/ADC] | [VENDOR/MODEL] | [N] | [GBPS] | [MASTER/BACKUP] | [RACK-U] |
|
|
|
|
### 8.2 Virtual Server Configuration
|
|
| Nome | VIP | Protocol | Port | Pool | Persistence | Health Check | Status |
|
|
|------|-----|----------|------|------|-------------|--------------|--------|
|
|
| [NOME] | [IP] | [TCP/UDP/HTTP] | [PORT] | [POOL_NAME] | [TYPE] | [METHOD] | [UP/DOWN] |
|
|
|
|
### 8.3 Server Pool
|
|
| Pool Name | Membri | Algoritmo | Health Check | Active Members | Traffico (Mbps) |
|
|
|-----------|--------|-----------|--------------|----------------|-----------------|
|
|
| [NOME] | [N] | [ALGORITHM] | [TYPE] | [N] | [MBPS] |
|
|
|
|
---
|
|
|
|
## 9. DNS e DHCP
|
|
|
|
### 9.1 DNS Servers
|
|
| Hostname | IP | Tipo | Zone Gestite | Queries/sec | Uptime | Cache Hit Rate |
|
|
|----------|-------|------|--------------|-------------|--------|----------------|
|
|
| [HOSTNAME] | [IP] | [AUTH/RECURSIVE] | [N] | [N] | [%] | [%] |
|
|
|
|
### 9.2 Zone DNS Principali
|
|
| Zona | Tipo | Master | Records | DNSSEC | Ultima Modifica |
|
|
|------|------|--------|---------|--------|-----------------|
|
|
| [ZONE] | [MASTER/SLAVE] | [IP] | [N] | [SI/NO] | [DATA] |
|
|
|
|
### 9.3 DHCP Servers
|
|
| Hostname | IP | Scope Gestiti | Lease Time | Total Addresses | Allocated | Disponibili |
|
|
|----------|-----|---------------|------------|-----------------|-----------|-------------|
|
|
| [HOSTNAME] | [IP] | [N] | [TIME] | [N] | [N] | [N] |
|
|
|
|
### 9.4 DHCP Scopes
|
|
| Scope | Range | VLAN | Gateway | DNS | Options | Utilizzo % |
|
|
|-------|-------|------|---------|-----|---------|-----------|
|
|
| [NOME] | [RANGE] | [VLAN] | [IP] | [IPs] | [OPTIONS] | [%] |
|
|
|
|
---
|
|
|
|
## 10. Wireless (se presente)
|
|
|
|
### 10.1 Controller Wireless
|
|
- **Sistema**: [VENDOR/MODEL]
|
|
- **Management IP**: [IP]
|
|
- **AP Gestiti**: [N]
|
|
- **Utenti Concorrenti Max**: [N]
|
|
- **Versione Firmware**: [VERSION]
|
|
|
|
### 10.2 Access Point
|
|
| Nome | Modello | Management IP | Location | SSID Broadcast | Clients | Channel | Power |
|
|
|------|---------|---------------|----------|----------------|---------|---------|-------|
|
|
| [NOME] | [MODEL] | [IP] | [LOC] | [N] | [N] | [CH] | [dBm] |
|
|
|
|
### 10.3 SSID Configuration
|
|
| SSID | VLAN | Security | Authentication | Encryption | Max Users | Hidden |
|
|
|------|------|----------|----------------|------------|-----------|--------|
|
|
| [NOME] | [VLAN] | [WPA2/WPA3] | [PSK/802.1X] | [AES] | [N] | [SI/NO] |
|
|
|
|
---
|
|
|
|
## 11. Network Monitoring e Management
|
|
|
|
### 11.1 Network Management System
|
|
- **Sistema**: [VENDOR/PRODUCT]
|
|
- **Management IP**: [IP]
|
|
- **Device Monitorati**: [N]
|
|
- **Retention Dati**: [GIORNI] giorni
|
|
- **Polling Interval**: [SECONDI]s
|
|
|
|
### 11.2 SNMP Configuration
|
|
- **Versione**: [V2C/V3]
|
|
- **Community String**: [MASKED/REFERENCE]
|
|
- **Trap Destination**: [IP]
|
|
- **OID Monitorati**: [LISTA_PRINCIPALI]
|
|
|
|
### 11.3 NetFlow/sFlow
|
|
- **Protocollo**: [NETFLOW/SFLOW/IPFIX]
|
|
- **Collector**: [IP]
|
|
- **Sampling Rate**: 1:[N]
|
|
- **Retention**: [GIORNI] giorni
|
|
|
|
### 11.4 Syslog
|
|
- **Syslog Server**: [IP]
|
|
- **Facility**: [LOCAL0-7]
|
|
- **Severity Level**: [LEVEL]
|
|
- **Retention**: [GIORNI] giorni
|
|
- **Storage Utilizzato**: [GB]
|
|
|
|
---
|
|
|
|
## 12. QoS (Quality of Service)
|
|
|
|
### 12.1 Policy QoS
|
|
| Nome Policy | Traffic Class | DSCP | Priority | Bandwidth | Applicata su |
|
|
|-------------|---------------|------|----------|-----------|--------------|
|
|
| [NOME] | [CLASS] | [VALUE] | [0-7] | [MBPS/%] | [INTERFACES] |
|
|
|
|
### 12.2 Traffic Shaping
|
|
- **Metodo**: [POLICING/SHAPING]
|
|
- **Queueing**: [FIFO/WFQ/CBWFQ]
|
|
- **Congestion Avoidance**: [WRED/TAIL-DROP]
|
|
|
|
---
|
|
|
|
## 13. Network Access Control
|
|
|
|
### 13.1 Sistema NAC
|
|
- **Soluzione**: [VENDOR/PRODUCT]
|
|
- **Authentication**: [802.1X/MAC/HYBRID]
|
|
- **RADIUS Server**: [IP]
|
|
- **Porte Monitorate**: [N]
|
|
|
|
### 13.2 Profili NAC
|
|
| Profilo | Autenticazione | VLAN Assegnata | Restrizioni | Dispositivi |
|
|
|---------|----------------|----------------|-------------|-------------|
|
|
| [NOME] | [METODO] | [VLAN] | [DESCRIZIONE] | [N] |
|
|
|
|
---
|
|
|
|
## 14. SD-WAN (se presente)
|
|
|
|
### 14.1 Architettura SD-WAN
|
|
- **Soluzione**: [VENDOR/PRODUCT]
|
|
- **Controller**: [IP/CLOUD]
|
|
- **Edge Devices**: [N]
|
|
- **WAN Links**: [N]
|
|
|
|
### 14.2 Policy SD-WAN
|
|
| Policy | Applicazione | Link Primario | Link Secondario | Failover Threshold | SLA Monitor |
|
|
|--------|--------------|---------------|-----------------|-------------------|-------------|
|
|
| [NOME] | [APP] | [LINK] | [LINK] | [METRIC] | [LATENCY/LOSS] |
|
|
|
|
---
|
|
|
|
## 15. Banda e Traffico
|
|
|
|
### 15.1 Utilizzo Banda Internet
|
|
- **Banda Totale**: [MBPS] Mbps
|
|
- **Utilizzo Medio**: [MBPS] Mbps ([%]%)
|
|
- **Picco Utilizzo**: [MBPS] Mbps - [DATA/ORA]
|
|
- **Top Talkers**: [LISTA]
|
|
|
|
### 15.2 Traffico Interno
|
|
- **Core-to-Core**: [GBPS] Gbps avg
|
|
- **North-South**: [GBPS] Gbps avg
|
|
- **East-West**: [GBPS] Gbps avg
|
|
|
|
---
|
|
|
|
## 16. Backup Configurazioni
|
|
|
|
### 16.1 Sistema di Backup
|
|
- **Metodo**: [TFTP/SCP/GIT/AUTOMATED]
|
|
- **Frequenza**: [GIORNALIERO/SETTIMANALE]
|
|
- **Retention**: [N] versioni / [GIORNI] giorni
|
|
- **Location**: [PATH/SERVER]
|
|
|
|
### 16.2 Ultimo Backup
|
|
| Device | Ultimo Backup | Config Version | Metodo | Status |
|
|
|--------|---------------|----------------|--------|--------|
|
|
| [HOSTNAME] | [DATA/ORA] | [VERSION] | [METODO] | [SUCCESS/FAIL] |
|
|
|
|
---
|
|
|
|
## 17. Change Management
|
|
|
|
### 17.1 Maintenance Window
|
|
- **Giorno**: [GIORNO_SETTIMANA]
|
|
- **Orario**: [HH:MM] - [HH:MM]
|
|
- **Approval Process**: [DESCRIZIONE]
|
|
|
|
### 17.2 Ultimi Cambiamenti
|
|
| Data | Ticket | Descrizione | Device | Eseguito da | Esito |
|
|
|------|--------|-------------|--------|-------------|-------|
|
|
| [DATA] | [ID] | [DESC] | [DEVICE] | [NOME] | [SUCCESS/ROLLBACK] |
|
|
|
|
---
|
|
|
|
## 18. Network Security Posture
|
|
|
|
### 18.1 Vulnerability Assessment
|
|
- **Ultimo Scan**: [DATA]
|
|
- **Tool Utilizzato**: [TOOL]
|
|
- **Vulnerabilità Critiche**: [N]
|
|
- **Vulnerabilità Alte**: [N]
|
|
- **Remediation ETA**: [DATA]
|
|
|
|
### 18.2 Patch Level
|
|
| Device Type | Vendor | Current Version | Latest Version | EOL Date | Upgrade Planned |
|
|
|-------------|--------|-----------------|----------------|----------|-----------------|
|
|
| [TYPE] | [VENDOR] | [VERSION] | [VERSION] | [DATA] | [DATA] |
|
|
|
|
---
|
|
|
|
## 19. Documentazione Tecnica
|
|
|
|
### 19.1 Diagrammi Disponibili
|
|
- [X] Topologia Fisica
|
|
- [X] Topologia Logica
|
|
- [X] VLAN Design
|
|
- [X] IP Addressing Plan
|
|
- [X] Rack Elevations (Network devices)
|
|
|
|
### 19.2 Procedure Standard
|
|
- [X] Router/Switch Configuration Standard
|
|
- [X] VLAN Creation Procedure
|
|
- [X] Firewall Rule Request Process
|
|
- [X] Network Troubleshooting Runbook
|
|
|
|
---
|
|
|
|
## 20. Performance Metrics
|
|
|
|
### 20.1 KPI Rete
|
|
| Metrica | Target | Valore Attuale | Trend | Note |
|
|
|---------|--------|----------------|-------|------|
|
|
| Uptime % | [TARGET] | [CURRENT] | [↑/↓/→] | [NOTE] |
|
|
| Latenza Media (ms) | [TARGET] | [CURRENT] | [↑/↓/→] | [NOTE] |
|
|
| Packet Loss % | [TARGET] | [CURRENT] | [↑/↓/→] | [NOTE] |
|
|
| Jitter (ms) | [TARGET] | [CURRENT] | [↑/↓/→] | [NOTE] |
|
|
|
|
### 20.2 Incidenti Rete (Ultimi 30gg)
|
|
| Data | Durata | Servizi Impattati | Root Cause | Azioni Correttive |
|
|
|------|--------|-------------------|------------|-------------------|
|
|
| [DATA] | [MIN] | [SERVIZI] | [CAUSA] | [AZIONI] |
|
|
|
|
---
|
|
|
|
## 21. Contatti e Escalation
|
|
|
|
### 21.1 Network Team
|
|
| Ruolo | Nome | Telefono | Email | Disponibilità |
|
|
|-------|------|----------|-------|---------------|
|
|
| [RUOLO] | [NOME] | [TEL] | [EMAIL] | [SCHEDULE] |
|
|
|
|
### 21.2 Vendor Support
|
|
| Vendor | Prodotto | Contract Level | Phone | Portal | TAC Access |
|
|
|--------|----------|----------------|-------|--------|------------|
|
|
| [VENDOR] | [PRODUCT] | [LEVEL] | [PHONE] | [URL] | [CASE_ID] |
|
|
|
|
---
|
|
|
|
**Token Utilizzati**: [CONTEGGIO_APPROSSIMATIVO]
|
|
**Prossimo Aggiornamento Previsto**: [DATA]
|