Network diagrams are not only handy to have, but provide a vital look at the network topology for your team, your company, and your peace of mind. Drawing a good network diagram isn’t hard to make, but it can be distressingly rare. Even network engineers with years of experience often draw network diagrams that are jumbled and hard to understand.
We’ll take a look at what a network diagram is and why it’s so important, along with providing you some network diagram examples and steps to following when drawing your own.
Let’s get started!
What is a network diagram?
A network diagram is, simply put, a schematic or map of your existing network that illustrates the nodes and their connections. Network diagrams are very useful at mapping out your elements and device interactions, as well as illustrating different network topology types.
You can map your network manually using pencil and paper, or with a drawing program like Visio. You might also use automated software tools to help you. It’s a lot easier with software tools like Auvik, which can provide powerful network topologies that update in real-time.
If you’re new to networking, you’re probably adopting an existing network that’s already deployed. You’ve probably discovered that the network is there to support your end users’ connectivity to applications and resources that they need to be productive. It might involve an internet connection, a firewall, switches, and end-user devices. In many organizations, there could be a separate person responsible for each of these areas.
Everything you need to know about network topology
From network layers and components to segmentation to step-by-step instructions for drawing every layer.
Physical network diagrams vs. logical network diagrams
Network diagrams come in different shapes and sizes, but can generally be classified as either a physical network diagram or a logical network diagram. It’s important to recognize the difference between these two diagram types, as they communicate different information.
When talking about network topology, we’re mostly interested in the bottom few layers of the OSI model.
Layer 1 is the physical layer of the OSI model. For network design purposes, this means the things you can touch: the cables and the equipment. But it technically also includes the electrical and optical signaling properties. Layer 1 defines the properties of the cables that are necessary to carry the signals. Layer 1 also worries about wireless signaling used.
As network designers, we need to make sure we get the right cables to the right places and watch out for distance limitations. And of course, we need to make sure the right devices are physically connected to one another.
So when looking at physical network diagrams, you will often see devices like firewalls, switches, routers, and access points, along with a representation of the physical connections between them.
Layer 2 is the logical layer of the OSI model. Logical network diagrams represent network topologies at higher levels. For example, Layer 3 network diagrams depict routing paths, including static routes, and may indicate BGP peers. While some logical diagrams do include physical attributes, it’s not a requirement, and many logical network diagrams exclude items like physical link details, and occasionally even whole groups of devices, like underlying switch infrastructure.
The importance of a network diagram
As a network administrator responsible for the network, it’s important you have a detailed understanding of your network topology. Without this information, even basic troubleshooting can be unnecessarily difficult. You’ll find that troubleshooting is much easier if you have detailed and up-to-date network documentation.
The important thing is to be clear in your mind about what information you’re trying to convey. It’s better to draw several diagrams that show different aspects of the same network than to try to put everything on one sheet of paper.
How network diagrams can benefit organizations
There are several positive benefits from creating and maintaining good network diagrams.
First, network diagrams are a critical part of any change management process. If you ever need to change anything, like adding a new switch or a new link to a remote office, you’ll need good documentation to understand how the traffic will flow through these new pieces of the network. This will help ensure the new network is stable and efficient.
Second, network diagrams are a key piece of documentation required for compliance. Auditors, such as those for PCI compliance, always want to see that you’ve accurately documented and diagramed your network topology. Specifically, they need to know where the firewalls, switches, and server resources are, and all the different ways that someone could get into the network.
If you ever need to submit this kind of information to an external audit, or if there were ever a serious problem with your network and you needed to defend the design to management or bring in external consultants, having good and current diagrams will always help your case.
Finally, network diagrams are a valuable component of any network troubleshooting process. When you’re faced with a “network is slow” or “network is down” problem, whether reported by a user or noticed by your network management software, having updated network diagrams allows you to immediately understand the context behind the issue. This includes what servers, applications, and users may be impacted, along with the relevant network devices along the logical and physical paths to help direct and accelerate your troubleshooting.
Good network diagrams are not difficult to make but can be a time-suck due to the commitment required to discover and inventory all of the assets in the network. Because of this, up-to-date and accurate network diagrams are a rare find.
Auvik is a particularly useful tool for automated network mapping. It does a comprehensive job of laying out your network topology with endpoint-level visibility, far deeper than most other systems and manual topology maps. Reacting to network changes as they happen, Auvik’s network topology maps ensure you always have the up-to-date network topology at your fingertips.
Understanding network diagram symbols
There are some useful shorthand symbols you can use when creating network diagrams. While there aren’t any universal rules, here’s a list of general best practices to help you accurately communicate networking ideas with colleagues, particularly useful for drawing network topologies on a whiteboard:
- Draw Layer 3 network devices as circles.
- Draw Layer 2 devices as rectangles.
- Triangles represent multiplexer devices, which used to be more common in network diagrams. So instead, try using triangles for IP phones.
- Everything else can be represented as a square or a rectangle, intended to represent a generic box.
Each symbol can also have a specific marking within it that indicates exactly which type of device it is. If you’re creating network diagrams using a drawing program, or your map is being automatically generated by a software tool, the symbols will be much more elaborate. But when these figures are drawn on a whiteboard, you can use simple symbols such as an X for a router or > for a firewall.
Here’s a table covering some of the most widely used symbols as they appear if you were to hand draw them, use a drawing program like Visio, and how we represent them in Auvik.
Network diagram symbols and icons
- Cloud. Clouds are used to summarize parts of the network that aren’t important for the diagram. This could mean the Internet or a WAN or even a collection of internal network segments like user VLANs.
- Firewall. In software-generated or very detailed diagrams, a firewall is typically represented with a brick wall, to denote that it is a stop or checkpoint in your network data flow.
- Terminal. Can be represented by a variety of end-user systems, but is typically represented by a computer.
- Switch. As a Layer 2 object, switches are represented by crossed arrows, denoting the flow of data and the “switching” taking place between devices. Note: while a router and a Layer 3 switch can perform similar functions, it’s important to distinguish a device doing the Layer 3 routing, so it would not be represented by a switch symbol.
- Bridge. A representation similar to a physical road bridge is often used to represent a networking bridge.
- Server. Traditionally represented by a computer tower, a server is noted on a diagram as a node with data flowing towards other sources on the network.
- Router. Routers can be represented by a variety of objects, but are usually rendered as boxes into which data enters and is distributed out through multiple destinations. A layer 3 switch can also use a similar symbol if it is providing a similar function as a router.
- Peripheral device. The term peripheral device refers to all hardware components that are attached to a computer, such as a mouse, keyboard, or USB drive, and are represented by a symbol that matches their specific function.
- Mainframe. A mainframe computer is legacy computer architecture used primarily by large organizations for a critical line of business applications and bulk data processing.
- Hub. Similar to a switch, a hub can be represented as any network hardware device for connecting multiple Ethernet devices together and making them act as a single network segment.
5 types of network topologies
If you’ve ever studied the history of networking, you’re likely familiar with many of the following network topologies. When designing a network today, realize that many of the following topologies, such as a ring and bus topologies, are no longer considered an efficient way of architecting a network.
1. Ring topology
Features three or more interconnected switches. Each switch in a ring topology is connected to two neighboring switches, one upstream, the other downstream. The last switch is connected back to the first to form a circle (or ring). Any one device or link can fail without disrupting connectivity for any of the others.
2. Bus topology
With a single transmission line for all nodes, bus topology is the simplest kind of topology in which a common channel (or bus) is used for communication in the network.
3. Star topology
A network topology in which all the nodes are connected to a centralized hub. These networks scale very well because you can increase the size of the hub by creating a ring of hub routers as the routing core.
4. Mesh topology
A computer network topology in which nodes connect directly, dynamically, and non-hierarchically to as many other nodes as possible and cooperate to efficiently route data. Mesh networks dynamically self-organize and self-configure, which can reduce installation overhead.
5. Tree topology
A combination of bus and star topologies, a computer network topology in which all nodes are directly or indirectly connected to the main cable.
Network diagram examples
From software to hand-drawn, there are many ways to draw a network diagram. Here are a few examples.
Things to keep in mind when drawing a network diagram
The important thing is to be clear in your own mind about what information you’re trying to convey. It’s better to draw several diagrams that show different aspects of the same network than to try to put everything on one sheet of paper.
Start by separating network diagrams by network protocol layers. In more complicated networks, I recommend adding diagrams showing traffic flows, routing protocol distribution mechanisms, VPNs, and other important aspects of the network design.
It’s important to draw each of these as separate pictures because they show different things. Combining them only confuses the information and makes the drawing harder to understand.
Typically you’ll be deploying the network to support some sort of application. And that will involve some client and server devices. It might involve an internet connection and perhaps some firewalls. In a large organization, there could be a separate person responsible for each of these areas, which is when a whiteboard might be a useful place to start.
Everything you need to know about network topology
From network layers and components to segmentation to step-by-step instructions for drawing every layer.
How to make a network diagram
Remember that you’re going to do each layer separately, as we talked about in the above section. I always start with Layer 3 diagrams and work my way down.
Drawing Layer 3 diagrams
Our Layer 3 diagram shows the IP subnets and all Layer 3 network devices like routers, firewalls, and load balancers. The Layer 3 diagram must show all of the important network segments and subnets and how they’re interconnected.
The layout is important. I like to show the layout so that it represents the flow of traffic in a broad sense. For example, if I have a bunch of servers being accessed by a group of users, I’ll try to put the user network segments on one side of the picture and the servers on the other side.
Similarly, if I want to show how a LAN connects to external networks like the Internet, I group the external networks all on one side or at the top of the picture.
Or, if the point of the picture is to show a WAN with a large number of remote offices connecting to the same network, I’d probably show the connecting WAN in the middle of the picture and the various remote sites around the edge of the page.
Another layout consideration is to always draw your network segments either horizontally or vertically. The only time I use a combination of vertical and horizontal is when I want to show a fundamental difference between the functions of the segments.
For example, I might draw all of my workstation and server segments horizontally but then draw a special common network management segment vertically down one side of the page. This makes it immediately obvious that the management segment is special.
The Layer 3 diagram should show any high availability mechanisms and redundant network components or redundant paths. It’s customary to show router redundancy protocols as an elongated ellipse that covers the router links included in the high availability group.
The other important thing about Layer 3 diagrams is that they should only include Layer 3 objects. I don’t want to see switches in a Layer 3 diagram, for example. I don’t want to see any kind of indication of trunk links on a Layer 3 diagram either.
You can show a switch on a Layer 3 diagram only if it’s a Layer 3 switch, and then only because it functions as a router. Including Layer 2 objects like a switch in a Layer 3 diagram is confusing, particularly in more complicated pictures.
Another useful thing to put into a Layer 3 diagram is organizational boxes. If there are security zones or interesting groupings of users by function or servers by application, put them together on the picture, put a box around them, and label the box clearly. It’s then easy to see the exact network path those users take to reach their servers.
Drawing Layer 2 diagrams
Layer 2 diagrams show Layer 2 objects like switches and trunks. They include critical information like which VLANs are included in which trunks and they show spanning-tree parameters like bridge priorities and port costs. In many cases, this is too much information to show easily, so I generally use callout boxes to hold some of the information.
Unlike Layer 3 pictures, Layer 2 diagrams don’t need to be laid out in any special way. The most important thing is to keep the picture clear.
If two devices are intended to provide redundancy for one another, then their positions on the page should be related. They should either be located beside one another or in parallel locations on opposite sides of the picture.
If there are different link speeds, they should be indicated in the diagram. I usually show link speed with the thickness of my diagram’s connecting lines. The faster the link, the thicker the line.
Sometimes I also use color to indicate special properties of different physical links. For example, I might make fiber optic cables red and copper cables blue. (Technically the cable type is Layer 1 information, but because it doesn’t tend to cause confusion in the picture, it’s alright to include it in your Layer 2 diagram.)
Drawing Layer 1 diagrams
I usually use Layer 1 diagrams to show physical connections between devices, but they’re also useful for showing cabinet layouts.
Layer 1 diagrams should show port numbers and indicate cable types. In a network that includes many different types of cables, such as fiber optic cables, Category 5/6/7 copper cabling, and so forth, it’s useful to give each cable type a different color.
If there are patch panels, particularly if you want to document how patch panel ports map to device locations and switch port numbers, this information belongs on the Layer 1 diagram.
And if there are different link speeds, you might want to give them different line weights, as described previously for Layer 2 diagrams.
Another type of diagram that’s often useful in data center designs is a cabinet layout. It’s a diagram that shows exactly what you would see when looking at the front (and sometimes also the back) of the cabinet. A cabinet layout is helpful when you need to tell a remote technician how to find a certain piece of equipment.
Drawing combined-layer diagrams
There’s one very special type of diagram in which it’s possible to combine Layer 2 and 3 in a single picture. Such a combined diagram is sometimes useful if you have combined Layer 2 and 3 switches and you need to show the relationship between these layers.
A combined diagram is sometimes useful if you have combined Layer 2 and 3 switches and you need to show the relationship between these layers.
A combined-layer view is also useful when thinking about things like HSRP configuration. Which switch will be the default gateway for each VLAN? And, related to this, will the packets from A to B take the same path as the packets from B to A? None of these details appear in the pure Layer 2 or the pure Layer 3 picture.
Instead, we show the relationship in a combined-layer diagram by drawing boxes for the Layer 2 switch with the VLANs inside it, connected to the Layer 3 router, also inside the switch. The VLANs are connected to trunk interfaces to another Layer 2/3 switch.
Note that while this diagram can show the interaction between the layers, it doesn’t make either the Layer 2 or Layer 3 network design terribly clear. I’d actually draw all three as separate diagrams, each showing a different important aspect of the network design.
Follow these guidelines and you’ll be setting yourself up for drawing network diagrams that are easy-to-read, and easy to share. To help summarize, we’ve included a handy infographic below.
Thank you very much for the advices
and the ebook!
You’re very welcome, Dominic. Glad you found them helpful.
Nice book
Now i understand, how to amake my diagrams,
thanks a lot
As a cable dog I say thank you from the bottom of my heart. This will save you money, time, and heart ache I am adding this to my curriculum for my presentation on best practices for the physical layer of the network.
Awesome! So glad you found the info helpful.
This is fantastic advice. It helped me with rudimentary concepts that I skipped b/c diagrams were needed immediately. Your eBook is phenomenal. It is now my Bible. It clearly explains Networking concepts. Great Job!
Glad you found the blog post and ebook helpful, Trina! Thank you for the feedback.
Excellent to the point explanations! Love it!
I am curious to what Ebook people are referring? Is it “Designing Large-Scale LANs”? or did i miss something entirely.
Hi Chris. This article was written in 2015, so unfortunately they are likely referring to an ebook we no longer offer. I’ve taken a look and don’t see anything in our current list of ebooks and reports that might relate, beyond “The No-Sweat Guide to Managing Network Switches”. Which you can download here: https://www.auvik.com/franklyit/reports/no-sweat-network-topology/
Great article Kevin. I hope to glean from the information and apply it to future roles.
Regards,
Carleton
Yes, but showing “hand drawn diagram”.
Is not important to have mid clouds firewalls – regarding to the employment tree which usually is dividing access.
Same as should not there be totally separate line between storage place of data that is being sent to the printer.
Storage that could be used as a backup in case of leak offs’
In my point of view building UI and all the infrastructure these points are quite important.
Exempel is app that ground level employee could see what supervisor is doing during day same as looking into history of his tasks…
Sincerely
LW