IP address roles
98 views
Skip to first unread message
Wolf
Dec 27, 2019, 5:45:26 AM12/27/19
to NetBox
We are trying to use netbox to document our devices like loadbalancers and firewalls including IPs and would like to assign correct 'IP address roles'
However, there is no way to create custom roles, which would be great but was rejected in https://github.com/netbox-community/netbox/issues/1904
In our case we are dealing with F5 loadbalancers in HA setups
each loadbalancer has its own IP called 'selfip' for each vlan interface
additionally there are selfips which are active only on the active member of a traffic group (let's call those 'floating'), like HSRP
On top there are the virtual server IPs that can be created on the devices
Our plan/wish is to define the loadbalancers and add the selfips as interface IPs to each vlan on the LBs
Then create a virtual chassis and add the virtual server IPs and 'floating' IPs to the chassis
this would look like this in the 'IP addresses' import:
address,status,device,interface_name,role,description
172.16.1.1/32,Active,netbox-lb1,vlan1,,
172.16.1.2/32,Active,netbox-lb1-1,vlan1,,
172.16.1.3/32,Active,netbox-lb1-2,vlan1,,
172.16.2.1/32,Active,netbox-lb1,vlan2,,
172.16.2.2/32,Active,netbox-lb1-1,vlan2,,
172.16.2.3/32,Active,netbox-lb1-2,vlan2,,
172.16.1.11/32,Active,netbox-lb1,vlan1,VIP,virtualserver1
172.16.1.12/32,Active,netbox-lb1,vlan1,VIP,virtualserver2
172.16.2.11/32,Active,netbox-lb1,vlan1,VIP,virtualserver3
172.16.2.12/32,Active,netbox-lb1,vlan1,VIP,virtualserver4
So VIP would be a matching role for a virtual server IP but there is none for the selfips of the devices.
Now this role would be exactly in the same context as 'e.g. loopback or anycast and not associated with any special purpose, which was the reason for originally rejecting request above.
However, there is no way to create custom roles, which would be great but was rejected in https://github.com/netbox-community/netbox/issues/1904
In our case we are dealing with F5 loadbalancers in HA setups
each loadbalancer has its own IP called 'selfip' for each vlan interface
additionally there are selfips which are active only on the active member of a traffic group (let's call those 'floating'), like HSRP
On top there are the virtual server IPs that can be created on the devices
Our plan/wish is to define the loadbalancers and add the selfips as interface IPs to each vlan on the LBs
Then create a virtual chassis and add the virtual server IPs and 'floating' IPs to the chassis
this would look like this in the 'IP addresses' import:
address,status,device,interface_name,role,description
172.16.1.1/32,Active,netbox-lb1,vlan1,,
172.16.1.2/32,Active,netbox-lb1-1,vlan1,,
172.16.1.3/32,Active,netbox-lb1-2,vlan1,,
172.16.2.1/32,Active,netbox-lb1,vlan2,,
172.16.2.2/32,Active,netbox-lb1-1,vlan2,,
172.16.2.3/32,Active,netbox-lb1-2,vlan2,,
172.16.1.11/32,Active,netbox-lb1,vlan1,VIP,virtualserver1
172.16.1.12/32,Active,netbox-lb1,vlan1,VIP,virtualserver2
172.16.2.11/32,Active,netbox-lb1,vlan1,VIP,virtualserver3
172.16.2.12/32,Active,netbox-lb1,vlan1,VIP,virtualserver4
So VIP would be a matching role for a virtual server IP but there is none for the selfips of the devices.
Now this role would be exactly in the same context as 'e.g. loopback or anycast and not associated with any special purpose, which was the reason for originally rejecting request above.
Of course we could add tags to mark those IPs and filter by those tags, in case we'd like to get a list of selfips, but those tags would not be displayed in the device view in the GUI like the VIP role.
Jeremy Stretch
Dec 27, 2019, 9:28:03 AM12/27/19
to Wolf, NetBox
> However, there is no way to create custom roles, which would be great but was rejected in https://github.com/netbox-community/netbox/issues/1904
You don't need to create any custom IP roles. They are not arbitrary designations.
> each loadbalancer has its own IP called 'selfip' for each vlan interface
Use regular IPs (no role) for these interfaces.
> additionally there are selfips which are active only on the active
member of a traffic group (let's call those 'floating'), like HSRP
Are they HSRP or not? There are several roles that could be applicable depending on how the shared IPs behave.
> On top there are the virtual server IPs that can be created on the devices
VIP role
> Our plan/wish is to define the loadbalancers and add the selfips as interface IPs to each vlan on the LBs
Good so far...
> Then create a virtual chassis and add the virtual server IPs and 'floating' IPs to the chassis
Virtual chassis is not relevant unless the two load balancers share a single control plane. That is, they are managed as a single device, similar to a switch stack.
> So VIP would be a matching role for a virtual server IP but there is none for the selfips of the devices.
Again, "self IP" isn't a special role; it sounds like the vendor's terminology for denoting a regular old IP address (versus a shared VIP). Simply leave its role unassigned, as you would for regular non-load-balancer IPs.
--
You received this message because you are subscribed to the Google Groups "NetBox" group.
To unsubscribe from this group and stop receiving emails from it, send an email to netbox-discus...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/netbox-discuss/e48d28fc-7c92-45c8-81ff-6b51357e9972%40googlegroups.com.
--
Jeremy Stretch
Sr. Network Automation Engineer
Network to Code, LLC
Sr. Network Automation Engineer
Network to Code, LLC
Wolf
Dec 27, 2019, 9:59:06 AM12/27/19
to NetBox
We somehow expected this and already did as you suggested :-)
Anyway thank you for your time to look at the request and for the immense effort you put into this project and for making it available to the public
Anyway thank you for your time to look at the request and for the immense effort you put into this project and for making it available to the public
Reply all
Reply to author
Forward
0 new messages