Forum Discussion

teppotahkapaa's avatar
3 months ago

Overlapping IP addresses

This might be an oldie... How should we manage devices which have multiple overlapping IP addresses. For example Layer3 switches or router HA pairs can have same IP addresses set up to two or multip...
  • JohnProctor's avatar
    2 months ago

    Today, interface inventory is all (default) or nothing (alternate). Interface inventory can be bypassed during onboarding via the unguided discovery workflow or after a device has been added using the device settings or templates. As mention, this stops all interface inventory, which might work if the interface configuration does not change or the changes are infrequent and known.

    A potential change in behavior would be to identify these virtual addresses and exclude them from the "overlapping address" alert. With VRRP, the routers or L3 switches in the redundancy group also have unique physical addresses. The assumption would be that the devices in the redundancy group would always sent traps and message using the physical address and never the virtual (shared or duplicate) address. 

    The only remaining concern would be how to handle a message or trap if a device used the virtual address as the source address in the trap or message header. If it did, we would want to include a default or fail safe behavior so that we do not fail to process a trap or message.

    • Does identifying the virtual addresses and excluding them from the "overlapping address" alert seem palatable?
    • Will the traps and message always come from the physical address?
    • What should the fail safe behavior be if we receive a message or trap where the virtual address is the source?