Forum Discussion

Expert

4 months ago

Overlapping IP addresses

This might be an oldie... How should we manage devices which have multiple overlapping IP addresses. For example Layer3 switches or router HA pairs can have same IP addresses set up to two or multip...

sciencelogic platform

JohnProctor
3 months ago
Today, interface inventory is all (default) or nothing (alternate). Interface inventory can be bypassed during onboarding via the unguided discovery workflow or after a device has been added using the device settings or templates. As mention, this stops all interface inventory, which might work if the interface configuration does not change or the changes are infrequent and known.

A potential change in behavior would be to identify these virtual addresses and exclude them from the "overlapping address" alert. With VRRP, the routers or L3 switches in the redundancy group also have unique physical addresses. The assumption would be that the devices in the redundancy group would always sent traps and message using the physical address and never the virtual (shared or duplicate) address.

The only remaining concern would be how to handle a message or trap if a device used the virtual address as the source address in the trap or message header. If it did, we would want to include a default or fail safe behavior so that we do not fail to process a trap or message.

• Does identifying the virtual addresses and excluding them from the "overlapping address" alert seem palatable?
• Will the traps and message always come from the physical address?
• What should the fail safe behavior be if we receive a message or trap where the virtual address is the source?

JohnProctor

Moderator

3 months ago

Today, interface inventory is all (default) or nothing (alternate). Interface inventory can be bypassed during onboarding via the unguided discovery workflow or after a device has been added using the device settings or templates. As mention, this stops all interface inventory, which might work if the interface configuration does not change or the changes are infrequent and known.

A potential change in behavior would be to identify these virtual addresses and exclude them from the "overlapping address" alert. With VRRP, the routers or L3 switches in the redundancy group also have unique physical addresses. The assumption would be that the devices in the redundancy group would always sent traps and message using the physical address and never the virtual (shared or duplicate) address.

The only remaining concern would be how to handle a message or trap if a device used the virtual address as the source address in the trap or message header. If it did, we would want to include a default or fail safe behavior so that we do not fail to process a trap or message.

• Does identifying the virtual addresses and excluding them from the "overlapping address" alert seem palatable?
• Will the traps and message always come from the physical address?
• What should the fail safe behavior be if we receive a message or trap where the virtual address is the source?

Forum Discussion

Overlapping IP addresses

Related Content

Root's IP address in database alerts

PPK MS Cluster support for DAG IP-Less

Snippet possible bug w/ mac address encoding

Automatic update of IP on Meraki assets

Re: Azure subscription monitoring max retries error

Recent Discussions

Change the severity of an Event on SL

Filesystem thresholds based on Space (not percentage) available

Heartbeats Monitoring - suggestion

Sending Sub-ID information into incident integration

Poll Summary for specific Dynamic Application