Duplicate IP Subnets
cleonardos
08-10-2009 14:31:24
This is an awesome application, however with the increasing use of MPLS and other VPN technologies it's necessary to have
routing domains that may in fact overlap with each other, but yet are kept seperate with MPLS.
Is there a way of adding say duplicate RFC1918 networks? Another handy feature would
be the ability to create NAT relationships between Hosts and Networks by Routing Domain
and/or Client Autonomous System Etc.
I haven looked at the table schema yet so I don't know if this is something that
could easily be added.
-Chris
routing domains that may in fact overlap with each other, but yet are kept seperate with MPLS.
Is there a way of adding say duplicate RFC1918 networks? Another handy feature would
be the ability to create NAT relationships between Hosts and Networks by Routing Domain
and/or Client Autonomous System Etc.
I haven looked at the table schema yet so I don't know if this is something that
could easily be added.
-Chris
Matt
08-10-2009 14:50:24
As a matter of fact I just checked in some new code that implements "contexts". It is intended for this sort of thing and allows you to deal with MPLS networks that overlap etc etc.
It is still very new and does not have much testing involved with it. I'll describe what it does briefly so you can get an idea of things.
First off.. the table structure and code is such that simply adding a column or a table to track the "context" you were in is VERY difficult. Not that it cant be done (I have many sticky notes and diagrams on the topic) but it would take a LOT of work to implement. I'm open to new ideas on this approach however.
The way I have implemented this method is to simply switch contexts by spinning up a new database instance. So currently you load up a mysql database called 'ona' for instance. It would be the default context. you could then set up another database (probably on the same mysql server) called ona-mpls1 and it would be your mpls1 context. Since each context is a new database instance, you have totally separate user permissions, IP address uniqueness etc.
This approach has some goods and bads. The fact that it uses another database instance is probably a bit more overhead than it would be integrated into one database instance. It also means you must manage device types, user permissions etc in more than one place. Again, depending on your situation this could be good or bad.
At any rate, I am much closer than I have ever been to supporting MPLS networks and contexts. I think there is a bit more work to be done to make things separate out properly but so far its working in my limited testing. switching contexts is easy at the GUI level and has nice visual queues so the user knows which context they are using. I still need to deal with managing new contexts and install/upgrade things.
The NAT relationships etc is something I would like to look into more however..
Hope that helps.
It is still very new and does not have much testing involved with it. I'll describe what it does briefly so you can get an idea of things.
First off.. the table structure and code is such that simply adding a column or a table to track the "context" you were in is VERY difficult. Not that it cant be done (I have many sticky notes and diagrams on the topic) but it would take a LOT of work to implement. I'm open to new ideas on this approach however.
The way I have implemented this method is to simply switch contexts by spinning up a new database instance. So currently you load up a mysql database called 'ona' for instance. It would be the default context. you could then set up another database (probably on the same mysql server) called ona-mpls1 and it would be your mpls1 context. Since each context is a new database instance, you have totally separate user permissions, IP address uniqueness etc.
This approach has some goods and bads. The fact that it uses another database instance is probably a bit more overhead than it would be integrated into one database instance. It also means you must manage device types, user permissions etc in more than one place. Again, depending on your situation this could be good or bad.
At any rate, I am much closer than I have ever been to supporting MPLS networks and contexts. I think there is a bit more work to be done to make things separate out properly but so far its working in my limited testing. switching contexts is easy at the GUI level and has nice visual queues so the user knows which context they are using. I still need to deal with managing new contexts and install/upgrade things.
The NAT relationships etc is something I would like to look into more however..
Hope that helps.
cleonardos
10-10-2009 07:24:57
Thanks for the response Matt!
Your approach to contexts makes sense, although it may be easier in the long run
to leave this functionality entirely out of the main code as it may make an otherwise
difficult transition even more of a nightmare.
Imagine trying to merge data from multiple contexts into a entirely new format...ack!
I'm going to install OpenNetAdmin and learn it, although it's been a long time since I've
worked with PHP.
I'm being dragged kicking and screaming by my job into the world of microsoft, and
currently learning Microsoft Systems Center Operations Manager..:/ It's a mess, but so is pretty much every other
Network/Systems management product of any size. Netcool, BMC, Tivoli, Spectrum, etc.
These products share a common trait, that they are all pretty much conglomerations of quite a few
excellent point products merged together, some more successfully than others...
Best Regards,
-Chris
Your approach to contexts makes sense, although it may be easier in the long run
to leave this functionality entirely out of the main code as it may make an otherwise
difficult transition even more of a nightmare.
Imagine trying to merge data from multiple contexts into a entirely new format...ack!
I'm going to install OpenNetAdmin and learn it, although it's been a long time since I've
worked with PHP.
I'm being dragged kicking and screaming by my job into the world of microsoft, and
currently learning Microsoft Systems Center Operations Manager..:/ It's a mess, but so is pretty much every other
Network/Systems management product of any size. Netcool, BMC, Tivoli, Spectrum, etc.
These products share a common trait, that they are all pretty much conglomerations of quite a few
excellent point products merged together, some more successfully than others...
Best Regards,
-Chris
grrrreg
17-06-2010 07:51:42
Hi,
Couldn't it be simpler with the already provided data schema ? I surely miss a big part of the mechanism, but here my ideas:
During a subnet creation:
- If the subnet does not collide with an existing one, create it as usual,
- If it does, ask on which Vlan Campus -> Vlan the user wants to create this subnet.
During an interface creation:
- If there is one subnet in which the address fits, create it as usual,
- If there are several subnets in which the interface can be added, list those subnets with their associated vlan. The user selects the one he wants.
With the help of subnet types, you could allow/disallow overlapping subnets of certain kinds (for example, LAN subnets can duplicatable, not WAN ones).
Greg
Couldn't it be simpler with the already provided data schema ? I surely miss a big part of the mechanism, but here my ideas:
During a subnet creation:
- If the subnet does not collide with an existing one, create it as usual,
- If it does, ask on which Vlan Campus -> Vlan the user wants to create this subnet.
During an interface creation:
- If there is one subnet in which the address fits, create it as usual,
- If there are several subnets in which the interface can be added, list those subnets with their associated vlan. The user selects the one he wants.
With the help of subnet types, you could allow/disallow overlapping subnets of certain kinds (for example, LAN subnets can duplicatable, not WAN ones).
Greg