Out-of-band management IP issue

[lucdnb]

Hello rc9000!
Here I am again.

I have another problem: I have about 100 leaf devices. About 40% of it have just "In-band Management IP" and other ones have the "Out-of-band management IP".

These first ones, the ACI plugin is working fine. But the other one is not taking informations like arpnip and macksuck. Occurs the bellow error:

Since these devices are added by the In-Band IP (10.238.181.0/24), the plugin is not able to update the leafs information, when the leaf have two IPs. So the plugion take just de Out-of-Band IO (10.238.180.0/24) to do the work.

I'm not able to add these devices from Out-of-band for security and network questions.

I need a way to make the plugin update leafs informations from In-band-IPs, like the ones that is working.

Can you see a way to acomplish this?

Thank you again.

[rc9000]

Currently we just check if {oobMgmtAddr} eq "0.0.0.0" and only then the in-band ip is used:

nd2-worker-plugin-aci/lib/App/NetdiscoX/Util/ACI.pm

Line 50 in 560feab

if ($matches[0]->{topSystem}->{attributes}->{oobMgmtAddr} eq "0.0.0.0"){

Maybe you can edit the if/else there to somehow make it work? Or once we get here where the info message is created:

https://github.com/rc9000/nd2-worker-plugin-aci/blob/master/lib/App/NetdiscoX/Worker/Plugin/Macsuck/Nodes.pm#L95

There could be a lookup there to check if we need to use a different ip, either by looking at the device_ip table or further API requests.

If you can't get it to work I'll also check our environment to reproduce this problem, but I'm currently out-of-office and will only have access to APICs mid-october again.

[lucdnb]

With witch detail can I test, editing this line?
I really stuck here since I dont understand the code very well.

Ok, I thank you when you have able to help with this issue.

Thanks!

[lucdnb]

Hello @rc9000
Do you have other idea about this problem? I'm really stuck here.

Very thanks!

[rc9000]

I did look at this and it's not easy since until now this plugin used either the oob or inb address exclusively, but it is not prepared to have a mix of them.

I have made a version that will record both address into the custom_fields structure of Netdisco. Could you overwrite these two files in your installation:

https://github.com/rc9000/nd2-worker-plugin-aci/blob/issue-11/lib/App/NetdiscoX/Util/ACI.pm
https://github.com/rc9000/nd2-worker-plugin-aci/blob/issue-11/lib/App/NetdiscoX/Worker/Plugin/Discover/FabricDevices.pm

This will not yet fix anything but store both addresses and then let us see what the regular SNMP discovery finds and how we can match the APIC data to that. After replacing the files, please run netdisco-do discover -d and then netdisco-do psql and run this query (obviously with the IP replaced)

select  d.ip as device_ip, 
d.custom_fields->>'topSystem_oobMgmtAddr' as aci_oob, 
d.custom_fields->>'topSystem_inbMgmtAddr' as aci_inb,
array_agg(dip.alias::text)::text as alias_ips
from device d
join device_ip dip on d.ip = dip.ip
where custom_fields->>'APIC' = '1.2.3.4'
group by 1,2,3;

This should give us a table like

from which we can maybe find a straightforward way how to proceed.

[lucdnb]

Almost there!
When I try to discover, yet is receive the same behaviour/message:

[10544] 2024-12-15 13:16:18 info [x.x.x.x] discover_topsystems: topSystem <oob_ip_address> does not seem to be known in netdisco.device table, skipping

I dont see the oob IPs in table:

I tried to exclude one node (leaf) and add again to test. No success.

[rc9000]

Wild, I would have expected we find some oob addresses there.

• is the oob address in the list of alias_ips by any chance?
• if you are familiar with moquery, can you see the oob address in the topSystem somewhere? Or in some other object?

[lucdnb]

I not seeing any oob address here.
Sadly I'm have none experience with moquery also.

Maybe the only solution here is this oob network must have communication with my server to discover can be done by this network...

Do you see any other way?