IP Management. How do we do it?

How does everyone keep track of their IPs?

I've got a web server which needs more apps, and nmap scans don't show things which are static but powered off. Thus, I'm going to stand up an IPAM.

I've used RackTables in the past, but it's more then I want.

Suggestions?

Comments

  • Perhaps a better question would be;

    How do you keep track of your children?

    Thanked by (1)FlamingSpaceJunk

    ♻ Amitz day is October 21.
    ♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.

  • @FlamingSpaceJunk said: I've used RackTables in the past, but it's more then I want.

    ipam.txt ;-)

    or you could do

    $ mkdir -p 192/168/0
    $ > 192/168/0/1
    

    it'll be fun, trust me B)

    Thanked by (1)FlamingSpaceJunk
  • mikhomikho AdministratorOG
    edited May 2020

    Using this for a customer.

    https://github.com/netbox-community/netbox

    “Technology is best when it brings people together.” – Matt Mullenweg

  • WSSWSS OGRetired
    edited May 2020

    You don't have your IP space memorized? Loser.

    I add important shit into Hetrix, and what isn't important goes into a spreadsheet.

    Thanked by (1)Pwner

    My pronouns are like/subscribe.

  • @deank said:
    Perhaps a better question would be;

    How do you keep track of your children?

    I don't have children, so not a problem I have. :lol:

    If I did though... Either free range or some sort of asset tag with an LTE modem and Google Maps integration.

    @comi said:
    ipam.txt ;-)

    or you could do

    $ mkdir -p 192/168/0
    $ > 192/168/0/1
    

    it'll be fun, trust me B)

    That's easy enough to script or write a small program for. :smile: I would probably switch to YAML though.

    ipam.yaml
    
    networks:
      - home
      - home-exp
    
    home:
      - space: 192.168.0
      - mask: 24
      - addresses:
         - 10:
           - metadata:
    ...
    

    or something like that.

    Not loosing the stupid thing and keeping it in sync across devices would be the hard part.

  • @mikho said:
    Using this for a customer.

    https://github.com/netbox-community/netbox

    How do you/they like it?

  • mikhomikho AdministratorOG

    @FlamingSpaceJunk said:

    @mikho said:
    Using this for a customer.

    https://github.com/netbox-community/netbox

    How do you/they like it?

    I like the features. Takes forever to add information the correct way (this is not something unique for this program).
    But nice overview if you have physical locations.

    It says it can handle multiple ”customers”, meaning it could be worth the setup for a consultant company.

    It’s even got instructions on how you replicate the data to another location.

    A couple of things that buggers me.
    1. Lack of ready made Report templates.
    2. API ”only” supports header token, a couple of their other systems can’t handle that (only user/pass combo) so the integration suffers.

    Overall, I like it, wish I had the time to learn it properly.

    “Technology is best when it brings people together.” – Matt Mullenweg

  • @WSS said:
    You don't have your IP space memorized? Loser.

    I need the brain space.

    I add important shit into Hetrix, and what isn't important goes into a spreadsheet.

    This is my home network. Hetrix doesn't need access to my house. :smile:

    Mostly, I want to remember what networks I've assigned to things like subnetworks and/or routed KVM networks. Both of which may or may not be active at any given time. Also, IP planning, so I know where the breaks in subnets are if I want to expand.

  • edited May 2020

    @mikho said:
    I like the features. Takes forever to add information the correct way (this is not something unique for this program).
    But nice overview if you have physical locations.
    It says it can handle multiple ”customers”, meaning it could be worth the setup for a consultant company.

    That's good to know.

    It’s even got instructions on how you replicate the data to another location.

    That could be interesting.

    A couple of things that buggers me.
    1. Lack of ready made Report templates.
    2. API ”only” supports header token, a couple of their other systems can’t handle that (only user/pass combo) so the integration suffers.

    There are multiple parts? Some which can use Auth token and other which only accept Basic Auth?

    Overall, I like it, wish I had the time to learn it properly.

    :+1:

  • mikhomikho AdministratorOG

    @FlamingSpaceJunk said:

    1. API ”only” supports header token, a couple of their other systems can’t handle that (only user/pass combo) so the integration suffers.

    There are multiple parts? Some which can use Auth token and other which only accept Basic Auth?

    There is a setting in the config file where you can disable the authentication part for the api (and protect it using IP restriction or whatever) but I can’t make that work.
    What I’m looking for is to get a json result via thw api and inlude that result into another documentation system.

    “Technology is best when it brings people together.” – Matt Mullenweg

  • WSSWSS OGRetired

    @FlamingSpaceJunk said:
    Mostly, I want to remember what networks I've assigned to things like subnetworks and/or routed KVM networks. Both of which may or may not be active at any given time. Also, IP planning, so I know where the breaks in subnets are if I want to expand.

    If you can't fit in a 16 bit block, what the hell are you doing?

    At one point I did try doing 10/8 to make subnetting earier by using the second octet to easily manage QoS for each different thing <.0 reserved/router only / .1 primary important stuff, etc.. .40 printer>, and eventually I said ya know what, fuck it, and been rolling on 192.168.0/24 for the last decade without much to worry about. Printers are still at .4x, important stuff at .1x, et al.. If you need more than 253 addresses for play, it's time to go outside for awhile. :D

    Thanked by (1)bugrakoc

    My pronouns are like/subscribe.

  • It depends really on how many IPs you are trying to track.

    Here is one that I have used: https://phpipam.net/

    Thanked by (1)FlamingSpaceJunk
  • @WSS said:
    If you can't fit in a 16 bit block, what the hell are you doing?

    Mostly running up my electricity bill and experimenting with IPAMs. I could also use one at work, and it would help to keep track of the various networks behind VPNs I have to deal with.

    At one point I did try doing 10/8 to make subnetting earier by using the second octet to easily manage QoS for each different thing <.0 reserved/router only / .1 primary important stuff, etc.. .40 printer>, and eventually I said ya know what, fuck it, and been rolling on 192.168.0/24 for the last decade without much to worry about. Printers are still at .4x, important stuff at .1x, et al..

    I do something similar with just a /24 for my home network, except I couldn't remember if I had assigned .50 to one of the 10 other servers I have powered off. Once things are set and running, I kind of forget about them.

    It's not so much about the /24 of my home network, as much as it is about the silly scenarios I've setup to test various things and exercise my networking knowledge. For instance, I need to figure out how to setup a Wireguard network between OpenWRT and OPNsense to deprecate an IPSec VPN, and then add CentOS in to deprecate an OpenVPN server. 3x IPs on the home network, 3x networks, and whatever I decide to put on those networks.

    The next thing is I'm working on getting more familiar with IPv6 in order to replicate what I do with IPv4, and I'd like to setup some IPv6 only networks behind some routers I have. IPv6 is not as memorable as IPv4.

    If you need more than 253 addresses for play, it's time to go outside for awhile. :D

    There are bugs outside. :grimace:

  • WSSWSS OGRetired

    @FlamingSpaceJunk said:
    There are bugs outside. :grimace:

    Just wait until you start plotting your topology.

    My pronouns are like/subscribe.

  • qpsqps Hosting ProviderOG

    We tried out a bunch of the options out there and will probably end up writing our own, because none of them work quite the way we want them to...

  • ulayerulayer Hosting ProviderOG

    We started using Netbox, it's quite nice and is pretty much a DCIM (Data center-infrastructure management) tool. It has a bit of complexity to it and takes some time to learn though.

    Thanked by (1)mikho

    Universal Layer LLC, a privacy conscious hosting provider
    Check us out @ ulayer.net / twitter.com/ulayer_net

  • mikhomikho AdministratorOG

    @ulayer said:
    We started using Netbox, it's quite nice and is pretty much a DCIM (Data center-infrastructure management) tool. It has a bit of complexity to it and takes some time to learn though.

    Yeah, the IPAM is only a small part of the complete package.

    “Technology is best when it brings people together.” – Matt Mullenweg

  • I've used http://www.gestioip.net/ a few times. It's not perfect, but in many cases sufficient.

    Thanked by (1)FlamingSpaceJunk
  • @qps said:
    We tried out a bunch of the options out there and will probably end up writing our own, because none of them work quite the way we want them to...

    not quite my tempo...

Sign In or Register to comment.