Skip to content

Network-discovery IPs sent with mask /32 #111

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
sepetuks opened this issue May 16, 2025 · 5 comments
Closed

Network-discovery IPs sent with mask /32 #111

sepetuks opened this issue May 16, 2025 · 5 comments

Comments

@sepetuks
Copy link

I have following discovery configuration policy in agent config:

network_discovery:
  policy_1:
    config:
      defaults:
        tenant: Customer 1
        vrf: VRF1
      schedule: "*/5 * * * *"
      timeout: 5
    scope:
      targets:
         - 10.10.10.0/24
         - 10.10.10.254

  • But in Diode server I see data load is with subnet /32 for all IP addresses (example: 10.10.10.4/32) that it detects. I think it is wrong as in IPAM model IP address should have subnet mask same as prefix and at least should follow definition in config.

  • When only one IP address specified (second target) it is not possible to define subnet mask for it. If I set subnet mask it then scans full subnet but not single IP. As mentioned earlier it still loads all IPs with /32 mask,
@leoparente leoparente mentioned this issue May 29, 2025
Closed
@leoparente
Copy link
Contributor

leoparente commented Jun 3, 2025
edited
Loading

hi @sepetuks can you test the latest develop image by docker pull netboxlabs/orb-agent:develop. The expected version for network_discovery on it is 1.4.1.

This version has the capability to ** match target mask** by default.

And also in config:defaults: section you are able to overload the default /32 with any mask you want by defining network mask:

  policy_1:
    config:
      defaults:
        tenant: Customer 1
        vrf: VRF1
        network_mask: 24

you can check all the available options in: https://github.com/netboxlabs/orb-agent/blob/develop/docs/backends/network_discovery.md

@sepetuks
Copy link
Author

sepetuks commented Jun 4, 2025
edited
Loading

Hi,
It ingested with mask /24 based on scope. (that's good)

But I tried to use override and looks override with "network_mask:24" doesn't work.

I tested with

 policy_1:
    config:
      defaults:
        tenant: Customer 1
        vrf: VRF1
        network_mask: 24
 scope:
      targets:
         - 10.10.10.0**/25**

in this case it was still ingesting 10.10.10.2/25 (so override didn't work)

@leoparente
Copy link
Contributor

leoparente commented Jun 4, 2025
edited
Loading

@sepetuks network_mask overrides the default /32. so if you have like a ip range 10.10.10.1-100, instead of having each ip with /32, It will apply the mask /24.

Now, regarding the issue that you had is because the new feature use_target_masks is enabled by default. To have the expected behavior of applying /24 in your case you need to disable it:

 policy_1:
    config:
      defaults:
        tenant: Customer 1
        vrf: VRF1
        network_mask: 24
 scope:
      targets:
         - 10.10.10.0/25
      use_target_masks: False

@sepetuks
Copy link
Author

sepetuks commented Jun 5, 2025

thanks. now it is clear.

@leoparente
Copy link
Contributor

cool, I will close this ticket then.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@leoparente @sepetuks