InControl 2 Group Subnet Allocation and usage tracking


#1

One of the challenges of managing large numbers of devices is keeping track of the remote subnet allocations.
When we use Layer 3 PepVPN to a central hub and want all the devices to be able to communicate with each other we need the remote devices to have unique LAN segment IP ranges. Like many others I imagine, I end up using massive excel spreadsheets and CMDB’s to keep track of IP address / device allocations.

In most cases though - I don’t really care what the allocated remote subnets are, I just need them to be unique.

What I’d like is to be able to assign a subnet scope to a group of devices, and for InControl 2 to manage the allocation of that scope to the remote devices.

For example, I have a ‘provisioning’ group in my organisation. When I add new devices I put them in there first and the group settings force a firmware upgrade and set a unique admin password to the device.

What I’d like to be able to do is set a scope of subnets for example 172.16.1.0/24 -> 172.16.254.0/24 and for any new device that’s added to this group to have its LAN network subnet changed to the next available unused subnet in scope.

That way I wouldn’t have to think about - or go searching for the next available subnet. I would also be able to pull off an IP subnet report that lists all the remote device names and their assigned subnets - which would be great for network documentation.

When I move the device out of the group to go into production, the subnet should stay configured on that device. And the fact that it was assigned should still be visible in the ‘provisioning’ group subnet report. However I could of course release that subnet for reassignment in the ‘provisioning’ group when its no longer required by the device it was originally assigned to.


#2

More or less the same need here.

We are discussing the replacement of 500+ Aruba’s and the central subnet management system is a feature the customer is not ready to go without.


#3

In order to progress on this with an intermediate/easier step:

We could progress by allowing a bulk export in csv of all LAN and important parameters, process the change manually or via scripts on the csv, use the bulk configurator to push the configuration again (eventually with delta analysis to only push what changed)

It is not the best but it already helps.

Martin? What do you think?


#4

Yeah, I like the idea of bulk export of settings for a group of devices that we could edit offline then push back to InControl. That would be a really useful first step.