Skip to main content

Forward Enterprise - Expert Articles ◆

Expert

IP Inventory Table NQE

Identifying all the IP addresses on your network can be a complex and tedious task - and even impossible on some networks. This NQE makes it significantly easier to identify all the IP addresses in use on your network, including those that are stale or obsolete.   OverviewThis NQE identifies IPv4 and IPv6 addresses that are in use within the network. Due to the scarcity and value of IPv4 addresses, companies often seek to maximize their utilization and identify any under utilized address space. This can help to either improve the utilization of owned addresses or free up unused address space for sale. Whether you’re consolidating for financial purposes or re-IPing due to mergers, acquisitions, or network reorganizations, this NQE is essential for identifying all the IP addresses within the network. ResultsImproved IP Utilization: By identifying stale or obsolete IP addresses, this NQE enables organizations to optimize their IP space, reducing the need to purchase additional address space and potentially generating revenue from the sale of surplus addresses. Streamlined Re-IPing Process: The tool simplifies the otherwise complex and error-prone task of reassigning IP addresses across a network, making it manageable and efficient. Support for Mergers and Acquisitions: This NQE aids in the smooth integration of network resources during corporate mergers and acquisitions by providing a clear mapping of IP address usage and it makes it easier to spot address conflicts. SolutionThis NQE looks through the normalized data in the data model to find specific IP addresses and subnets using  NAT sources and destinations, BGP router IDs, IP routes, and ACL sources and destinations. It offers a parameterized approach, enabling users to define the IP range or prefix of interest. You can also customize it to ignore IPv6 addresses if you are only interested in IPv4. This script significantly eases the complex and tedious task of IP address identification and reassignment. /** * @intent Find every IP address and subnet in the network * @description Includes interface subnets, hosts addresses, NAT sources and dests, * ACL sources and dests, IP routes, and BGP router IDs. * */import "@fwd/L3/IpAddressUtils";import "@fwd/L3/Interface Utilities";isIPv4(a) = isPresent(patternMatch(toString(a), `{ipv4Subnet}`));isAddressIPv4(a) = isPresent(patternMatch(toString(a), `{ipv4Address}`));addressType(a) = if isIPv4(a) then "IPv4" else "IPv6";getIpSubnets(addresses) = foreach addr in addresses select ipSubnet(addr.ip, addr.prefixLength);getInterfaceIps(device, ipSet, ipv6Subnets) = foreach l3Iface in getL3Interfaces(device) foreach record in getIpv4Ips(device.name, l3Iface, ipSet) + getIpv6Ips(device.name, l3Iface, ipv6Subnets) select record;getIpv4Ips(deviceName, l3Iface, ipSet) = foreach subnet in getIpSubnets(l3Iface.ipv4.addresses) where subnet in ipSet select { Subnet: subnet, AddressType: "IPv4", Type: "Interface IP", Source: l3Iface.name, MAC: null : MacAddress, Device: deviceName };getIpv6Ips(deviceName, l3Iface, ipv6Subnets) = foreach subnet in getIpSubnets(l3Iface.ipv6.addresses) where length(ipv6Subnets) == 0 || max(foreach s in ipv6Subnets select subnet in s) select { Subnet: subnet, AddressType: "IPv6", Type: "Interface IP", Source: l3Iface.name, MAC: null : MacAddress, Device: deviceName };getHosts(device, ipSet) = foreach host in device.hosts foreach subnet in host.addresses where subnet in ipSet select { Subnet: subnet, AddressType: addressType(subnet), Type: "Host", Source: host.name, MAC: host.macAddress, Device: device.name };getNatIps(device, ipSet) = foreach entry in device.natEntries let dsts = (foreach subnet in entry.headerMatches.ipv4Dst where subnet in ipSet select { Subnet: subnet, AddressType: addressType(subnet), Type: "NAT Destination", Source: entry.name, MAC: null : MacAddress, Device: device.name }) let srcs = (foreach subnet in entry.headerMatches.ipv4Src where subnet in ipSet select { Subnet: subnet, AddressType: addressType(subnet), Type: "NAT Source", Source: entry.name, MAC: null : MacAddress, Device: device.name }) foreach ips in dsts + srcs select ips;getAclIps(device, ipSet) = foreach entry in device.aclEntries let dsts = (foreach subnet in entry.headerMatches.ipv4Dst where subnet in ipSet select { Subnet: subnet, AddressType: addressType(subnet), Type: "ACL Destination", Source: entry.name, MAC: null : MacAddress, Device: device.name }) let srcs = (foreach subnet in entry.headerMatches.ipv4Src where subnet in ipSet select { Subnet: subnet, AddressType: addressType(subnet), Type: "ACL Source", Source: entry.name, MAC: null : MacAddress, Device: device.name }) foreach ips in dsts + srcs select ips;getRouteIps(device, ipSet, ipv6Subnets) = foreach vrf in device.networkInstances let afts = vrf.afts foreach record in getIpv4RouteIps(device, afts, ipSet) + getIpv6RouteIps(device, afts, ipv6Subnets) + getBgpRouterIds(device, vrf, ipSet, ipv6Subnets) select record;getBgpRouterIds(device, vrf, ipSet, ipv6Subnets) = foreach protocol in vrf.protocols let bgp = protocol.bgp where isPresent(bgp) let routerId = bgp.routerId where isPresent(routerId) let isIpv4 = isAddressIPv4(routerId) where if isIpv4 then routerId in ipSet else length(ipv6Subnets) == 0 || max(foreach s in ipv6Subnets select routerId in s) select { Subnet: ipSubnet(routerId, if isIpv4 then 32 else 128), AddressType: if isIpv4 then "IPv4" else "IPv6", Type: "BGP Router ID", Source: "", MAC: null : MacAddress, Device: device.name };getIpv4RouteIps(device, afts, ipSet) = foreach ipv4Unicast in [afts.ipv4Unicast] where isPresent(ipv4Unicast) foreach entry in ipv4Unicast.ipEntries where entry.prefix in ipSet select { Subnet: entry.prefix, AddressType: "IPv4", Type: "Route", Source: "", MAC: null : MacAddress, Device: device.name };getIpv6RouteIps(device, afts, ipv6Subnets) = foreach ipv6Unicast in [afts.ipv6Unicast] where isPresent(ipv6Unicast) foreach entry in ipv6Unicast.ipEntries where length(ipv6Subnets) == 0 || max(foreach s in ipv6Subnets select entry.prefix in s) select { Subnet: entry.prefix, AddressType: "IPv6", Type: "Route", Source: "", MAC: null : MacAddress, Device: device.name };getIps(device, ipSet, ipv6Subnets) = getInterfaceIps(device, ipSet, ipv6Subnets) + getHosts(device, ipSet) + getNatIps(device, ipSet) + getAclIps(device, ipSet) + getRouteIps(device, ipSet, ipv6Subnets);@queryquery(ipv4Subnets: List<IpSubnet>, ipv6Subnets: List<IpSubnet>) = foreach device in network.devices let ipSet = ipAddressSet(ipv4Subnets) foreach ipRecord in getIps(device, ipSet, ipv6Subnets) select ipRecord; 

Expert

WAN Circuit Visibility

Managing wide area networks (WANs) efficiently is paramount for businesses. This Network Query Engine (NQE) serves as a critical tool, offering visibility into WAN circuits by integrating external data sources from service providers.OverviewIn today's digital landscape, businesses rely on wide area networks (WANs) to connect different parts of their operations. A common challenge is the lack of visibility into all WAN circuits, leading to inefficiencies and unnecessary costs. That's where this Network Query Engine (NQE) steps in, providing a solution that allows customers to use external data sources, such as CSV files, to better manage their networks. For instance, a customer can take a CSV from a service provider like AT&T, and use it to match IP addresses to devices in their network. This helps identify routers and WAN interfaces that might not be immediately visible, ensuring that only necessary circuits remain active. ResultsCustomers have found this capability invaluable for several reasons. Before implementing this NQE, identifying and managing WAN circuits was nearly impossible, often leading to high operational costs. This NQE enables targeted searches and specific queries for a more effective and accurate device identification process, something that was not feasible before. Each unneeded circuit could cost a business up to $150,000 per month. By leveraging NQE, businesses can precisely identify which circuits are active and required, thereby optimizing their network infrastructure and reducing costs.  SolutionThis NQE works by obtaining a list of IP addresses from service providers, focusing on the customer edge (CE) to provider edge (PE) connections, which are common in MPLS and WAN circuits. The key task is to identify either the CE interface or the BGP neighbor for the PE to find the device name, which providers typically cannot supply. You can customize this query to accept a variety of data sources depending on what your service providers offer. In addition to spreadsheets, some vendors offer APIs from which you can access WAN Circuit information that can also be used as an alternative external data source in Forward. This NQE offers insight into the WAN overlap between providers, enabling the businesses to replace outdated WAN connections with more cost-effective options or ensure redundancy by maintaining necessary connections, enhancing overall network efficiency. /** * @intent Find devices with subnets that match the CPE addresses provided by the Service Provider. * @description This query appears to work well. Focused on finding devices that match each entry * in the manual service provider list, instead of finding all subnets and seeing if they are in * the service provider list. */import "external data/sample service provider data";//import service provider ListproviderMask = 30;deviceSubnets = foreach device in network.devices foreach subnet in subIfaceSubnets(device) + sviIfaceSubnets(device) select { deviceName: device.name, ifaceName: subnet.ifaceName, prefix: subnet.prefix, subnet: subnet.subnet };sviIfaceSubnets(device) = foreach x in [1] foreach iface in device.interfaces where iface.operStatus == OperStatus.UP where isPresent(iface.routedVlan) foreach address in iface.routedVlan.ipv4.addresses where length(ipSubnet(address.ip, address.prefixLength)) == providerMask select { ifaceName: iface.name, prefix: ipSubnet(address.ip, address.prefixLength), subnet: ipSubnet(networkAddress(ipSubnet(address.ip, address.prefixLength)), address.prefixLength) };subIfaceSubnets(device) = foreach x in [1] foreach iface in device.interfaces where iface.operStatus == OperStatus.UP foreach subIface in iface.subinterfaces where subIface.operStatus == OperStatus.UP foreach address in subIface.ipv4.addresses where length(ipSubnet(address.ip, address.prefixLength)) == providerMask select { ifaceName: subIface.name, prefix: ipSubnet(address.ip, address.prefixLength), subnet: ipSubnet(networkAddress(ipSubnet(address.ip, address.prefixLength)), address.prefixLength) };// NQE query starts hereforeach listEntry in attListlet providerSubnet = ipSubnet(networkAddress(ipSubnet(listEntry.Cpe_Ip_Address, providerMask)), providerMask)let deviceMatch = (foreach entry in deviceSubnets where entry.subnet == providerSubnet select entry)select { Device: (foreach x in deviceMatch select x?.deviceName), Provider_Subnets: providerSubnet, Interface: (foreach x in deviceMatch select x?.ifaceName), Subnet: (foreach x in deviceMatch select x?.subnet), Prefix: (foreach x in deviceMatch select x?.prefix), Circuit: listEntry.Site_Acc_Ckt, CPE_IP: listEntry.Cpe_Ip_Address, Conn_VPN_Name: listEntry.Conn_Vpn_Name} Sample service provider data        Sample query results 

Terms of UseCookie settingsAccessibility statement