Skip to main content

WAN Circuit Visibility

  • 22 July 2024
  • 0 replies
  • 18 views

Managing wide area networks (WANs) efficiently is paramount for businesses. This Network Query Engine (NQE) serves as a critical tool, offering visibility into WAN circuits by integrating external data sources from service providers.

Overview

In today's digital landscape, businesses rely on wide area networks (WANs) to connect different parts of their operations. A common challenge is the lack of visibility into all WAN circuits, leading to inefficiencies and unnecessary costs. That's where this Network Query Engine (NQE) steps in, providing a solution that allows customers to use external data sources, such as CSV files, to better manage their networks. For instance, a customer can take a CSV from a service provider like AT&T, and use it to match IP addresses to devices in their network. This helps identify routers and WAN interfaces that might not be immediately visible, ensuring that only necessary circuits remain active.

 

Results

Customers have found this capability invaluable for several reasons. Before implementing this NQE, identifying and managing WAN circuits was nearly impossible, often leading to high operational costs. This NQE enables targeted searches and specific queries for a more effective and accurate device identification process, something that was not feasible before. Each unneeded circuit could cost a business up to $150,000 per month. By leveraging NQE, businesses can precisely identify which circuits are active and required, thereby optimizing their network infrastructure and reducing costs. 

 

Solution

This NQE works by obtaining a list of IP addresses from service providers, focusing on the customer edge (CE) to provider edge (PE) connections, which are common in MPLS and WAN circuits. The key task is to identify either the CE interface or the BGP neighbor for the PE to find the device name, which providers typically cannot supply. You can customize this query to accept a variety of data sources depending on what your service providers offer. In addition to spreadsheets, some vendors offer APIs from which you can access WAN Circuit information that can also be used as an alternative external data source in Forward. This NQE offers insight into the WAN overlap between providers, enabling the businesses to replace outdated WAN connections with more cost-effective options or ensure redundancy by maintaining necessary connections, enhancing overall network efficiency.

 

/**
 * @intent Find devices with subnets that match the CPE addresses provided by the Service Provider.
 * @description This query appears to work well.  Focused on finding devices that match each entry 
 * in the manual service provider list, instead of finding all subnets and seeing if they are in 
 * the service provider list.
 */

import "external data/sample service provider data";
//import service provider List

providerMask = 30;

deviceSubnets =
  foreach device in network.devices
  foreach subnet in subIfaceSubnets(device) + sviIfaceSubnets(device)
  select {
    deviceName: device.name,
    ifaceName: subnet.ifaceName,
    prefix: subnet.prefix,
    subnet: subnet.subnet
  };

sviIfaceSubnets(device) =
  foreach x in x1]
  foreach iface in device.interfaces
  where iface.operStatus == OperStatus.UP
  where isPresent(iface.routedVlan)
  foreach address in iface.routedVlan.ipv4.addresses
  where length(ipSubnet(address.ip, address.prefixLength)) == providerMask
  select {
    ifaceName: iface.name,
    prefix: ipSubnet(address.ip, address.prefixLength),
    subnet: ipSubnet(networkAddress(ipSubnet(address.ip, address.prefixLength)),
                     address.prefixLength)
  };

subIfaceSubnets(device) =
  foreach x in x1]
  foreach iface in device.interfaces
  where iface.operStatus == OperStatus.UP
  foreach subIface in iface.subinterfaces
  where subIface.operStatus == OperStatus.UP
  foreach address in subIface.ipv4.addresses
  where length(ipSubnet(address.ip, address.prefixLength)) == providerMask
  select {
    ifaceName: subIface.name,
    prefix: ipSubnet(address.ip, address.prefixLength),
    subnet: ipSubnet(networkAddress(ipSubnet(address.ip, address.prefixLength)),
                     address.prefixLength)
  };

// NQE query starts here
foreach listEntry in attList
let providerSubnet = ipSubnet(networkAddress(ipSubnet(listEntry.Cpe_Ip_Address, providerMask)),
                      providerMask)
let deviceMatch = (foreach entry in deviceSubnets
                   where entry.subnet == providerSubnet
                   select entry)
select {
  Device: (foreach x in deviceMatch select x?.deviceName),
  Provider_Subnets: providerSubnet,
  Interface: (foreach x in deviceMatch select x?.ifaceName),
  Subnet: (foreach x in deviceMatch select x?.subnet),
  Prefix: (foreach x in deviceMatch select x?.prefix),
  Circuit: listEntry.Site_Acc_Ckt,
  CPE_IP: listEntry.Cpe_Ip_Address,
  Conn_VPN_Name: listEntry.Conn_Vpn_Name
}

 

Sample service provider data


 

 

 

 

 

 

 

 

Sample query results

 

Be the first to reply!

Reply


Badge winners

  • NQE Contributor
    dakotagloryhas earned the badge NQE Contributor
  • Community Champ Award
    GaryBhas earned the badge Community Champ Award
  • Community Champ Award
    AndyLhas earned the badge Community Champ Award
  • NQE Contributor
    Christopherhas earned the badge NQE Contributor
  • NQE Contributor
    Tyson Henriehas earned the badge NQE Contributor
Show all badges
Terms of UseCookie settings