Hi,
I'm looking for a bit of help and guidance to be able to create a report to show what nodes are using a particular IP Helper Address or to find out if it is even possible to create this kind of report.
Thanks In advance.
Ok I just created a report and uploaded it to the content exchange area on thwack. The report is called IP Helper Address and it will need to be modified a bit by changing the actual IP address in the rule. Also you can change the policy to check only selected nodes but I currently have it checking the configurations on all devices. There are two policies that are in there, a fail if found and a fail if not found. If you want to know what all devices do have a certain IP Helper Address configured use the fail if found rule and policy. If you want to know which ones do not have the IP Helper Address configured on it use the fail if not found one. Let me know if you have any questions on it and I can help you out.
It is possible to set this up, but personally I would do it with a compliance Rule, Policy, and Report in NCM. That way you can look at all your nodes and it can report on the ones where the IP Helper address was found. I can help you setup the Rule, Policy and Report in NCM if you would like.
Chris T, I am interested in setting this up for my environment. Do you have a policy available for import? Or willing to assist with setting this up?
Thanks Chris, that would be great, any help is very much appreciated.
I do not have one currently available for import. I can make a guide and post it in here on how to do it though. Give me a little bit and I will post it later today for you.
I just uploaded a policy for this so you can check it out, its called IP Helper Address and it is in the Content Exchange. It has two different policies for it, a fail if found and a fail if not found. Modify it to suite you needs as it is just checking for a Helper Address of 1.1.1.1 right now. Let me know if you have any questions.
Thank you Chris. If you plan to attend the SolarWinds Federal User Group next week perhaps I can thank you in person.
Here is what I think is a better solution... This is using a solution I figured out for other things like community strings or NTP servers where you use a negative lookahead buffer in your regular expression to find all non-confirming lines of a specific type. In the example below it is looking for any instance of "ip helper-address 1.1.1.1" and "ip helper-address 2.2.2.2", which are the only VALID helper addresses. This rule will flag on anything BUT those two helper-addresses. You can easily increase or decrease the # of valid helper addresses by adjusting the regex.
Chris this is perfect, thank you very much for your help. Greatly appreciated.
Thank you so much for sharing this information! Just trying to take this to the next step... has anyone had any success with writing a remediation script for this? For example, if I'm upgrading the DHCP server to 2016 with a new IP address, is there a way for this policy rule to use the interface identified from this report and add the new ip helper-address?
example 1 -
router1 would have this script:
conf t
interface fastethernet 0/0
no ip helper-address 1.1.1.1
ip helper-address 3.3.3.3
example 2 -
layer3switch1 would have this script:
interface vlan10
Update:
Looking around, I believe this post helped me answer this question - https://thwack.solarwinds.com/message/356335
