6 Replies Latest reply on Jul 10, 2013 6:49 AM by njoylif

    IPAM NOT REFLECTING IP ADDRESSES ACCURATELY

    jambo1967

      looking for a bit of help here fellow solarwinds bods

      im a contractor onsite at a site and iv came in to do odd jobs a lot round solarwinds so ive learned a lot about ipam/ncm/nta etc

      however one issue to clear up was why IPAM sometimes reflects an ip incorreclty i.e its reporting it as being free when its not an vice versa.

      now on network there is a mixed bag unix/linus boxes that have AIX firewalls  so solarwinds scan doesnt pick it up, but there is ips i believe are been used and IPAM is reportign as available and they are not linux or unix boxes.

      is there any quick fixes to tidy this up?is there anything around transient ips i can do(current settign is the default of 7 )...what exactly is transient ip also?

       

      any help would be greatly apprieciated

        • Re: IPAM NOT REFLECTING IP ADDRESSES ACCURATELY
          deverts

          jambo,

           

          First, you need to understand the polling process of IPAM.  By default, IPAM scans the configured networks every 4 hours for active IPs (ICMP/Ping).  Any IP that responds, gets polled a second time for SNMP info.  And then finally, IPAM will perform a DNS lookup for the IP.  I think in your particular situation, the device is not responding to ICMP requests, therefore, IPAM doesn't know the IP is in use.  If its a firewall, you will probably see failed ICMP requests in the logs; and you probably need to add a simple "allow ICMP" statement for your IPAM server.

           

          As for transient, this is typically for DHCP devices on the network.  It simply means that during the scan process above, it found an active IP on the network.  Then during the another scan, the IP was no longer responding.

           

          D

            • Re: IPAM NOT REFLECTING IP ADDRESSES ACCURATELY
              jambo1967

              HI deverts

               

              thanks for info on the 4 hourly scan, and reply.everything network wise I,e firewall rules are in place on the checkpoints between the diff zones or I wouldn't be scanning any ips on all my subnets.when I mention AIX firewalls these re actual firewalls on servers I.e unix/Linux boxes.i can live with that I.e IPAM can report these as on network as these servers r firewalled so don't reply

               

               

              is there a global setting in IPAM that can be configured/changed??

               

              is there anyone out there who has IPAM reflecting accurately their ip usage able to assiI feel free-:))))

              • Re: IPAM NOT REFLECTING IP ADDRESSES ACCURATELY
                njoylif

                the transient is also a "clean up" mechanism.  I have mine set to 30 days.  we do not use DHCP (don't manage admins in IPAM).

                so if a server goes off-line, after 30 days [for us], the IP will be reclaimed and all fields cleared; status will be set to available.

                 

                even though our processes for reclaiming resources is bullet-proof [NOT], this could be handy! 

                  • Re: IPAM NOT REFLECTING IP ADDRESSES ACCURATELY
                    deverts

                    njoylif,

                     

                    That is an awesome idea.  I didn't think about using it that way.

                    • Re: IPAM NOT REFLECTING IP ADDRESSES ACCURATELY
                      jambo1967

                      WE don't use dhcp in IPAM either, we have dhcp servers aside.i just want IPAM to reflect accurately once I scan a subnet, will changing transient to "30" make any impact to my issue?

                        • Re: IPAM NOT REFLECTING IP ADDRESSES ACCURATELY
                          njoylif

                          so...IPAM is as good as its access allows it to be.  Things to keep in mind:

                           

                          if it can't ping it, its not there [automagically].

                          NATs/PATs can be an issue due to this (also...firewalls typically don't allow hairpinning)

                          Systems with local firewalls enabled have to allow ping from main NPM box.

                          Sometimes you can use neighbor routers to fill in blanks.

                           

                          My NPM is "inside" of firewall.  I have a bunch of NATs on "outside" for web access, etc...   I point that subnet's "Neighbor Scanning" to that router and run a TCL script on it daily to ping sweep that subnet.  That makes sure the ARP table has everything and my IPAM is as complete as possible.

                          IPAM grabs the ARP table and populates/updates itself based on that.