netbox-sync icon indicating copy to clipboard operation
netbox-sync copied to clipboard

Published 20 hours ago verified publisher icon bb-Ricardo

IP address marked as orphaned when vNIC changes portgroup

Open gstorme opened this issue 2 years ago • 1 comments

Hi,

When switching the portgroup of 2 existing interfaces, that had IP addresses assigned to them, the IP's are marked as orphaned. They are also deleted according to the prune settings, and only during the sync that occurs after the delete action, they're added back to the changed interface.

More detail:

IP address 5.x.4.21/23 created by vcenter-sync

vrf: null
role: ""
tags: []
status: "active"
tenant: null
address: "5.x.4.21/23"
created: "2021-06-29"
dns_name: ""
nat_inside: null
description: ""
last_updated: "2021-06-29T06:04:44.508Z"
custom_fields: {}
assigned_object_id: 9378
assigned_object_type: 81

During same sync, the object is updated with the sync tags: IP address 5.x.4.21/23 updated by vcenter-sync

tags: [
    "NetBox-synced",
    "Source: com-vcenter008"
]

Weeks later, the VM gets a dist-upgrade and this causes Debian to mix up the interfaces after a reboot, and someone fixes this by changing the VM interfaces to the corresponding portgroups.

Situation before: vNIC1 -> HCL PUB 2489 vNIC2 -> portgroup abc vNIC3 -> portgroup def vNIC4 -> Netapp102 ClientMounts 3102

Situation after: vNIC1 -> Netapp102 ClientMounts 3102 vNIC2 -> portgroup abc vNIC3 -> portgroup def vNIC4 -> HCL PUB 2489

After this action, the sync log states:

WARNING: Current interface 'vNIC 1 (Netapp102 ClientMounts 3102) (com-vm022a.srv.masked-ops.net)' for IP '5.x.4.21/23' and this one 'vNIC 4 (HCL PUB 2489) (com-vm022a.srv.masked-ops.net)' are both enabled. IP assignment skipped because it is unclear which one is the correct one!

And the sync tags all the IP addresses of vNIC4 (previously vNIC1) as orphaned. After the prune_delay_in_days is over, the IP address is deleted. Only on the first sync after the sync deleted the IP's, the IP addresses are added back, and assigned to the correct vNIC.

Is it possible to detect this and link the IP addresses to the correct vNIC, instead of having the current flow where there's a gap and it seems the IP address does not exist between the sync where the prune action happens & the first sync after that?

gstorme avatar May 23 '22 12:05 gstorme

Hi,

You are correct, this is happening.

This would need a validation run to see if an IP address in NetBox is still assigned to the same interface.

I have to think about, how to solve this in the process logic.

bb-Ricardo avatar May 24 '22 06:05 bb-Ricardo

Hey @gstorme,

I could actually easily add this. If the scope is the same device/VM then it is pretty straight forward.

in the long run you should think about switching to a different Linux distribution if this keeps happening. The network device order should not change on any system update.

bb-Ricardo avatar Dec 28 '22 22:12 bb-Ricardo

Hey @gstorme,

I just pushed a change to "development" which should fix this issue. Can you please try it out if this resolves your issue?

bb-Ricardo avatar Dec 28 '22 23:12 bb-Ricardo

Looks good, thanks!

gstorme avatar Jan 09 '23 13:01 gstorme

Great, thank you for the feedback

bb-Ricardo avatar Jan 09 '23 20:01 bb-Ricardo