netbox icon indicating copy to clipboard operation
netbox copied to clipboard
verified publisher icon netbox-community

Add option to assign an FHRP group to a tunnel termination

Open dreng opened this issue 1 year ago • 5 comments

NetBox version

v4.1.6

Feature type

Change to existing functionality

Triage priority

N/A

Proposed functionality

In the "add a new tunnel" screen, please add an option "FHRP Group" to the first and second termination type. If selected, the following field (that switches between "Device" and "Virtual Machine") should change the Caption to "FHRP Group" and query FHRP Groups.

Use case

With a redundant tunnel hub, it does not reflect the reality that the termination must be assigned to a device. Instead, the termination should be assigned to a virtual interface which does not belong to a specific device but to a FHRP Group.

Database changes

Not sure

External dependencies

None

dreng avatar Nov 06 '24 13:11 dreng

I'd like to point out that in fact a tunnel termination point is not an interface but an IP address (or even an IP address set).

wlnx avatar Feb 28 '25 06:02 wlnx

Yeah, I don't see how this is intended to work. Tunnels must terminate to interfaces.

jeremystretch avatar Feb 28 '25 13:02 jeremystretch

Yeah, I don't see how this is intended to work. Tunnels must terminate to interfaces.

Uhm, sorry. I've read some discussions and discovered that virtual interfaces should be created for tunnels to terminate. That's OK (IPsec tunnels don't seem to be OK, but let's leave them alone). Anyway, I found no option to create a virtual interface on top of FHRP. Maybe, I missed something, could you show me the way, please? Thank you.

wlnx avatar Mar 03 '25 16:03 wlnx

Tunnels must terminate to interfaces.

I agree. But in an active/passive configuration, how would you suggest to document such networks? Let's say, wie have two routers in an active/passive HA cluster, R1 and R2. In the current situation, you have to define the tunnel termination to an interface of just one of this devices, let's say tun0 of R1. If R1 fails, R2 becomes active automatically, which means that the tunnel termination switches to tun0 of R2. This situation lets the documented state in NetBox instantly become incorrect. I currently don't see a good workaround without changing NetBox code. Suggestions are welcome.

dreng avatar Mar 26 '25 13:03 dreng

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. NetBox is governed by a small group of core maintainers which means not all opened issues may receive direct feedback. Do not attempt to circumvent this process by "bumping" the issue; doing so will result in its immediate closure and you may be barred from participating in any future discussions. Please see our contributing guide.

github-actions[bot] avatar Jun 25 '25 04:06 github-actions[bot]

This issue has been automatically closed due to lack of activity. In an effort to reduce noise, please do not comment any further. Note that the core maintainers may elect to reopen this issue at a later date if deemed necessary.

github-actions[bot] avatar Jul 25 '25 04:07 github-actions[bot]