netbox icon indicating copy to clipboard operation
netbox copied to clipboard

Published 20 hours ago verified publisher icon netbox-community

Validation of IP Addresses when of type network or broadcast

Open falz opened this issue 3 years ago • 4 comments

NetBox version

v3.1.11

Feature type

New functionality

Proposed functionality

One of the many ways we use netbox is to assign IP addresses to device interfaces, which are used to push config changes to device.

Currently, one can add any ip address, including the network or broadcast address, to an interface. This is not a valid config from any devices standpoint. There are some obvious exceptions to this:

  • /31 - rfc3021
  • /32 - In our case, we set these to Role Loopback
  • /127 - rfc6164

Are there other use cases other than above where an IP object on a broadcast or network address should be added?

I would propose that some sort of validation happens when 'invalid' IP addresses are added to netbox. It's not entirely clear what the best validation here is but a few possibilities would be:

  • don't accept the IP
  • throw a big scary warning, but accept the IP

One could also consider a config knob to disable this sanity check and revert to current behavour.

It sounds like there may be a way to handle this via a custom validator, but it seems to be enough of a common issue that it seems worth discussion built in functionality.

There is some discussion about this in this slack thread.

Use case

Should help with user friendliness of end users using netbox, preventing humans clumsy entering invalid data.

Database changes

No response

External dependencies

No response

falz avatar Apr 07 '22 17:04 falz

Are there other use cases other than above where an IP object on a broadcast or network address should be added?

I can't think of any, but in case there are, we could optionally apply this validation only to IP addresses which have been assigned to an object (e.g. interface). That I think would be reasonable regardless.

jeremystretch avatar Apr 07 '22 18:04 jeremystretch

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. NetBox is governed by a small group of core maintainers which means not all opened issues may receive direct feedback. Do not attempt to circumvent this process by "bumping" the issue; doing so will result in its immediate closure and you may be barred from participating in any future discussions. Please see our contributing guide.

github-actions[bot] avatar Jul 24 '22 04:07 github-actions[bot]

I think this would be best blocked until we get #7845 implemented

DanSheps avatar Aug 02 '22 19:08 DanSheps

@DanSheps I don't think this has any dependency on #7845, since the IP address object has all the necessary information locally.

jeremystretch avatar Aug 16 '22 14:08 jeremystretch

I'll take this one

decoupca avatar May 15 '23 19:05 decoupca