future IPAM management for large SDWAN Networks

Angel_Inglese
Here to help

future IPAM management for large SDWAN Networks

Good friday!

 

is there any IPAM feature in the future on how can I implement IPAM for Meraki networks?, some SDWAN networks are pretty large and I want to read some experiences / ideas around this feature. 

 

I might think this is a "Make a Wish" post, but the section "Remote VPN participants" inside Site-to-Site VPN is a good start but it only implies SDWAN networks. 

 

thank you,

8 REPLIES 8
KarstenI
Head in the Cloud

Re: future IPAM management for large SDWAN Networks

Or an IP-address-report for the whole organisation? +1 from me! 

ww
Kind of a big deal
Kind of a big deal

Re: future IPAM management for large SDWAN Networks

You can use the API to get info. 

Angel_Inglese
Here to help

Re: future IPAM management for large SDWAN Networks

I actually though a lot about this but as we all know, it'll take a lot of time to develop a solution as an IPAM feature. Or is out there any solution I don't actually know that can interact with Meraki API to acoomplish this task? 

 

thanks again

KarstenI
Head in the Cloud

Re: future IPAM management for large SDWAN Networks


@ww wrote:

You can use the API to get info. 


I directly looked if @PhilipDAth already has a script for this ... 🙂

Angel_Inglese
Here to help

Re: future IPAM management for large SDWAN Networks

This could evolve as how IPAM solutions would integrate with Meraki. But for today I got a great API call:

 

https://developer.cisco.com/meraki/api-v1/#!get-device-appliance-dhcp-subnets

 

this would give me the details related to the config, this is one step.

 

I'll try to undesrtand what's needed to develop an IPAM solution arround API or SNMPing the ARP at least. Let's see how it goes though.

 

Also tried to compare prices for this solutions and those are quite expensive. I didn't know that until now. 

GIdenJoe
Kind of a big deal

Re: future IPAM management for large SDWAN Networks

I would also go the separate push/pull API based solution.

Software than plans your address space on it's own and then reads your current org for subnets and push out own addresses per network.

 

A bit like you have DNA-center carving out subnets for each site in a design section and then creating networks with the IP addresses.

 

I also don't particularly like the current Meraki template implementation where they choose random subnets for template networks if you have multiple VLAN's.

PhilipDAth
Kind of a big deal

Re: future IPAM management for large SDWAN Networks

For larger networks I allocate a supernet and let a template sub-allocate the address space itself.  You can search the route table of a hub to check for any specifically allocated subnet.

 

For other things, I just use Excel ...

 

 

GIdenJoe
Kind of a big deal

Re: future IPAM management for large SDWAN Networks

Hey @PhilipDAth that was what I was referring to.

 

If you have multiple VLAN's per template network the carving of subnets will be random.

For example if you have 10.0.0.0/8 as an IP block to carve from and you want /24's for each VLAN on a template network one branch could get 10.5.15.0/24 and 10.66.22.0/24 with the Meraki implementation.  That's just horrible IMHO.  I'd rather have that one branch would get 10.5.15.0/24 for VLAN x and 10.5.16.0/24 for VLAN y.

It would have been better that you could choose:

1) your ip block to carve from
2) an ip block per site
3) an offset for each VLAN that applies to all template branches.

I guess one could script that 🙂

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.