2586 - Consolidated NIOS DDI IPAM Administration Lab

Scenario

Your organization is undergoing several network and IPAM management changes to meet evolving operational requirements across departments and geographic locations. These changes are designed to improve the organization and tracking of network resources, streamline provisioning, and automate configurations. Specifically, you will:

• Create extensible attributes (EAs) to tag infrastructure and client devices with department-specific information, ensuring mandatory tracking for IPv4 and IPv6 Network objects.

• A new branch of your organization has been established in New York, USA. Create a /18 network container for the NAM area to easily manage the supernet in the new geo location.

• Utilize Net Maps to provision new networks and IP Maps to analyze network usage and investigate specific IP address details.

• Perform a network discovery to identify and resolve unauthorized devices and address potential IP conflicts.

• Use CSV imports to streamline the addition of DNS zones, networks, and IPAM data while addressing and correcting import errors.

Estimate Completion Time

• 60 to 70 minutes

Credentials

Requirements

• Administrative access to the NIOS Grid

Course References

• 1005: Using NIOS Extensible Attributes and Smart Folders

• 2005: Configuring NIOS Extensible Attributes (EA) and Smart Folders

• 2010: Configuring NIOS IPAM and Discovery

• 2011: Using NIOS CSV Import

Lab Initiation

Access jump-desktop

Once the lab is deployed, you can access the virtual machines required to complete this lab activity. To initiate the lab, click on the jump-desktop tile and login to the Linux UI:

Username: training

Password: infoblox

Initiate lab

To initiate the lab, double-click the Launch Lab icon on the Desktop.

Choose the lab number from the list and click OK.

After clicking OK, you will see a pop-up message with a brief description of the lab task. If the description looks correct, click Yes to continue lab initiation.

Lab initiation will take a couple of minutes to finish.

Once complete, you will see another pop-up message with the login credentials and the URL for the Grid Manager’s User Interface. Note that the credentials may differ from those from prior labs.

Tasks

Task 1: Creating an extensible attribute

Create an extensible attribute named Department. This EA should allow users to select the correct department from a drop-down list. This list should contain:

• Engineering

• IT

• Sales

• Training

Task 2: Creating a IPv4 Network Container for NAM Branch Networks

Create a Network Container for the supernet 172.31.64.0/18 to contain all of the NAM Branch Networks.

Task 3: Using Net Map to allocate a new IPv4 network

Having a network container for the supernet 172.31.64.0/18 gives you the ability to use the Net Map function for network allocation. Please use this function to provision a IPv4 network of size /24.

Task 4: Using IP Map to determine which IP addresses are in use

Switching to IP Map for a more detailed view, examine the network 172.31.101.0/24. Note down which IP addresses are in use, and what they are being used for. This

Task 5: Using IP Map to provide details IP addresses

Using the IP Map view, find more information about the IP addresses 172.31.101.69 and 172.31.101.70.

Task 6: Performing a discovery on a network

Perform a discovery on the network 10.100.0.0/24.

Hint: the Grid member ibns1.techblue.net provides DHCP service to this network. It is the most ideal member to perform the network discovery.

Task 7: Checking discovery progress

Use the dashboard to monitor the discovery progress.

Task 8: Investigating potential conflicts

After a successful discovery, investigate a potential conflict on the IP address 10.100.0.20.

Task 9: Import a DNS Zone Using the CSV Import Function

Navigate to the Grid Manager web interface and use the CSV Import function to import the AuthZone-Engineering.csv file. Ensure the import is successful.

Task 10: Import a CSV File Containing Errors

Use the CSV import function to import the AuthZone-Regions.csv file and download the error report to troubleshoot the import issues.

Task 11: Fix the CSV File Errors and Re-import the Data

Correct the errors in the CSV error report downloaded in Task 10, and re-import the data into the NIOS Grid.

Task 12: Import a CSV File Containing Network Data

Use the CSV import function to import the Network-techblue.net.csv file and verify that the network information has been imported correctly.

Task 13: Use a CSV File to Import Missing IPAM Information

Use the CSV import function to import the IPAM-techblue.net.csv file and verify that the IPAM data has been updated for the networks.

Solutions

Task 1 Solution: Create an extensible attribute

1. Navigate to Administration→Extensible Attributes

2. Click the Add button

3. For Name, enter Department

4. For Type, select List

5. To add the values, click the Add button and enter the first department name in the Value field

   

6. Repeat previous step, entering the values for remaining departments.

7. Click Next to proceed to Step 2 of the Add Extensible Attribute Wizard.

8. In the section Default Value, click the radio button Required.

9. Under the heading Restrict to Specific Object Types, click Add.

10. Click the Name field, the object list opens. Scroll to locate IPv4 Network.

    

11. With IPv4 Network in the Object Type list, click Add again.

12. Click the Name field, the object list opens. Scroll to locate IPv6 Network.

13. When complete, verify that your table contains both entries for IPv4 Network and IPv6 Network

    

14. Click Save & Close

Task 2 Solution: Creating a IPv4 Network Container for NAM Branch Networks

Create a Network Container for the supernet 172.31.64.0/18 to contain all of the NAM Branch Networks.

1. In the GM web interface, navigate to Data Management → IPAM

2. Click on Add (+) and choose IPv4 Network

3. Select the Add Network Container radio button, click Next

4. For Netmask, enter 18

5. Click Add (+) to add a network, and specify 172.31.64.0

6. For Comment, enter NAM Branch Networks

7. Click Save & Close

8. Click Restart in the Restart Services banner (appears automatically near the top)

9. The IPAM network list will now show the network container/folder for 172.31.64.0/18

Task 3 Solution: Using Net Map to allocate a new IPv4 network

This task demonstrates how you can use the Net Map function to easily provision additional smaller networks. For this task, you are provisioning a /24 network within a /18 space.

1. In the GM web interface, navigate to Data Management → IPAM.

2. You should now see a list of all IPAM Networks.

3. Click on the 172.31.64.0/18 Network Container.

4. You should now see the Net Map view of the networks.

5. Click on the blank space between the two existing networks, the blank space should now have a green line around it. You may choose any blank space to your liking. For this example, we will choose the blank space nearest to the top left for the lowest-numbered addresses.

   

6. Click on the Add (+) button, notice the Add Network slider/size has automatically been set to /24.

   

7. Click on the Launch Wizard button to launch the Add Network Wizard.

8. Select the options for Add Network and Manually, click Next.

9. Notice the Netmask and Network options have automatically been filled out.

   

10. Click Next and continue through the wizard until you reach Step 6 of 7.

11. At Step 6, locate the Extensible Attributes section.

    • Locate the attribute Department.

    • In the Value column, click the dropdown menu and select Training as the value for the attribute.

12. Click Save & Close to create the IPv4 network.

13. The blank space in Net Map view will now be filled in with a blue leaf network.

14. Hover your mouse over the leaf network will display details about that leaf network.

Task 4 Solution: Using IP Map to determine which IP addresses are in use

Use the IP Map to determine which IP addresses are in use on the 172.31.101.0/24 network

1. In the GM web interface, navigate to Data Management→IPAM

2. If you are already inside of an IPAM network, click the IPAM Home link to return to the top level

3. Click the link for the 172.31.64.0/18 network container

4. Click on 'List'. Then select the network 172.31.101.0/24

5. Click on ‘IP Map’ for the 172.31.101.0/24 network.

6. In the IP Map view, the color of the squares corresponds to the color key on the right of the map, detailing the usage of the IP addresses in the network.

Task 5 Solution: Using IP Map to provide details IP addresses

Find details about the IP address assigned to client testing-linux from IPAM.

1. Navigate to Data Management→IPAM

2. If you are already inside of an IPAM network, click the IPAM Home link to return to the top level.

3. Click the link for the 172.31.64.0/18 network container.

4. Click on 'List'. Then select the network 172.31.101.0/24.

5. Click on ‘IP Map’ for the 172.31.101.0/24 network.

6. In the IP Map view, you can hover over an IP address to see more information. Below is the information for 172.31.101.70:

   

7. Click on the IP address and more information is available on the bottom of the screen (need to scroll down). Below is the example for 172.31.101.70.

   

Task 6 Solution: Performing a discovery on a network

1. In the GM web interface, navigate to Data Management → IPAM.

2. If you are already inside of an IPAM network, click the IPAM Home link to return to the top level.

3. Go to the network 10.100.0.0/24, and select the IP Map view. You should see something similar to the screenshot below.

   

4. In the Toolbar, click Discovery → Discover Now.

   

5. The Discovery Manager dialog appears.

6. In Member Name, change member by clicking on Select Member and choose ibns1.techblue.net.

   

7. Click on the IPv4 Device Discovery tab and confirm the mode is FULL, and the network 10.100.0.0/24 is listed.

   

8. Click Save. Then click the Start button, this will perform a one-time discovery on the network.

9. You may click Close and the discovery will continue to run in the background.

Task 7 Solution: Checking discovery progress

1. To check on the status of the discovery, navigate to Dashboards → Status.

2. Find the Discovery Status widget. It displays the current discovery progress.

   

3. Wait for the discovery to be completed. This could take a few minutes.

Task 8 Solution: Investigating potential conflicts

1. Navigate to Data Management → IPAM, to the network 10.100.0.0/24 → IP Map.

2. The IP Map is now updated with the results from the network discovery. You should see some yellow entries (unmanaged hosts), and one red entry (conflict).

   

3. Click on the red entry (conflict), the IP address 10.100.0.20. Additional information is displayed both when you hover over the entry, and at the bottom of the screen.

4. With the conflict entry highlighted, click Toolbar → Resolve Conflict.

5. The description reads: “Discovered address is within an existing DHCP range but does not match an existing lease, fixed address, or exclusion range.”

   

6. At this point you may choose one of the 3 resolutions:

   1. Create a fixed address: If you chose this option, the IP address 10.100.0.20 will always be assigned to the MAC address b0:3a:3f:f2:13:7f.

   2. Create a reservation: If you chose this option, the IP address 10.100.0.20 will be reserved and never assigned to anyone.

   3. Ignore this conflict: You may need to investigate further before deciding what to do. If that is the case, choose this option.

The most likely option given the circumstances, would be Create a reservation. This will prevent a potential IP address conflict when the DHCP server hands out 10.100.0.20 to another device, while you investigate the root cause of why this MAC address b0:3a:3f:f2:13:7f is on this address. There are 2 possibilities: 1) it is configured statically/manually, or 2) it received this IP address from a different DHCP server. In the first case, you should still use Create a reservation, in addition to creating the appropriate DNS or Host information; in the second case, you need to locate the rogue DHCP server, so that all devices on this network receive DHCP leases only from the NIOS member.

Task 9 Solution: Import a DNS Zone Using the CSV Import Function

To import DNS zones into NIOS using CSV, follow these steps:

1. In the GM web interface, navigate to Data Management → DNS → Zones.

2. From the toolbar on the right, click CSV Import.

   

3. At Step 1 of 3, leave the radio button set to Add.

4. Click Next.

   

5. At Step 2 of 3, click Choose.

   

6. Open the Desktop and select the AuthZone-Engineering.csv file.

   

    

7. Select the radio button Skip to the next row and continue.

8. Click Next.

   

9. At Step 3 of 3, leave the settings unchanged.

10. Click Import.

    

11. At the Start CSV Import window, click Yes to proceed.

    

12. At the CSV Import Progress window, wait until the Rows completed section displays 6 of 6, indicating that the import process is complete.

13. Click Close.

    

14. Restart Services by clicking the Restart button in the notification banner at the top of Grid Manager UI

    

15. At the Restart Grid Services window, click Restart.

16. Navigate to Data Management → DNS → Zones → techblue.net → Subzones to verify that the new DNS zone has been imported successfully.

    

Task 10 Solution: Import CSV File with Errors and Fix the Errors

To import the AuthZone-Regions.csv file, follow these steps:

1. In the GM web interface, navigate to Data Management → DNS → Zones.

2. From the toolbar on the right, click CSV Import.

3. At Step 1 of 3, leave the radio button set to Add.

4. Click Next.

5. At Step 2 of 3, click Choose.

   

6. Select the AuthZone-Regions.csv file from the Desktop.

7. Select the radio button Skip to the next row and continue.

8. Click Next.

9. At Step 3 of 3, leave the settings unchanged.

10. Click Import.

    

11. At the Start CSV Import window, click Yes to proceed.

12. At the CSV Import Progress window, wait until the Current Status section no longer shows that it is pending.

13. Note that the Rows with errors section indicates that some rows were not imported.

14. Click the Download errors button.

    

     

15. Save the error file to the Downloads folder and make a note of the file name (e.g., csv-error.2.csv). This file will be used in Task 11.

Task 11 Solution: Fix the CSV File Errors and Re-import the Data

To fix the errors in the CSV file downloaded in Task 10, follow these steps:

1. Open the Downloads folder icon from the Linux Desktop.

2. Double-click the error file you downloaded (e.g., csv-error.2.csv) to open it in LibreOffice.

3. At the Text Import window, ensure the Character set is configured to UTF-8, leave the remaining settings unchanged, and click OK.

4. When the spreadsheet opens in LibreOffice , note that there is a new column at the beginning that includes the error.

   

5. Fix the errors by following these steps:

   • Scroll to the right until you see Column F.

   • Change the text from Internal NGS to Internal NSG.

   • Scroll back to Column A.

   • Click the column header labeled A to highlight the entire column.

   • Click Sheet from the menu.

   • Select Delete Columns.

6. Click File, then Save, and then click the Use Text CSV Format option.

7. Click File, then Exit LibreOffice to close the spreadsheet file and return to the browser window.

8. At the CSV Import Progress window, click Close.

9. Repeat the CSV Import process to import the newly edited file (e.g., csv-error.2.csv) from the Downloads folder.

10. Once completed, Restart Services by clicking the Restart button in the notification banner at the top of Grid Manager UI

11. At the Restart Grid Services window, click Restart.

12. Navigate to Data Management → DNS → Zones → techblue.net → Subzones.

13. Check the Zone list and verify that the following zones were imported successfully:

    • apj.techblue.net

    • emea.techblue.net

    • nam.techblue.net

    • latam.techblue.net (imported after the error was fixed).

      

Task 12 Solution: Import a CSV File Containing Network Data

To import the Network-techblue.net.csv file, follow these steps:

1. In the GM web interface, navigate to Data Management → IPAM.

2. From the toolbar on the right, click CSV Import.

3. At Step 1 of 3, leave the radio button set to Add.

4. Click Next.

5. At Step 2 of 3, click Choose.

6. Select the Network-techblue.net.csv file from the Desktop.

7. Select the radio button Skip to the next row and continue.

8. Click Next.

9. Click Import.

10. Click Yes at the Start CSV Import confirmation box.

11. Wait until 138 of 138 rows are imported with 0 errors.

12. Click Close to close the CSV Import Progress window.

13. Restart services if prompted.

14. Verify that the new networks are visible in IPAM. If the networks are not visible, click Toggle flat view to switch from hierarchical to flat view and display the networks as shown in the image below.

    

Task 13 Solution: Use a CSV File to Import Missing IPAM Information

To import the IPAM-techblue.net.csv file, follow these steps:

1. In the GM web interface, navigate to Data Management → IPAM.

2. From the toolbar on the right, click CSV Import.

3. At Step 1 of 3, change the radio button to Override.

   

4. Click Next.

5. At Step 2 of 3, click Choose.

6. Select the IPAM-techblue.net.csv file from the Desktop.

7. Select the radio button Skip to the next row and continue.

8. Click Next.

9. Click Import.

10. Click Yes at the Start CSV Import confirmation box.

11. Wait until the 145 of 145 rows are imported with 0 errors.

12. Click Close to close the CSV Import Progress window.

13. Restart services if requested.

14. Review the networks and you can see they have now been updated with additional information.