Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

API & Integration, DevOps,NetOps,SecOps

Reply

Find 'parent' network or network_container object of a host address or network.

[ Edited ]
New Member
Posts: 2
4089     0

Hi, I'm hoping there's a way to walk 'up' the tree and get a network or network container object from
a host address.

 

Given a host address like 10.0.0.1, or a network object like 10.0.0.0/24, can it find that it is a member of a network object 10.0.0.0/23? Or the network_container 10.0.0.0/8? IP is naturally hierarchical, so I'm hoping there's an inherent relationship which can be exploited.

 
Note that this suggestion seems to be incorrect: https://community.infoblox.com/t5/API-Integration/Find-subnet-given-device-IP/m-p/8072/highlight/fal...

 

 

Re: Find 'parent' network or network_container object of a host address or network.

Moderator
Moderator
Posts: 287
4089     0

Just ask it for the desired attribute.  All the available attributes are documented in the REST API guide, which is available from the appliance.

 

Ask about the network that contains an IP address:

 

curl -k1 -u admin:infoblox -X GET 'https://192.168.1.2/wapi/v2.8/ipv4address' -d 'ip_address=10.9.11.34' -d '_return_fields=network'


returns:

[
    {
        "_ref": "ipv4address/Li5pcHY0X2FkZHJlc3MkMTAuOS4xNi4zNC8w:10.9.11.34",
        "network": "10.9.11.0/24"
    }
]

 

Ask about the network container that contains the network:

curl -k1 -u admin:infoblox -X GET 'https://192.168.1.2/wapi/v2.8/network' -d 'network=10.9.11.0/24' -d '_return_fields=network_container'


returns:

[
    {
        "_ref": "network/ZG5zLm5ldHdvcmskMTAuOS4xNi4wLzI0LzA:10.9.11.0/24/default",
        "network_container": "10.8.0.0/15"
    }
]

Re: Find 'parent' network or network_container object of a host address or network.

[ Edited ]
New Member
Posts: 2
4089     0

Thanks a lot for this.

I'm not familiar with that syntax. I'm using requests, and the following URL isn't working. Any idea?

URL: https://INFOBLOX_HOST/wapi/v2.9.1/member?ipv4_address=10.126.234.14&_return_fields=network&_return_as_object=1

#response from ip network lookup:

{'Error': "AdmConProtoError: Unknown argument/field: 'network'",

'code': 'Client.Ibap.Proto',

'text': "Unknown argument/field: 'network'"}

A quick search through the WAPI guide only lists '&_return_fields=network' in POST operations, incidentally. 

Re: Find 'parent' network or network_container object of a host address or network.

Moderator
Moderator
Posts: 287
4089     0

This will work:

 

https://INFOBLOX_HOST/wapi/v2.9.1/ipv4address?ip_address=10.126.234.14&_return_fields=network&_return_as_object=1

 

Your request is asking for a member object, which is an Infoblox appliance.  While there may be an appliance with that address, the member object does not have "network" as a field.

 

Instead you would have to ask for the network of the ipv4address object.

 

 

Re: Find 'parent' network or network_container object of a host address or network.

Authority
Posts: 33
4089     0

What if the IP Address you're looking up is not in a defined leaf network, but is a part of a larger network container?

 

Example:

looking up 10.1.1.1

Network 10.1.0.0/16 or smaller is not configured

Network Container 10.0.0.0/8 = Internal Ranges

 

So https://<GM>/wapi/v2.10/ipv4address?ip_address=10.1.1.1 returns "A network was not found for this address." but a global search in the GUI shows it's in 10.0.0.0/8.

Re: Find 'parent' network or network_container object of a host address or network.

Moderator
Moderator
Posts: 287
4089     0

Unfortunately the network container cannot be identified directly from the IP address.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You