Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

API & Integration, DevOps,NetOps,SecOps

Reply

WAPI - Create Vlans with excluded id's

[ Edited ]
New Member
Posts: 1
2808     0

Hello,

I am doing custom integration with Infoblox, WAPI v2.10.

 

I am trying to reserve one or few vlans via WAPI using request call.

In one request I am trying to get vlanView reference, get next avaiable vlan id, excluding some specific id's, and create vlan object.

Here is example:

curl --location --request POST 'https://infoblox.lab/wapi/v2.10/request' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic xxxxxx' \
--data-raw '[
    {
        "method": "GET",
        "object": "vlanview",
        "data": {
            "name": "test_vlan"
        },
        "assign_state": {
            "vlanview_ref": "_ref"
        },
        "discard": false
    },
    {
        "method": "POST",
        "object": "##STATE:vlanview_ref:##",
        "args": {
            "_function": "next_available_vlan_id"
        },
        "data": {
            "num": 1,
            "exclude": [
                101,
                103,
                105,
                106
            ]
        },
        "assign_state": {
            "vlan_id": "vlan_ids"
        },
        "enable_substitution": true
    },
    {
        "method": "POST",
        "object": "vlan",
        "data": {
            "parent": "##STATE:vlanview_ref:##",
            "reserved": true,
            "name": "TestVlan",
            "id": "##STATE:vlan_id:##"
        },
        "assign_state": {
            "vlan_name": "name",
            "vlan_ref": "_ref",
            "vlan_id": "id"
        },
        "enable_substitution": true
    }
]'

I get error:

{
    "Error": "AdmConError: None ('int' object has no attribute 'iteritems')",
    "code": "Server.Ibap.Internal",
    "text": "Internal Error"
}

But if I delete  from request "exclude" object, then request works. 

Where is error ? I suspect Python library inside Infoblox because request like below works fine.

curl --location --request POST 'https://infoblox.lab/wapi/v2.10/vlanview/ZG5zLnZsYW5fdmlldyR0ZXN0X3ZsYW5fMTI2LjEwMC4yMDA:test_vlan_126/100/200?_function=next_available_vlan_id' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic xxxx' \
--data-raw '{
	"num":5,
	"exclude":[
		101,
		102,
		103,
		105
		]
}'

 

Re: WAPI - Create Vlans with excluded id's

[ Edited ]
Moderator
Moderator
Posts: 293
2809     0

Please open a support case on the issue with excludes. so I suspect you're correct about an internal defect.  As you can see, a simple call with next_available_vlan_id and an exclude is failing:  (I only have one vlanview called "default"...)

 

 

[
  {
	"method": "POST",
	"object": "vlanview/ZG5zLnZsYW5fdmlldyRkZWZhdWx0LjEuNDA5NA:default/1/4094",
	"args": { "_function": "next_available_vlan_id" },
	"data": { "num": "1", "exclude": [ 101, 103, 105, 106 ] },
	"enable_substitution": true
  }
]'

returns:

 

{ "Error": "AdmConError: None ('int' object has no attribute 'iteritems')",
  "code": "Server.Ibap.Internal",
  "text": "Internal Error"
}

 

I got the first two parts working if I took out the exclude part.

 

 

 

[
  {
	"method": "GET",
	"object": "vlanview",
	"data": { "name": "default" },
	"assign_state": { "vlanview_ref": "_ref" },
	"discard": false
  },
  {
	"method": "POST",
	"object": "##STATE:vlanview_ref:##",
	"args": { "_function": "next_available_vlan_id" },
	"data": { "num": 1},
	"assign_state": { "vlan_id": "vlan_ids" },
	"enable_substitution": true,
	"discard": false
  }
]

returns

 

[
    {
        "result": [
            {
                "_ref": "vlanview/ZG5zLnZsYW5fdmlldyRkZWZhdWx0LjEuNDA5NA:default/1/4094",
                "end_vlan_id": 4094,
                "name": "default",
                "start_vlan_id": 1
            }
        ]
    },
    {
        "result": {
            "vlan_ids": [
                100
            ]
        }
    }
]

because I reserved the first 99.

 

 

 

 

However I'm concerned because the second section returns an array and the third section is expecting a single integer. 

 

This call:

 

[
  {
	"method": "GET",
	"object": "vlanview",
	"data": { "name": "default" },
	"assign_state": { "vlanview_ref": "_ref" },
	"discard": false
  },
  {
	"method": "POST",
	"object": "##STATE:vlanview_ref:##",
	"args": { "_function": "next_available_vlan_id" },
	"data": { "num": 1},
	"assign_state": { "vlan_id": "vlan_ids" },
	"enable_substitution": true,
	"discard": false
  },
  {
    "method": "POST",
    "object": "vlan",
    "data": {
    	"parent": "##STATE:vlanview_ref:##",
    	"reserved": true,
    	"name": "TestVlan",
    	"id": "##STATE:vlan_id:##"
    },
    "assign_state": { "vlan_name": "name", "vlan_ref": "_ref", "vlan_id": "id" },
    "enable_substitution": true
  }
]

 

 

returns this:

 

 

{ "Error": "AdmConProtoError: Invalid value for id: [100]: Must be integer type",
  "code": "Client.Ibap.Proto",
  "text": "Invalid value for id: [100]: Must be integer type"
}

 

 

 

So perhaps a different strategy to acomplish the same results:  instead od posting to vlanview to get a new vlan, try posting a new vlan object, and use the "parent" field plus the "next_available_vlan_id" function there.

 

I will try the same when I have some time.

 

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

This widget could not be displayed.

Businesses are investing heavily into securing company resources from cyber-attacks form cybercrimin

" class="expert-of-month-image"/>