i find myself breaking things far too often. maybe i’ve broken a lot more than i wanted to.

i’m a software engineer gone cyber security geek. i love to pentest, code, and break things… not in that order. i also game from time to time. stick around, you may like my content.

tech – tips – reviews – gaming

a developer gone cyber security geek

The Geek Bin

IPAM: Network and rack oversight made easy.

As you may be able to tell I’m a big fan of IPAM. My initial impression was this software is fantastic and free, it’s fully lived up to my expectations. I’ve got a fair amount of networking going on in my servers, linking them together then back to home for easy access.

The ability to view my entire network, rack positionings, and configuration details required helps me visualize and implement what I picture in my head. It’s got it’s reasonable limits, but it’s saved me tons of time. I’ve even started tracking customer IP information in my IPAM instance for those whom I do computer repair / support on.

For example, I manage my entire internal subnets, their VLANs, and information. In here, I’ve got the oversight of the network subnets, and upon clicking I can view the host information, set PTR/reverse-dns records, and have IPAM reach out to these networks to make sure they’re alive. It’s a lot to configure, but it’s worth it.

IPAM Managing Internal Subnets

Since implementing IPAM, I’ve added all my server subnets, all routing details, gateways and customer IP information. It’s allowed me to place items in my rack, visualize it, and also manage circuits and transit providers. For example, I get unmetered gigabit via HE in my current rack, but I also have some Cogent and Allstream supplied by my upstream, so if my HE connection goes down, I won’t be offline until it’s restored.

I’ve added these all as circuts, and it’s helped me visualize my weaknesses, for example, right now despite being in a high-availability setup, my networking is borked when it comes to inner-machine communication, and I often have to cheat and use a proxy to get around this (eg, the host). This is on the chopping list, soon I’ll be free of the curse of bad networking!

It’s been a fun adventure so far, I’m hoping to link it into my Blesta instance. I’ve been relying on Blesta to bill some friends who rent virtual machines and colocate with me. It helps me keep track of the billing and support side, while IPAM lets me track the administrative side. So far, I’ve had no complaints in either side, except some nice-to-haves, like better Proxmox integration in Blesta and support for exporting proxmox network configurations to IPAM.

Eventually, I’ll get to adding this myself! Until then, it’s mostly manual labor to do it all, some automated network pushes with salt on virtual machines when necessary.

Till tomorrows adventure!

Add Comment