Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow Vlan 4095 #18169

Open
Nexis81 opened this issue Dec 5, 2024 · 0 comments
Open

Allow Vlan 4095 #18169

Nexis81 opened this issue Dec 5, 2024 · 0 comments
Labels
status: needs triage This issue is awaiting triage by a maintainer type: feature Introduction of new functionality to the application

Comments

@Nexis81
Copy link

Nexis81 commented Dec 5, 2024

NetBox version

v4.1.6

Feature type

Change to existing functionality

Triage priority

N/A

Proposed functionality

The proposed functionality is to enable the use of VLAN ID 4095 within NetBox, specifically for VMware environments or other specialized use cases. This change would include:

Validation Updates:
Modify the validation logic in NetBox to allow the configuration of VLAN 4095.
Ensure VLAN 4095 is treated as a valid VLAN ID when defining VLANs in the database, API, and UI.

Documentation Support:
Permit users to document VMware environments where VLAN 4095 is used for monitoring purposes (e.g., IDS/IPS traffic monitoring).

API Integration:
Ensure that NetBox's API supports VLAN 4095, allowing VMware-related automation and integration tools to use this VLAN ID when configuring or syncing data.

Optional Role/Scope Restriction:
Optionally restrict VLAN 4095 to specific use cases, such as:
VMware devices or configurations.
Special roles like "monitoring" or "trunking."
This change would allow NetBox to support organizations that use VLAN 4095 for valid and critical purposes, enabling more accurate network documentation and improved automation with platforms like VMware.

Use case

Scenario:
An organization deploys an IDS/IPS solution that relies on virtual sensors (vSensors) installed on all VMware vCenter hosts. These vSensors are configured to use VLAN 4095, which is a reserved VLAN in VMware environments, to monitor traffic across all VLANs on an internal vSwitch. This configuration allows the IDS/IPS system to analyze and secure network traffic efficiently.

Challenges:
- Documentation Gaps:
NetBox currently prohibits the use of VLAN 4095, making it impossible to accurately document VMware setups that utilize this VLAN for traffic monitoring.
As a result, the representation of VMware network configurations in NetBox is incomplete or inaccurate.

Automation Limitations:
Many organizations rely on APIs to integrate NetBox with VMware for automated network configuration and synchronization. The restriction on VLAN 4095 in NetBox prevents full automation, as configurations requiring this VLAN cannot be generated or applied through NetBox.

- Consistency and Accuracy:
Inconsistent documentation or manual workarounds, such as adding VLAN 4095 directly to the database via tools like pgAdmin, creates potential for errors and undermines NetBox’s value as a "source of truth."

Database changes

None

External dependencies

None
@Nexis81 Nexis81 added status: needs triage This issue is awaiting triage by a maintainer type: feature Introduction of new functionality to the application labels Dec 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: needs triage This issue is awaiting triage by a maintainer type: feature Introduction of new functionality to the application
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Nexis81