IP Fabric 3.4: Path lookup updates and LDAP improvements
Finally, there’s another major release of IP Fabric 3.4 on its way to our dedicated customers, partners and supporters around the globe. The recent weeks were quite hectic. We were finalizing the major release with a lot of important improvements and at the same time, part of our team attended Cisco Live in Barcelona to connect with our client base and promote our work to a new audience.
To point out few enhancements: there’s a significant update for LDAP authentication within the tool, end to end path lookup is now available on the Cisco ACI environment and we now support the Quagga routing suite in our system.
Updates in diagrams
There have been minor changes and adjustments in diagrams in the new 3.4 major release. Some to mention, the Cisco FEX position is now correctly restored across snapshots.
End to End path update
The end to end (E2E) application path simulation has been one of the most wanted features within the IP Fabric ever since. And it’s fundamental for engineers to query what is the actual path over the network for a specific source and destination IP addresses and ports. And now there’s been two important changes.
First is the E2E lookup over ACI enabled infrastructure. The IP Fabric is now capable of simulating the path for a packet entering LEAF, based on ‘endpoint’ table lookup and directing it towards the correct bridge domain or VRF.
Second is the selection of source routing instance (VRF). That is particularly useful for E2E for VPNv4 over MPLS infrastructure, where duplicate address spaces are expected.
LDAP authentication updates
The previous support for LDAP authentication within IP Fabric was implemented quite some time ago and was merely basic compared to required standards these days.
When migrating LDAP from version 3.3.3 (or any previous version) to 3.4.0, it’s recommended to configure new IPF to LDAP to be able to use the Permission Group support seamlessly. There’s a minor update for LDAP in 3.4.1 after several bugs were detected.
As a result, an example of working configuration within the IP Fabric domain is in the picture below.
Additionally, the Permission groups can be defined to narrow down the scope of permitted users within organization, which adds greater flexibility for admins. From 3.4, there’s no need to define LDAP users manually anymore. For more information about LDAP Settings, please, visit our doku base.
Quagga Routing Suite support
Quagga is a routing software suite providing routing protocol implementations. The discovery is now supported only via standard CLI (SSH). It’s important to note that IP Fabric needs direct access, not VTYSH access.
The main support is including routing table, interfaces, VRFs, BGP or OSPF.
Technology and tables improvements
The technology tables in IP Fabric provide standardized output to any supported technology and vendor. They are the foundation of fast and simple information lookup, that’s essential to troubleshooting and analysis speed.
End Of Life table improvements
The EoL is now in high definition as well. So far the IP Fabric provided only a summary view per part ID for all EoL occurrences. That’s changed and since 3.4, there’s detailed information as well for each device, part ID or serial number lookup.
New L3VPN information tables
Firstly, by the end of 2018, the IP Fabric platform started to step from the pure enterprise into the service provider world with the first MPLS iteration. There’s more to come for the ISP territory in 2020 (VPLS, PseudoWires, NG Multicast, ..), but that’s for the plans. To sum up, the information about Layer 3 VPNs for the provider’s edge is presenting even better portray.
Information includes route targets, route distinguishers, source PE VRF, address families or summary view.
Even more to add
In addition, PaloAlto’s virtual contexts that are now supported. New VRF column to BGP, IS-IS, OSPF, OSPFv3 tables was added. For the full scope of changes, please, visit our release notes online.
If you have found this article resourceful, please follow our company’s LinkedIn or Blog, where there will be more content emerging. Furthermore, if you would like to test our platform to evaluate how it can assist you in managing your network more effectively, please let us know through www.ipfabric.io.