One of the most challenging issues with a merger and acquisition, or preparing to sell your public IPv4 space, is ensuring the addresses and networks are cleaned from your environment. Using IP Fabric can remove many technical hurdles, because all your important networking information is in a single platform and accessible via a GUI and API.
I’ll be demonstrating reclaiming a 192.168.0.0/16 private space, but this methodology can be applied to any network you wish.
According to IPv4.Global, a trusted leader in the IPv4 resale marketplace, the January 2022 IPv4 Auction Sales Report had average prices ranging from $48-$54/address, an increase of over $20 per address compared to January 2021. If you were to sell IPv4 addresses at $50/address this could produce $200k for a /20, $800k for a /18, or $3M for a /16, which can easily cover the cost of your IP Fabric solution depending on the size of your network.
IP Fabric is a snapshot-based platform - it represents your network at a single point in time. The discovery process involves the application finding and logging into your network devices to collect information about how your network is configured. This is a fully automated system and uses information like CDP/LLDP neighbors, ARP, and routing tables to find other connected devices in your network. IP Fabric then crawls your network in this fashion until all neighbors have been tested.
One unique characteristic of IP Fabric is that it does not use SNMP to collect information, but rather retrieves data by either Telnet, SSH, or API calls. This provides a more robust collection of data compared to the limited information retrieved by SNMP alone.
Once discovery is completed and the snapshot is finished with calculations you can view detailed information about your network. Below is an example from a completed discovery:
One of the data points we collect is a device's ARP table, which allows the application to display all the hosts connected to your networking devices. In most cases your hosts will not have public IPv4 addresses tied to them, but this is a great place to start your check. However, if you are reclaiming private IP space - like in this example - this will greatly reduce the time needed to audit your network.
The Host IP Address column is filterable based on CIDR notation, and I have found two addresses that fall within our range. This table shows you valuable information such as the site, device and interface it is connected to, the gateway, MAC address, vendor, and VLAN information.
IP Fabric classifies IP addresses assigned to a network device as a "Managed IP" and not a host. This table can be found under Technology > Addressing > Managed IP. In the above example I have already applied our filter and we now have a list of devices and interfaces that would require a re-IP for a successful reclamation.
Also located under the Addressing Technology is information about your NAT Rules and Pools. In our environment, I have located two pools which both fall into our IP scope.
One of the most useful features of IP Fabric is that it collects all the routing table entries from all your devices and allows you to search your entire network without requiring a user to log into individual devices to query for this information.
To narrow down our results, I have chosen to create an Advanced Filter. My first filter is a regex of ^(S|C)$ on the Protocol column which will display all the Connected and Static routes.
My second filter is another regex of ^192.168. to show all routes of interest. This works great for a /8, /16, or /24 networks but if you are trying to reclaim a network not on a classful boundary some post-processing might be easier for filtering your results. All the data in IP Fabric is available in both an API and CSV export.
Filters can also be grouped so if you are reclaiming a /23 network this can easily be accomplished with a few more steps, as shown above. Filters can also be saved, but let's look at an Intent Verification rule which will make it easier to track your progress. Rules can be created on any technology table.
Once saved and applied you can easily track your reclamation efforts:
One of the best features of IP Fabric is its ability to take your network data and create topology diagrams. These are fully customizable where you can hide nodes and protocols, move items around, and save views for later use or export to a SVG or PNG. In the example above I have overlaid our intent rule which can give your team a great visual way to see where your networks are. I have opened one site (L37) which shows that 2 routers have a Static or Connected route for our 192.168.0.0/16 network. If you are interested in learning more about our diagraming, please take a look at our other blogs and YouTube channel.
Here are some other useful tables that can help narrow down where your IP addresses are located and how they are being used in your network. All of these can be located under the Technology menu.
Once your IP space has been cleaned and removed from your network it can become a tedious task of checking your access lists and firewall policies. IP Fabric supports multiple vendors and platforms and extracts these policies into a security data model which you can then search without requiring the knowledge of vendor specific commands. Just like the Routing table you can also create intent rules using regular expressions to ensure your firewalls and ACL’s have been scrubbed once the space has been removed from the network. (Extra caution must be considered cleaning up Private IPv4 in security policies to keep your network protected; since our lab only contains private addressing, I have used this as an example instead of a public range.)
In the examples below I have created two Intent Rules in the Security > “Access lists” and “Zone Firewall”. These use the regex “^192\.168\.” to search for a match in any of the addresses in the Source (Red) or Destination (Yellow) Addresses. I used red for the source because if you sell the address to another company you want to ensure any open firewalls are closed to external IP’s.
Although IP Fabric is not a full IP Administration system it does collect information from your devices, as seen above, which can be used to discover the least utilized networks to sell. The Hosts, Managed IP, and Routing tables can be easily pulled via the API or the Python ipfabric SDK to programmatically do calculations against your public IP ranges. Our Systems Engineering team can help provide example scripts to accomplish this.
On the topic of utilization, perhaps your company needs to purchase new IPv4 space. Deploying IP Fabric and having several months of snapshot data could be used to satisfy justification requirements for transfers. According to ARIN’s Number Resource Policy Manual Section 8.5 “organizations may qualify for additional IPv4 address blocks by demonstrating 80% utilization of their currently allocated space” and “details the use of at least 50% of the requested IPv4 block size within 24 months.”
Thanks to its automated collection and its modelling of network behavior, IP Fabric gives you a single, regularly updated view of your entire network addressing. Whether you want to understand the relationships and overlaps between the networks of two merging organizations or are preparing to sell some public IPv4 address space, that visibility will save you time and money with minimal effort.
This is just one of the many use cases for our market-leading Network Assurance technology!
For more information about the product and its use cases, check out our website https://ipfabric.io/ and other blog posts available at https://ipfabric.io/blog/, or request a demo with our team who can show you how to implement IP Fabric in your network: Request a Demo.