Are you affected by CVE-2024-3400?

The ability to perform end to end path simulation quickly across complex network environments means fast response to any issues or current design process requirements. The main reason that computer networks are built is to enable communication between two or more endpoints and the whole ecosystem is created for sharing information as efficiently as possible.

The IP Fabric platform is a unique tool that is capable of extremely fast end to end path simulation only by presenting the source IP (and VRF) and destination IP with port and protocol. Any application path can be technically verified from an operational perspective within seconds and without any extensive command-line knowledge just with read-only access to the platform.

image 5
End to End path simulation in IP Fabric's GUI

In companies and organizations using IP Fabric, an End-to-End path simulation is often a go-to tool for technical teams that tend to use the network in any way. It can be a server, application, or helpdesk team.

The API request for E2E path

Our previous articles are covering authentication and changing the settings via API. I strongly recommend reading them prior to testing the End to End over API. It will help with a basic understanding of workflows related to IP Fabric's API.

Now it's a good time to discover the endpoint with all its parameters.

# API Endpoint: 
apiEndpoint = 'https://ipfServerUrl/api/v1/graph/end-to-end-path'

# API Parameters:
e2eParams = {
     'e2eEndpoint' :  apiEndpoint,
     'sourceIP' : '?source=',
     'destinationIP' : '&destination=',
     'sourcePort' : '&sourcePort=10000',
     'destinationPort' : '&destinationPort=22',
     'asymetricOption' : '&asymmetric=false',
     'rpfOption' : '&rpf=true',
     'protocolType' : '&protocol=tcp',
     'snapshotID' : '&snapshot=696aee04-7370-47cf-bbcc-ef86d1bc5244',

In the previous Python3 snippet, we prepared the e2eParams object consisting of many keys and associated values. The API endpoint is a combination of the base and additional parameters, such as source and destination IP address, destination port, protocol type, and the snapshot ID.

The snapshot ID has to be defined and can be collected with GET request from 'https://ipfServerUrl/api/v1/snapshots'

As a next step, we can build the query to which we point the GET request towards:

e2eQuery = ''
for val in e2eParams.values(): e2eQuery += val

When the endpoint string is complete, we will simply send a GET type request. As a response, we get a full and detailed E2E path with each and every hop. For that purpose we can reuse the function from previous articles related to API webinar:

def e2ePath(e2e, e2eHeaders):
    e2eGet = requests.get(e2e, headers=e2eHeaders, verify=False)
    if e2eGet.ok: print(' The E2E path simulation is ready.')
    else: print(' UNABLE to simulate E2E: ' + e2eGet.text)
    return e2eGet

path = e2ePath(e2eQuery, authHeaders)

API response for E2E request

In the response we 3 main dictionary keys provided:

>>> e = e2ePath(e2eQuerry, headers)
The E2E path simulation is ready.

>>> e.json().keys()
dict_keys(['graph', 'ad'])

>>> e.json()['ad']

>>> e.json()['graph'].keys()
dict_keys(['nodes', 'lookup', 'edges', 'type'])

>>> for node in e.json()['graph']['nodes']: print(node['hostname'])
L66ACC23  <<< HOST

In the Python3 console outputs above we requested the path from IP Fabric. Then we quickly observed available keys, and as a last step printed list of network devices that the path is using.

Advantages of path simulation over API

The End to End application path simulation in IP Fabric's GUI is a powerful and fast troubleshooting tool. It's interactive and each routing or switching hop can be investigated individually as well.

pathVerification5 3
End to End path simulation in diagrams

But still, there are advantages for API simulation over GUI one. At first, the output in JSON format is ready for non-standard applications. Verifications like what are the IP hops and interfaces used on the path can be easily obtained. Secondly, the API call for path testing can be faster for testing across more than one snapshot.

Another great advantage can be integration plans with other tools. The end to end testing engine is ready to provide answers at a speed of light fashion.

Thank you for reading!

If you have found this article helpful, please follow our company’s LinkedIn or Blog, where there will be more content emerging. Furthermore, if you would like to test our platform to evaluate how it can assist you in managing your network more effectively, please let us know through

To read data from API directly from the IP Fabric platform is very simple. The best way to start is to have a quick look at our documentation. Even for anyone who's never done any testing before. It's very standard and it contains useful information about API endpoint, authentication options or response codes to begin with.

In the previous post, we demonstrated a quick tutorial for Zabbix and Ansible integration with Bash script. The current post is dedicated to authenticating to IP Fabric's API with username and password, get token and use token-based authentication furthermore. And finally to read data from API.

Authenticating to IP Fabric's API

There are two main HTTP authentication methods with only one possible sequence. The first is basic authentication, for which local or LDAP users can be utilized. The second is token-based and to request a token, one has to authenticate with the first method to get the token. That clarifies the sequence order.

Very importantly, any user has to log in via GUI beforehand to accept the End-User License Agreement (EULA). Only then we may begin.

For testing the API we will use standard Python3 (3.6.6) console in Ubuntu (18.04.3 LTS). In Python3 we will abstract all requests with the help of the 'requests' library, which includes all we need.

#> python3
 Python 3.6.8 (default, Oct  7 2019, 12:59:55) 
 [GCC 8.3.0] on linux
 Type "help", "copyright", "credits" or "license" for more information.
import requests
serverName = 'https://ipfabric.domain/api/v1/'
authData = { 'username': 'username', 'password' : 'password' }
authEndpoint = serverName + 'auth/login'
authPost =, json=authData, verify=False)

Testing responses in console

To confirm successful authentication, we may test for 'status_code' or 'reason' property from the response server.

>>> 200
>>> 'OK'
>>> dict_keys(['accessToken', 'refreshToken'])

According to our response, we can tell we have the access and refresh token ready. The access token expires after 30 minutes, it needs to be refreshed before with the refresh token, that expires after 24 hours if not blacklisted.

Read data from API

After successful authentication and with having the accessToken at hand, we can start the data mining from IP Fabric. All technology tables have their own API endpoint, that can be found on request.

We will start with the device inventory. To be able to perform token-based authentication, we will create the 'tokenHeaders' for our request. To get the data, we need to specify the right endpoint and the payload. In the payload we will can define columns, filters or even sorting options.

snapshotId = '$last'
devicesEndpoint = serverName + 'tables/inventory/devices'
devicesPayload = {'columns':["sn","hostname", "vendor"], filters: {}, 'snapshot':snapshotId,}

accessToken = authPost.json()['accessToken']
tokenHeaders = { 'Authorization' : 'Bearer ' + accessToken}

reqDevices =, headers=tokenHeaders, json=devicesPayload, verify=False)

>>> dict_keys(['data', '_meta'])
>>> {'limit': None, 'start': 0, 'count': 633, 'size': 633, 'snapshot': '86c65bbc-f3e2-4ca1-8b9a-f6eb859081ed'}         

The response provides two main dictionary keys: the 'data' (the actual data, list of devices with serial number and login IP) and '_meta' (contains response overview with a number of returned devices or snapshot identification). The full script with simple flow control is below.

Simple python3 script example for authenticating to IP Fabric's API and printing the _meta data from device inventory to the console.
# Built-in/Generic Imports
import requests,sys
# Suppressing SSL certificate warnings if needed

# Starting with variables
serverName = ''
snapshotId = '$last'
authData = { 'username': 'username', 'password' : 'password' }
authEndpoint = serverName + 'auth/login'
devicesEndpoint = serverName + 'tables/inventory/devices'
devicesPayload = {'columns':["sn","hostname", "vendor"],'snapshot':snapshotId,}

print('\n Attempting to authenticate to: ' + authEndpoint)
# Initiating authentication request to obtain authentication token
authPost =, json=authData, verify=False)
if not authPost.ok:
    print('Unable to authenticate: ' + authPost.text)
    print('\n ..Script will exit.\n')

# Collecting the accessToken 
accessToken = authPost.json()['accessToken']
# Creating the tokenHeaders 
tokenHeaders = { 'Authorization' : 'Bearer ' + accessToken}

print('\n Requesting data from API endpoint: ' + devicesEndpoint)
# Contacting the API endpoint for device inventory
reqDevices =, headers=tokenHeaders, json=devicesPayload, verify=False)
if not reqDevices.ok:
    print('Unable to authenticate: ' + reqDevices.text)
    print('\n ..Script will exit.\n')

# Printing _meta response
print('\n Data collected successfully…')
print('\n The _meta data: ' + str(reqDevices.json()['_meta']))
print('\nScript ends. \n ')

Thank you for reading and enjoy the first part of our recording:

If you have found this article helpful, please follow our company’s LinkedIn or Blog, where there will be more content emerging. Furthermore, if you would like to test our platform to evaluate how it can assist you in managing your network more effectively, please let us know through

We're Hiring!
Join the Team and be part of the Future of Network Automation
Available Positions
98 North Washington Street
Suite 407
Boston, MA 02114
United States
This is a block of text. Double-click this text to edit it.
Phone : +1 617-821-3639
IP Fabric s.r.o.
Kateřinská 466/40
Praha 2 - Nové Město, 120 00
Czech Republic
This is a block of text. Double-click this text to edit it.
Phone : +420 720 022 997
IP Fabric UK Limited
Gateley Legal, 1 Paternoster Square, London,
England EC4M 7DX
This is a block of text. Double-click this text to edit it.
Phone : +420 720 022 997
IP Fabric, Inc. © 2024 All Rights Reserved