Hi @banoosh ,
[Edit 1: I just realised that I didn't answer your question. Which was to show "the best way to extract all used IPs in the epg?". Instead (based on your later confusing comment "we need to find a free ip in the subnet") I told you "the best way to extract all used IPs in the subnet?",
So, do you want
- "the best way to extract all used IPs in the epg?"
- "the best way to extract all used IPs in the subnet?"]
[Edit 2: To be sure, I've answered both, and expanded the sample data]
Answer #1 - the one I THINK you wanted - option2: "the best way to extract all used IPs in the subnet"
"Used IPs" is a very vague definition. Used today? Used last week? Used since 2022?
However, if you want a list of ALL IPs that are currently listed as discovered endpoints, you can use:
apic1# bash
T17@apic1:~> icurl -s 'http://localhost/api/node/class/fvIp.json' | jq '.imdata[].fvIp.attributes.addr'
Click to expand and see the (very limited) result in my lab
"10.200.0.5"
"10.10.5.1"
"10.218.1.1"
"10.217.1.1"
"10.217.3.1"
"10.217.11.10"
"10.217.12.10"
"10.217.12.200"
"10.217.11.21"
"10.217.12.11"
"10.217.11.12"
"10.217.11.200"
"10.217.11.11"
"10.217.11.22"
"10.217.12.12"
But to restrict the list to a subnet - well, that's a bit trickier, although not too hard if your subnet is a /16 or /24.
Here's an example. Let's say you only wanted to see the IPs that began with 10.217.11. - i.e. the 10.217.11.0/24 subnet
apic1# bash
T17@apic1:~> icurl -s 'http://localhost/api/node/class/fvIp.json?query-target-filter=wcard(fvIp.dn,"10\.217\.11\.")' |
jq '.imdata[].fvIp.attributes.addr'
Click to expand and see the (very limited) result in my lab
"10.217.11.10"
"10.217.11.21"
"10.217.11.12"
"10.217.11.200"
"10.217.11.11"
"10.217.11.22"
If say you only wanted to see the IPs that began with 10.217.11 or10.217.12 use:
apic1# bash
T17@apic1:~> icurl -s 'http://localhost/api/node/class/fvIp.json?query-target-filter=wcard(fvIp.dn,"10\.217\.1[12]\.")' |
jq '.imdata[].fvIp.attributes.addr'
Click to expand and see the (very limited) result in my lab
"10.217.11.10"
"10.217.12.10"
"10.217.12.200"
"10.217.11.21"
"10.217.12.11"
"10.217.11.12"
"10.217.11.200"
"10.217.11.11"
"10.217.11.22"
"10.217.12.12"
I.e - you can use REGEX to narrow/expand the search.
Answer #2 - the one you asked - option1: "the best way to extract all used IPs in the epg"
Like I said before, "Used IPs" is a very vague definition.
However, if you want a list of ALL IPs that are currently listed as discovered endpoints for a particular EPG, you can use:
apic1# bash
T17@apic1:~> T=Tenant17 ;#Replace Tenant17 with the name of your Tenant
T17@apic1:~> A=3Tier_AP ;#Replace 3Tier_AP with the name of your Application Profile
T17@apic1:~> E=AppServers_EPG ;#Replace AppServers_EPG with the name of your EPG
T17@apic1:~> icurl -s "http://localhost/api/node/mo/uni/tn-${T}/ap-${A}/epg-${E}.json?\
query-target=children&target-subtree-class=fvCEp&rsp-subtree=full&rsp-subtree-class=fvIp" |
jq '.imdata[].fvCEp.children[].fvIp.attributes.addr'
Click to expand and see the result in my lab
"10.217.11.11"
"10.217.11.12"
"10.217.11.200"
"10.217.11.10"
As you can see, in my particular case, the IPs are in the same subnet (I'm using a /24 mask), but endpoints in an EPG don't HAVE to be all in the same subnet.
Not only that, not all IPs for a subnet need be in the same EPG. You'll notice that this list is missing 2 IPs that are in the list in Answer#1 for the 10.217.11.0/24 subnet because they belong to another EPG.
RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.
