05-27-2024 01:17 AM
What is the best way to extract all used IPs in the epg?
because we need to find a free ip in the subnet.
is there a way to get them from CLI?
Solved! Go to Solution.
05-27-2024 04:01 AM - edited 05-29-2024 02:19 PM
Hi @banoosh ,
[Edit 1: I just realised that I didn't answer your question. Which was to show "the best way to extract all used IPs in the epg?". Instead (based on your later confusing comment "we need to find a free ip in the subnet") I told you "the best way to extract all used IPs in the subnet?",
So, do you want
[Edit 2: To be sure, I've answered both, and expanded the sample data]
"Used IPs" is a very vague definition. Used today? Used last week? Used since 2022?
However, if you want a list of ALL IPs that are currently listed as discovered endpoints, you can use:
apic1# bash
T17@apic1:~> icurl -s 'http://localhost/api/node/class/fvIp.json' | jq '.imdata[].fvIp.attributes.addr'
"10.200.0.5"
"10.10.5.1"
"10.218.1.1"
"10.217.1.1"
"10.217.3.1"
"10.217.11.10"
"10.217.12.10"
"10.217.12.200"
"10.217.11.21"
"10.217.12.11"
"10.217.11.12"
"10.217.11.200"
"10.217.11.11"
"10.217.11.22"
"10.217.12.12"
But to restrict the list to a subnet - well, that's a bit trickier, although not too hard if your subnet is a /16 or /24.
Here's an example. Let's say you only wanted to see the IPs that began with 10.217.11. - i.e. the 10.217.11.0/24 subnet
apic1# bash
T17@apic1:~> icurl -s 'http://localhost/api/node/class/fvIp.json?query-target-filter=wcard(fvIp.dn,"10\.217\.11\.")' |
jq '.imdata[].fvIp.attributes.addr'
"10.217.11.10"
"10.217.11.21"
"10.217.11.12"
"10.217.11.200"
"10.217.11.11"
"10.217.11.22"
If say you only wanted to see the IPs that began with 10.217.11 or10.217.12 use:
apic1# bash
T17@apic1:~> icurl -s 'http://localhost/api/node/class/fvIp.json?query-target-filter=wcard(fvIp.dn,"10\.217\.1[12]\.")' |
jq '.imdata[].fvIp.attributes.addr'
"10.217.11.10"
"10.217.12.10"
"10.217.12.200"
"10.217.11.21"
"10.217.12.11"
"10.217.11.12"
"10.217.11.200"
"10.217.11.11"
"10.217.11.22"
"10.217.12.12"
I.e - you can use REGEX to narrow/expand the search.
Like I said before, "Used IPs" is a very vague definition.
However, if you want a list of ALL IPs that are currently listed as discovered endpoints for a particular EPG, you can use:
apic1# bash
T17@apic1:~> T=Tenant17 ;#Replace Tenant17 with the name of your Tenant
T17@apic1:~> A=3Tier_AP ;#Replace 3Tier_AP with the name of your Application Profile
T17@apic1:~> E=AppServers_EPG ;#Replace AppServers_EPG with the name of your EPG
T17@apic1:~> icurl -s "http://localhost/api/node/mo/uni/tn-${T}/ap-${A}/epg-${E}.json?\
query-target=children&target-subtree-class=fvCEp&rsp-subtree=full&rsp-subtree-class=fvIp" |
jq '.imdata[].fvCEp.children[].fvIp.attributes.addr'
"10.217.11.11"
"10.217.11.12"
"10.217.11.200"
"10.217.11.10"
As you can see, in my particular case, the IPs are in the same subnet (I'm using a /24 mask), but endpoints in an EPG don't HAVE to be all in the same subnet.
Not only that, not all IPs for a subnet need be in the same EPG. You'll notice that this list is missing 2 IPs that are in the list in Answer#1 for the 10.217.11.0/24 subnet because they belong to another EPG.
05-27-2024 04:01 AM - edited 05-29-2024 02:19 PM
Hi @banoosh ,
[Edit 1: I just realised that I didn't answer your question. Which was to show "the best way to extract all used IPs in the epg?". Instead (based on your later confusing comment "we need to find a free ip in the subnet") I told you "the best way to extract all used IPs in the subnet?",
So, do you want
[Edit 2: To be sure, I've answered both, and expanded the sample data]
"Used IPs" is a very vague definition. Used today? Used last week? Used since 2022?
However, if you want a list of ALL IPs that are currently listed as discovered endpoints, you can use:
apic1# bash
T17@apic1:~> icurl -s 'http://localhost/api/node/class/fvIp.json' | jq '.imdata[].fvIp.attributes.addr'
"10.200.0.5"
"10.10.5.1"
"10.218.1.1"
"10.217.1.1"
"10.217.3.1"
"10.217.11.10"
"10.217.12.10"
"10.217.12.200"
"10.217.11.21"
"10.217.12.11"
"10.217.11.12"
"10.217.11.200"
"10.217.11.11"
"10.217.11.22"
"10.217.12.12"
But to restrict the list to a subnet - well, that's a bit trickier, although not too hard if your subnet is a /16 or /24.
Here's an example. Let's say you only wanted to see the IPs that began with 10.217.11. - i.e. the 10.217.11.0/24 subnet
apic1# bash
T17@apic1:~> icurl -s 'http://localhost/api/node/class/fvIp.json?query-target-filter=wcard(fvIp.dn,"10\.217\.11\.")' |
jq '.imdata[].fvIp.attributes.addr'
"10.217.11.10"
"10.217.11.21"
"10.217.11.12"
"10.217.11.200"
"10.217.11.11"
"10.217.11.22"
If say you only wanted to see the IPs that began with 10.217.11 or10.217.12 use:
apic1# bash
T17@apic1:~> icurl -s 'http://localhost/api/node/class/fvIp.json?query-target-filter=wcard(fvIp.dn,"10\.217\.1[12]\.")' |
jq '.imdata[].fvIp.attributes.addr'
"10.217.11.10"
"10.217.12.10"
"10.217.12.200"
"10.217.11.21"
"10.217.12.11"
"10.217.11.12"
"10.217.11.200"
"10.217.11.11"
"10.217.11.22"
"10.217.12.12"
I.e - you can use REGEX to narrow/expand the search.
Like I said before, "Used IPs" is a very vague definition.
However, if you want a list of ALL IPs that are currently listed as discovered endpoints for a particular EPG, you can use:
apic1# bash
T17@apic1:~> T=Tenant17 ;#Replace Tenant17 with the name of your Tenant
T17@apic1:~> A=3Tier_AP ;#Replace 3Tier_AP with the name of your Application Profile
T17@apic1:~> E=AppServers_EPG ;#Replace AppServers_EPG with the name of your EPG
T17@apic1:~> icurl -s "http://localhost/api/node/mo/uni/tn-${T}/ap-${A}/epg-${E}.json?\
query-target=children&target-subtree-class=fvCEp&rsp-subtree=full&rsp-subtree-class=fvIp" |
jq '.imdata[].fvCEp.children[].fvIp.attributes.addr'
"10.217.11.11"
"10.217.11.12"
"10.217.11.200"
"10.217.11.10"
As you can see, in my particular case, the IPs are in the same subnet (I'm using a /24 mask), but endpoints in an EPG don't HAVE to be all in the same subnet.
Not only that, not all IPs for a subnet need be in the same EPG. You'll notice that this list is missing 2 IPs that are in the list in Answer#1 for the 10.217.11.0/24 subnet because they belong to another EPG.
05-29-2024 12:35 AM
thanks @RedNectar
06-03-2024 10:55 PM
If your question has been answered, it is a great idea to mark the question as being answered. This helps:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide