Cisco DNA 2.2.3.3 and reserve ip pool via API

trondaker · ‎01-29-2022

Hi,

I cant get the reserve_ip_subpool of the DnaCenterSDK to work. No matter what i put in the payload, i get the following error in the Audit logs in DNA:

"Either the CIDR address or the number of ips must be set."

The payload that im sending is the following:

prefix_to_reserve = {
"name": pool_name,
"site_id": site_id,
"type": "Generic",
"ipv4GlobalPool": "10.20.0.0/14",
"ipv4Prefix": True,
"ipv6AddressSpace": False,
"ipv4PrefixLength": 24,
"ipv4Subnet": "10.20.22.0",
"ipv4GateWay": "10.20.22.1",
"ipv6Prefix": True,
"ipv6GlobalPool": "2001:123::1234/64",
"ipv6PrefixLength": 64,
"ipv6Subnet": "2001:123::1234"
}

The reason i have IPv6 info there is the bugid CSCvz18353 where it doesnt work to reserve an ipv4 pool via API without ipv6 details. I have tried adding the ipv4totalhost as well, but same result. I can see the API receiving the request for the correct site, but theres something weird going on with the prefix-length it cant quite interpret. Anyone have a working solution? Doesnt have to be through the dnacentersdk.

Mike.Cifelli · ‎01-30-2022

Thanks for sharing the bug. Food for thought here, have you taken a peek at the following link to ensure you have the proper payload requirements: https://developer.cisco.com/docs/dna-center/#!reserve-ip-subpool

trondaker · ‎01-30-2022

Hi Mike,

Yea, looks to be correct - i have tried pretty much every permutation i can think of (ipv4subnet with full CIDR-notation and so on), but gives the same error regardless. The funny thing is that i struggled with this in 2.2.2.3 and made this post:

https://community.cisco.com/t5/cisco-digital-network/dna-2-2-2-3-and-reserve-ip-pool-api-call/m-p/4522437#M4604

And there, the ipv6 workaround worked. But now, in 2.2.3.3, the CIDR problem has surfaced.

trondaker · ‎01-30-2022

prefix_to_reserve = {
"ipv4Subnet": "10.20.22.0",
"ipv4TotalHost": 250,
"ipv4Prefix": True,
"ipv4PrefixLength": prefix_length,
"ipv4GateWay": gateway,
"ipv4DhcpServers": dhcpservers,
"ipv4GlobalPool": global_pool,
"ipv6AddressSpace": False,
"name": pool_name,
"site_id": site_id,
"type": "Generic",
}
print(dnac.network_settings.reserve_ip_subpool(headers=headers, site_id=site_id, payload=prefix_to_reserve))

Current payload and error-message

trondaker · ‎02-02-2022

Update - turns out that the global pool is a /14. For some reason (poor code review? ), this prefix length for a global pool doesnt work in 2.2.3.3 or 2.2.3.4. We have some global pools that are /16, and they work. So, bug. Have a tac-case open, and will update further later. For now, if you want to create global pools and reserve subpools via API, make sure the global pools are /16 (and maybe /8? Classful?).

Mike.Cifelli · ‎02-02-2022

Glad it is getting worked/figured out. Please share the bug link with the community so it can help others too. TIA!

trondaker · ‎02-04-2022

Its possible to hack it togheter with a different URL gleaned from http header inspection:

API request https://dna-center-ip/api/v2/ippool/group

Content :{
   "groupName":"test",
   "groupOwner":"DNAC",
   "type":"generic",
   "siteId":"d4388a42-15d1-4fcc-9a6b-9df6331fec2b",
   "ipPools":[
      {
         "parentUuid":"8e10309e-ba69-4c55-9e2d-09cfa8fa6a44",
         "dhcpServerIps":[
         ],
         "dnsServerIps":[
         ],
         "ipPoolOwner":"DNAC",
         "shared":true,
         "gateways":[
            "10.20.24.1"
         ],
         "ipPoolCidr":"10.20.24.0/24"
      }
   ]
}

Weird, is v2 something that will take over?