Maximum number of routes nearing (IPv4)-f5-all

Maximum number of routes nearing (IPv4)-f5-all
0

Maximum number of routes nearing (IPv4)-f5-all

Vendor: f5

OS: all

Description:
Many devices have a limit for the number of IPv4 routes that can be defined. Indeni will alert prior to the number of routes reaching the limit.

Remediation Steps:
Consider removing certain routes.

How does this work?
This alert logs into the F5 unit via iControl REST and retrieves the configured routes.

Why is this important?
If maximum route entries route has been configured and the limit is reached no more route entries can be added to the system. This alert tracks the number of added routes and warns if the limit is about to, or has been reached.

Without Indeni how would you find this?
An administrator could log into the device, enter TMSH and run the command “show net route” and count the routes manually. The routing information is also available via the web interface in “Network” -> “Routes”.

f5-rest-net-interface-route

name: f5-rest-net-interface-route
description: Extract configured static routes, and count them to match against routes-limit
type: monitoring
monitoring_interval: 30 minutes
requires:
    vendor: f5
    product: load-balancer
    rest-api: 'true'
comments:
    static-routing-table:
        why: |
            It is important that the routing is configured the same for all cluster members of the same cluster. Otherwise there can be downtime in the event of a failover.
        how: |
            This alert uses the F5 iControl REST API to extract the configured routes for the device.
        without-indeni: |
            An administrator could log into the device, enter TMSH and run the command "show net route". The routing information is also available via the web interface in "Network" -> "Routes".
        can-with-snmp: true
        can-with-syslog: false
    routes-usage:
        why: |
            If maximum route entries route has been configured and the limit is reached no more route entries can be added to the system. This alert tracks the number of added routes and warns if the limit is about to, or has been reached.
        how: |
            This alert logs into the F5 unit via iControl REST and retrieves the configured routes.
        without-indeni: |
            An administrator could log into the device, enter TMSH and run the command "show net route" and count the routes manually. The routing information is also available via the web interface in "Network" -> "Routes".
        can-with-snmp: true
        can-with-syslog: false
steps:
-   run:
        type: HTTP
        command: /mgmt/tm/net/route?$select=network,gw
    parse:
        type: JSON
        file: rest-mgmt-tm-net-route.parser.1.json.yaml

f5-rest-mgmt-tm-sys-route-maxentries

name: f5-rest-mgmt-tm-sys-route-maxentries
description: Determine there max routes limit
type: monitoring
monitoring_interval: 30 minutes
requires:
    vendor: f5
    product: load-balancer
    rest-api: 'true'
comments:
    routes-limit:
        why: |
            If maximum route entries route has been configured and the limit is reached no more route entries can be added to the system.
        how: |
            This alert logs into the F5 unit via iControl REST and retrieves the route limit.
        without-indeni: |
            An administrator would need to enter TMSH and run the command "list sys db route.metrics.maxentries".
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: HTTP
        command: /mgmt/tm/sys/db/route.metrics.maxentries?$select=value
    parse:
        type: JSON
        file: rest-mgmt-tm-sys-db-route-metrics-maxentries.parser.1.json.yaml

routes_defined_limit

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.crossvendor

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.NearingCapacityTemplateRule
import com.indeni.server.rules.RemediationStepCondition

/**
  *
  */
case class routes_defined_limit() extends NearingCapacityTemplateRule(
  ruleName = "routes_defined_limit",
  ruleFriendlyName = "All Devices: Maximum number of routes nearing (IPv4)",
  ruleDescription = "Many devices have a limit for the number of IPv4 routes that can be defined. Indeni will alert prior to the number of routes reaching the limit.",
  usageMetricName = "routes-usage",
  limitMetricName = "routes-limit",
  threshold = 80.0,
  alertDescriptionFormat = "There are %.0f IPv4 routes defined where the limit is %.0f.",
  baseRemediationText = "Consider removing certain routes.")(
  RemediationStepCondition.VENDOR_CISCO ->
    """|
      |1. Execute the "show ip route summary" command to display the current contents of the IPv4 routing table in summary format.
      |2. Consider to deploy route summarization to decrease the  total number of ipv4 prefixes.
      |3. Consider to clean up the configuration from unused routes.
    """.stripMargin
)