Maximum number of routes nearing (IPv4)-f5-False

error
health-checks
false
best-practices
f5
Maximum number of routes nearing (IPv4)-f5-False
0

#1

Maximum number of routes nearing (IPv4)-f5-False

Vendor: f5

OS: False

Description:
Many devices have a limit for the number of IPv4 routes that can be defined. Indeni will alert prior to the number of routes reaching the limit.

Remediation Steps:
Consider removing certain routes.

How does this work?
This alert logs into the F5 unit via iControl REST and retrieves the configured routes.

Why is this important?
If maximum route entries route has been configured and the limit is reached no more route entries can be added to the system. This alert tracks the number of added routes and warns if the limit is about to, or has been reached.

Without Indeni how would you find this?
An administrator could log into the device, enter TMSH and run the command “show net route” and count the routes manually. The routing information is also available via the web interface in “Network” -> “Routes”.

f5-rest-net-interface-route

 #! META
name: f5-rest-net-interface-route
description: Extract configured static routes, and count them to match against routes-limit
type: monitoring
monitoring_interval: 30 minutes
requires:
    vendor: "f5"
    product: "load-balancer"
    rest-api: "true"

#! COMMENTS
static-routing-table:
    why: |
        It is important that the routing is configured the same for all cluster members of the same cluster. Otherwise there can be downtime in the event of a failover.
    how: |
        This alert uses the F5 iControl REST API to extract the configured routes for the device.
    without-indeni: |
        An administrator could log into the device, enter TMSH and run the command "show net route". The routing information is also available via the web interface in "Network" -> "Routes".
    can-with-snmp: true
    can-with-syslog: false
routes-usage:
    why: |
        If maximum route entries route has been configured and the limit is reached no more route entries can be added to the system. This alert tracks the number of added routes and warns if the limit is about to, or has been reached.
    how: |
        This alert logs into the F5 unit via iControl REST and retrieves the configured routes.
    without-indeni: |
        An administrator could log into the device, enter TMSH and run the command "show net route" and count the routes manually. The routing information is also available via the web interface in "Network" -> "Routes".
    can-with-snmp: true
    can-with-syslog: false

#! REMOTE::HTTP
url: /mgmt/tm/net/route?$select=network,gw
protocol: HTTPS

#! PARSER::JSON

_metrics:
    -
        _groups:
            "$.items[0:]":
                _tags:
                    "im.name":
                        _constant: "static-routing-table"
                _value.complex:
                    "next-hop":
                        _value: gw
                _temp:
                    "network":
                        _value: network
        _transform:
            _value.complex:
                "network": |
                    {
                        if(temp("network") == "default"){
                            print "0.0.0.0"
                        } else {
                            split(temp("network"), netMask, /\//)
                            print(netMask[1])
                        }
                    }
                "mask": |
                    {
                        #If this is the default gateway the value is "default", otherwise network/mask
                        if(temp("network") == "default"){
                            print "0"
                        } else {
                            split(temp("network"), netMask, /\//)
                            print(netMask[2])
                        }
                    }
        _value: complex-array
    -
        _tags:
            "im.name":
                _constant: "routes-usage"
            "live-config":
                _constant: "true"
            "display-name":
                _constant: "Routes usage"
            "im.display-type":
                _constant: "number"
        _value.double:
            _count: $.items

f5-rest-mgmt-tm-sys-route-maxentries

#! META
name: f5-rest-mgmt-tm-sys-route-maxentries
description: Determine there max routes limit
type: monitoring
monitoring_interval: 30 minutes
requires:
    vendor: "f5"
    product: "load-balancer"
    rest-api: "true"

#! COMMENTS
routes-limit:
    why: |
        If maximum route entries route has been configured and the limit is reached no more route entries can be added to the system.
    how: |
        This alert logs into the F5 unit via iControl REST and retrieves the route limit.
    without-indeni: |
        An administrator would need to enter TMSH and run the command "list sys db route.metrics.maxentries".
    can-with-snmp: false
    can-with-syslog: false

#! REMOTE::HTTP
url: /mgmt/tm/sys/db/route.metrics.maxentries?$select=value
protocol: HTTPS

#! PARSER::JSON

_metrics:
    -
        _tags:
            "im.name":
                _constant: "routes-limit"
            "live-config":
                _constant: "true"
            "im.identity-tags":
                _constant: "name"
            "display-name":
                _constant: "Routes limit"
            "im.display-type":
                _constant: "number"
            "im.dstype.displaytype":
                _constant: "number"
        _temp:
            "maxRoutes":
                _value: "$.value"
        _transform:
            _value.double: |
                {
                    if(temp("maxRoutes") == 0){
                        print 2880
                    } else {
                        print temp("maxRoutes")
                    }
                }

routes_defined_limit

package com.indeni.server.rules.library.templatebased.crossvendor

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.ConditionalRemediationSteps
import com.indeni.server.rules.library.templates.NearingCapacityTemplateRule

/**
  *
  */
case class routes_defined_limit() extends NearingCapacityTemplateRule(
  ruleName = "routes_defined_limit",
  ruleFriendlyName = "All Devices: Maximum number of routes nearing (IPv4)",
  ruleDescription = "Many devices have a limit for the number of IPv4 routes that can be defined. Indeni will alert prior to the number of routes reaching the limit.",
  usageMetricName = "routes-usage",
  limitMetricName = "routes-limit",
  threshold = 80.0,
  alertDescriptionFormat = "There are %.0f IPv4 routes defined where the limit is %.0f.",
  baseRemediationText = "Consider removing certain routes.")(
  ConditionalRemediationSteps.OS_NXOS ->
    """|
      |1. Execute the "show ip route summary" command to display the current contents of the IPv4 routing table in summary format.
      |2. Consider to deploy route summarization to decrease the  total number of ipv4 prefixes.
      |3. Consider to clean up the configuration from unused routes.
    """.stripMargin
)