Recently OCI announced small but VERY useful service, IP Address Insights.

Why this matters? I’ve run into multiple issues where we have VCNs and subnets deployed and don’t have any visibility on how many IP addresses are currently allocated on given VCN/subnet and who’s also reserving those.

Not too long ago, someone reached out to me as they couldn’t delete a subnet. In the end, we figured it was the cloud shell ephemeral sessions keeping reservation on single IP on that subnet.

How does IP Address Insights work

Very simple to use, you have to navigate under networking – same place as you find all the other network stuff like Network Path Analyzer etc.

You will have to be in a group which has following policy assigned to it:

Allow group <group-name> to read ipam in tenancy

Once you navigate to IP Address Insights, you’ll need to select compartments where your networking resources reside. For this example, I’m choosing all my compartments just to visualize what I have right now.

Different compartments selected for IP Address Insights

What I like about the overview is that it shows all my VCNs, how much they’re utilized and also shows possible overlaps! Think if you have two VCN’s with 10.0.0.0/24 example, it’s good reminder that you can’t peer those together. You can see I have some default OKE 10.0.0.0/16 VCNs allocated which then overlap with any of my other 10.x networks.

Example on the summary and overlap info

But this is not all, now if I want to drill down deeper into my VCN, I’ll open my-another-vcn to see what it has currently allocated.

Drilldown of VCN IP allocation

I’ll see my subnets and also all resources that are currently reserving an IP. I could just double-click on the server and it would take me into compute VM page for that server.

But, what is that middle VNIC 10.0.1.164?

That is my OCI Cloud Shell session! If you ever see similar VNIC, you can start from looking on Cloud Shell sessions. I wish there would be easy way then to map it to someone’s account.

Finally, you can also filter based on utilization – if you manage active production networks, maybe you want to see any future problematic subnets / VCNs and perhaps you can create alerts from these if they exceed 80% utilization for example?

Filter by utilization

Summary

IP Address Insights provides great overview on your VCN IP address utilization and usage and can help admins with their day-to-day work on tracking down IP usage and have better control on network management.

Right now I don’t see OCI CLI supporting IP Address Insights, would be great to pull this data out with CLI if needed but I’m guessing it’s coming up soon.

Leave a Reply

Your email address will not be published.