Categories: cloudnetworkOCIOracle

OCI IP Address Insights

Recently OCI announced small but VERY useful service, IP Address Insights.

Why this matters? I’ve run into multiple issues where we have VCNs and subnets deployed and don’t have any visibility on how many IP addresses are currently allocated on given VCN/subnet and who’s also reserving those.

Not too long ago, someone reached out to me as they couldn’t delete a subnet. In the end, we figured it was the cloud shell ephemeral sessions keeping reservation on single IP on that subnet.

How does IP Address Insights work

Very simple to use, you have to navigate under networking – same place as you find all the other network stuff like Network Path Analyzer etc.

You will have to be in a group which has following policy assigned to it:

Allow group <group-name> to read ipam in tenancy

Once you navigate to IP Address Insights, you’ll need to select compartments where your networking resources reside. For this example, I’m choosing all my compartments just to visualize what I have right now.

Different compartments selected for IP Address Insights

What I like about the overview is that it shows all my VCNs, how much they’re utilized and also shows possible overlaps! Think if you have two VCN’s with 10.0.0.0/24 example, it’s good reminder that you can’t peer those together. You can see I have some default OKE 10.0.0.0/16 VCNs allocated which then overlap with any of my other 10.x networks.

Example on the summary and overlap info

But this is not all, now if I want to drill down deeper into my VCN, I’ll open my-another-vcn to see what it has currently allocated.

Drilldown of VCN IP allocation

I’ll see my subnets and also all resources that are currently reserving an IP. I could just double-click on the server and it would take me into compute VM page for that server.

But, what is that middle VNIC 10.0.1.164?

That is my OCI Cloud Shell session! If you ever see similar VNIC, you can start from looking on Cloud Shell sessions. I wish there would be easy way then to map it to someone’s account.

Finally, you can also filter based on utilization – if you manage active production networks, maybe you want to see any future problematic subnets / VCNs and perhaps you can create alerts from these if they exceed 80% utilization for example?

Filter by utilization

Summary

IP Address Insights provides great overview on your VCN IP address utilization and usage and can help admins with their day-to-day work on tracking down IP usage and have better control on network management.

Right now I don’t see OCI CLI supporting IP Address Insights, would be great to pull this data out with CLI if needed but I’m guessing it’s coming up soon.

Simo

Recent Posts

Connecting to Autonomous Database Running on Google Cloud

Last time I showed how to provision Autonomous Database Serverless (ADB-S) on Google Cloud. This…

1 month ago

Can you believe it? Provisioning Autonomous Database in GCP!

I bet few years back folks didn't expect that by 2024 we would be able…

2 months ago

IP Address Insights with CLI

My previous post on IP Address Insights I mentioned it wasn't yet available with CLI…

6 months ago

Thoughts on Oracle Database@Azure

This will NOT be a technical walkthrough on Oracle Database@Azure but rather my opinions and…

6 months ago

OCI Vulnerability Scanning Setup

Many times when you work for someone, they already have their own vulnerability scanning throughout…

6 months ago

OCI Network Firewall – Real World problems

I recently hit an issue with OCI Network Firewall that we had configured with NAT…

6 months ago