Handling Shared Addresses (Merge Devices)
You can designate WhatsUp Gold Discovery address exceptions () for cases where Discovery detects devices on your network that share an identical network or hardware address. Adding an address exception gives WhatsUp Gold Discovery the hint it needs to recognize host boundaries when it scans environments that use either non-standard hardware addressing or non-standard network configuration (or both).
: Firewalls, routers, and layer 3 switches deployed in a high-availability configuration will often use shared IP addresses.
Background
By default, WhatsUp Gold Discovery uses network or hardware addressing to identify the 'uniqueness' of devices. Shared addressing can occur in special network architectures or topologies and is normally restricted to LANs such as high-availability environments, network load balancing, and virtualization schemes. In these scenarios, IP addresses or MAC addresses can be unreliable predictors of device or host boundaries. After you apply a Discovery address exception and restart the Discovery Service, all devices using designated addresses under this exception will be visible via the Discovery Map and Discovery List.
Actions
. 
Create new IP address exception. Subnet ranges supported.
- . Add/Edit an address or address range. You can specify subnets by using CIDR notation. Reserved IP addresses cannot be edited.
- . You can use this field to explain the policy or scenario behind the exception.
IP Address Examples
Use Classless Inter-domain Routing notation (CIDR) to specify all IPs for a given subnet. For example, to specify all IPs for a given switch or controller, use CIDR notation to specify the network part of the address.
Designate a subnet. Create address exceptions for a single subnet.
Use CIDR notation to designate address exception behavior for an entire subnet.
Syntax:
<IP-address>/<bits-to-consider-as-network-part>
Example:
198.51.100.0/24
--where "/24" denotes the first 3 octets are the network part of this address (198.51.100).
--and, where all hosts beneath the network part will exhibit address exception behavior in WhatsUp Gold.
The previous value is a more compact version of:
198.51.100.0-198.51.100.255
Designate a domain. Create exceptions for an entire network.
You can also use CIDR notation to add address exceptions across a typical corporate network or domain. For example, 'wide net' exceptions like this can be deployed when your WhatsUp Gold monitoring solution is already discovered as part of a discovery sweep that detects new devices or outliers.
Syntax:
<IP-address>/<bits-to-consider-as-network-part>
Example:
198.168.0.0/16
--where "/16" denotes the first 2 octets are the network part of this address (198.168).
--and, where all devices with IPs 'beneath' the network part will exhibit address exception behavior in WhatsUp Gold.
. Create new MAC address exception. Prefix matching supported.
- . Add/Edit an address or prefix.
- . You can use this field to explain the policy or scenario behind the exception.
MAC Address Example
Single MAC address. Simplest case.
Simplest Case
Specify a single MAC
00-00-5E-00-53-88
Designate by Vendor Prefix. Watch for duplicates over a range.
Specify MAC by Vendor Prefix
You can exclude device merging for specific NIC categories or vendors by specifying a partial MAC address. For example, the following adds address exceptions for:
- VNIC "hardware" IDs generated by VMware:
00:50:56
- MAC addresses reserved by ICANN, IANA for testing and documentation.
00-00-5E
- MAC addresses used by Dell.
EC.F4.BB
. 
Modify exception. Built-in exceptions (IANA/IETF reserved/restricted addresses, for example) cannot be modified.
- . Add/Edit an address or address range. You can specify subnets by using CIDR notation. Reserved IP addresses cannot be edited.
- . You can use this field to explain the policy or scenario behind the exception.
IP Address Examples
Use Classless Inter-domain Routing notation (CIDR) to specify all IPs for a given subnet. For example, to specify all IPs for a given switch or controller, use CIDR notation to specify the network part of the address.
Designate a subnet. Create address exceptions for a single subnet.
Use CIDR notation to designate address exception behavior for an entire subnet.
Syntax:
<IP-address>/<bits-to-consider-as-network-part>
Example:
198.51.100.0/24
--where "/24" denotes the first 3 octets are the network part of this address (198.51.100).
--and, where all hosts beneath the network part will exhibit address exception behavior in WhatsUp Gold.
The previous value is a more compact version of:
198.51.100.0-198.51.100.255
Designate a domain. Create exceptions for an entire network.
You can also use CIDR notation to add address exceptions across a typical corporate network or domain. For example, 'wide net' exceptions like this can be deployed when your WhatsUp Gold monitoring solution is already discovered as part of a discovery sweep that detects new devices or outliers.
Syntax:
<IP-address>/<bits-to-consider-as-network-part>
Example:
198.168.0.0/16
--where "/16" denotes the first 2 octets are the network part of this address (198.168).
--and, where all devices with IPs 'beneath' the network part will exhibit address exception behavior in WhatsUp Gold.
. 
Delete exception.
Delete an exception to return to default address handling rules. (WhatsUp Gold Discovery will use network or hardware addressing authoritatively to identify a single device.)
: Before you delete an IP address exception, copy the IP address value. You can re-use this value, including CIDR notation if applicable, for the Discovery Scan.
Typical Workflow When Managing Devices Using Duplicate Addressing
A typical workflow for managing and monitoring devices using shared addressing scheme is:
1.
|
Identify
|
Identify addresses or segments you want to apply address exceptions to. Typical scenarios include:
- Missing devices. After discovering categories of devices mentioned in the topic titled Typical Uses of Shared Addressing, you notice fewer devices displayed on the map/list than you expected.
- Merged device records. A device such as a gateway or firewall deployed in a high availability configuration is merged with its peer(s) as shown in the Device Merge Decision Information.
- General investigation. You can apply exceptions on small segments such as those meeting the characteristics outlined in Typical Uses of Shared Addressing as a way to detect NAT activity, network bridging, and more.
|
2.
|
Start Fresh
|
If you already scanned your network, it is best practice to start fresh —delete any devices from WhatsUp Gold that might have been merged due to shared addressing schemes.
|
3.
|
Add Exception
|
Apply exceptions for these addresses either individually, as a subnet range, or vendor prefix (MAC).
|
4.
|
Restart and Rescan
|
Restart the discovery service to make your exceptions active and re-run discovery.
After you apply your address exceptions, and after the Discovery service is restarted and re-reads its configuration, you will need to rescan the network, network segment, or address of interest to see the results of your changes.
|
5.
|
Add Monitoring
|
After you have scanned your network, you can determine if any new devices found (as a result of address exception rules) should be added to the monitored network and count against your licensing.
|
: To apply address exceptions to the WhatsUp Gold Discovery configuration, you need to restart the Discovery service.
Rescan Guidelines
Use these scan/rescan guidelines after making changes to the table of IP address exceptions:
- Scan the same IP range. If you suspect shared address use is limited to a specific subnet or range, re-Discover the range you added an address exception for. For example, this is the best approach if you are looking for duplicates between address pools allocated by one-or-more wireless controllers, ranges that you know where VMs can be typically found, or any of the other scenarios where IP duplication is likely to occur.
- Apply scan to all monitored devices. If you want to apply changes only to monitored devices, select all devices from the MY NETWORK List, and choose
from the Device Management Actions 
menu.
Rescan guidelines for MAC address exceptions:
- Scan specific subnets or IP ranges. For example, if you added an exception for the VMware vendor MAC prefix (00:50:56), you can target a rescan on the subnet or IP address range where you know VMware VMs are running.
- Sweep the network. If you are taking a 'cast-a-wide-net' approach and you are just looking for a misconfigured, masquerading, or other unexpected use of addressing, you can widen scan coverage.
Handling Shared Addresses (Merge Devices)