lmiranda
747a2b15e5
- Extract 9 skill files from command knowledge: - mcp-tools-reference.md: Complete NetBox MCP tools reference - system-discovery.md: Bash commands for system info gathering - device-registration.md: Device registration workflow - sync-workflow.md: Machine sync process - audit-workflow.md: Data quality audit checks - ip-management.md: IP/prefix management and conflict detection - topology-generation.md: Mermaid diagram generation - change-audit.md: NetBox change audit workflow - visual-header.md: Standard visual header pattern - Slim all 11 commands to under 60 lines: - cmdb-sync.md: 348 -> 57 lines - cmdb-register.md: 334 -> 51 lines - ip-conflicts.md: 238 -> 58 lines - cmdb-audit.md: 207 -> 58 lines - cmdb-topology.md: 194 -> 54 lines - initial-setup.md: 176 -> 74 lines - change-audit.md: 175 -> 57 lines - cmdb-site.md: 68 -> 50 lines - cmdb-ip.md: 65 -> 52 lines - cmdb-device.md: 64 -> 55 lines - cmdb-search.md: 46 lines (unchanged) - Update agent to reference skills for best practices - Preserve existing netbox-patterns skill Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
4.2 KiB
4.2 KiB
IP Management Skill
IP address and prefix management in NetBox.
Prerequisites
Load skill: mcp-tools-reference
IPAM Operations
Prefix Management
| Action | Tool | Key Parameters |
|---|---|---|
| List prefixes | ipam_list_prefixes |
prefix, vrf_id, within, contains |
| Get details | ipam_get_prefix |
id |
| Find available child | ipam_list_available_prefixes |
prefix_id |
| Create prefix | ipam_create_prefix |
prefix, status, site, vrf |
| Allocate child | ipam_create_available_prefix |
prefix_id, prefix_length |
IP Address Management
| Action | Tool | Key Parameters |
|---|---|---|
| List IPs | ipam_list_ip_addresses |
address, vrf_id, device_id |
| Get details | ipam_get_ip_address |
id |
| Find available | ipam_list_available_ips |
prefix_id |
| Create IP | ipam_create_ip_address |
address, assigned_object_type, assigned_object_id |
| Allocate next | ipam_create_available_ip |
prefix_id |
| Assign to interface | ipam_update_ip_address |
id, assigned_object_id |
VLAN and VRF
| Action | Tool |
|---|---|
| List VLANs | ipam_list_vlans |
| Get VLAN | ipam_get_vlan |
| Create VLAN | ipam_create_vlan |
| List VRFs | ipam_list_vrfs |
| Get VRF | ipam_get_vrf |
IP Allocation Workflow
-
Find available IPs in target prefix:
ipam_list_available_ips prefix_id=<id> -
Create the IP address:
ipam_create_ip_address address=<ip/prefix> assigned_object_type="dcim.interface" assigned_object_id=<interface_id> status="active" -
Set as primary (if needed):
dcim_update_device id=<device_id> primary_ip4=<ip_id>
IP Conflict Detection
Conflict Types
-
Duplicate IP Addresses
- Multiple records with same address in same VRF
- Exception: Anycast addresses (check
rolefield)
-
Overlapping Prefixes
- Prefixes containing same address space in same VRF
- Legitimate: Parent/child hierarchy, different VRFs, "container" status
-
IPs Outside Prefix
- IP addresses not within any defined prefix
-
Same Prefix in Multiple VRFs (informational)
Detection Workflow
-
Duplicate Detection:
- Get all addresses:
ipam_list_ip_addresses - Group by address + VRF
- Flag groups with >1 record
- Get all addresses:
-
Overlap Detection:
- Get all prefixes:
ipam_list_prefixes - For each VRF, compare prefixes pairwise
- Check if prefix A contains prefix B or vice versa
- Ignore legitimate hierarchies (status=container)
- Get all prefixes:
-
Orphan IP Detection:
- For each IP, find containing prefix
- Flag IPs with no prefix match
CIDR Math Rules
- Prefix A contains Prefix B if:
A.network <= B.network AND A.broadcast >= B.broadcast - Two prefixes overlap if:
A.network <= B.broadcast AND B.network <= A.broadcast
Severity Levels
| Issue | Severity |
|---|---|
| Duplicate IP (same interface type) | CRITICAL |
| Duplicate IP (different roles) | HIGH |
| Overlapping prefixes (same status) | HIGH |
| Overlapping prefixes (container ok) | LOW |
| Orphan IP | MEDIUM |
Conflict Report Template
## IP Conflict Detection Report
**Generated:** [timestamp]
**Scope:** [scope parameter]
### Summary
| Check | Status | Count |
|-------|--------|-------|
| Duplicate IPs | [PASS/FAIL] | X |
| Overlapping Prefixes | [PASS/FAIL] | Y |
| Orphan IPs | [PASS/FAIL] | Z |
### Critical Issues
#### Duplicate IP Addresses
| Address | VRF | Count | Assigned To |
|---------|-----|-------|-------------|
| 10.0.1.50/24 | Global | 2 | server-01, server-02 |
**Resolution:**
- Determine which device should have the IP
- Update or remove the duplicate
#### Overlapping Prefixes
| Prefix 1 | Prefix 2 | VRF | Type |
|----------|----------|-----|------|
| 10.0.0.0/24 | 10.0.0.0/25 | Global | Unstructured |
**Resolution:**
- For legitimate hierarchies: Mark parent as status="container"
- For accidental: Consolidate or re-address
### Remediation Commands
Remove duplicate IP
ipam_delete_ip_address id=123
Mark prefix as container
ipam_update_prefix id=456 status=container
Create missing prefix
ipam_create_prefix prefix=172.16.5.0/24 status=active