Document toolboxDocument toolbox

NetMRI Task Pack

Owned by Panna .
Last updated: Jul 20, 2022 by Shwetha S
14 min read

The NetMRI Tasks pack or, alternatively, Automation Tasks pack, requires the configuration, licensing and connection of an Infoblox NetMRI appliance to support automation tasks.

This topic describes the following:

  • Enabling NetMRI Tasks

  • Disabling NetMRI Tasks

  • Registering NetMRI with NIOS

  • Running NetMRI Tasks

  • Viewing Tasks Execution Logs and Approving Tasks in the Task Viewer

  • Viewing Tasks Execution Logs in NetMRI

Enabling NetMRI Tasks

After you install the NetMRI appliance into a managed network and ensure the appliance is reachable by the NIOS Grid Master, register the NetMRI appliance with NIOS.

  1. Click the Configure icon at the top right corner of the Tasks page.

  2. Choose Enable NetMRI Tasks.
    The Enable NetMRI Tasks dialog box appears, requesting verification of your action:
    Though you can see the change immediately, other users who are currently logged in will not see the change until they log in again.
    Are you sure you want to proceed?

  3. Click Yes to enable the NetMRI Tasks set.
    After a moment, the NetMRI Tasks panel appears.

Note

If two superusers are logged in to the NIOS system and one superuser enables the NetMRI Tasks pack on their console, the other superuser will not see the task pack on their console until their next login; the Disable NetMRI Tasks from the Configure icon menu shows the correct state.

Disabling NetMRI Tasks

To disable the NetMRI Tasks pack:

  1. Click the Configure icon at the top right corner of the Tasks page.

  2. Choose Disable NetMRI Tasks.
    The Disable NetMRI Tasks dialog box appears, requesting verification of your action:
    Though you can see the change immediately, other users who are currently logged in will not see the change until they log in again.
    Are you sure you want to proceed?

  3. Click Yes to disable the NetMRI Tasks pack.

Registering NetMRI with NIOS

You must register a NetMRI appliance with NIOS using Grid Manager to support NetMRI Tasks. You need an account with admin privileges on the NetMRI appliance and the appliance hostname or IP address.

Note

Ensure that the user account that you use for the registration and further communication between the products is identical to the existing valid account on the NetMRI appliance.

To register NetMRI with NIOS:

  1. From the Dashboards tab, select the Tasks tab.

  2. At the top right corner of the Automation Tasks panel, click the down arrow icon -> NetMRI Registration.

  3. In the NetMRI Registration dialog, do the following:

    1. Enter the IP address or resolved host name of the NetMRI appliance supporting the Automation Tasks pack.
      Note that when you register NetMRI with a NIOS HA pair, you can register only one interface at a time. Use the IP address of the LAN1 interface, not the VIP address, for registration. When an HA failover occurs, the NetMRI registration is disabled. You can register the NetMRI appliance again after the failover.

    2. Enter the Admin Password.

  4. Click Register.

After registration, the NetMRI Registration menu item changes to read NetMRI Deregistration to support disconnecting from the NetMRI appliance.

Note

After you successfully register a NetMRI appliance with NIOS, you can use the Ecosystem > Cisco ISE Endpoint feature. It is available with the NetMRI license or Network Insight license that is installed by default on the discovery member in NIOS installations. This feature enables you to enhance identity management across devices and applications that are connected to your network routers and switches. You can monitor domain users, the IP addresses they log on to, the login status, and the time duration of their current status in the IPAM tab. For information about how to collect user and device information from Cisco ISE, see Integrating Cisco ISE into NIOS.

Running NetMRI Tasks

The NetMRI task pack contains the following tasks:

  • Network Provisioning

  • Port Activation

  • VLAN Reassignment

  • Bare Metal Provisioning

  • Rogue DHCP Server Remediation

Depending on your administrative permissions, Grid Manager displays tasks that you can access in the Automation tasks panel. You can configure the displayed tasks pack by adding or hiding tasks.

To hide tasks:

  1. Click the Configure icon at the upper right corner of the Automation Tasks panel.

  2. In the Active Tasks pane, select the tasks you want to hide from the pack. You can use SHIFT+click and CTRL+click to select multiple tasks.

  3. Click the left arrow to move the selected tasks to the Available Tasks pane.

  4. Click the Configuration icon again to hide the panes.

NetMRI Task Options

Tasks allow the assignment of job scripts to change and expand task functionality. These scripts reside on the NetMRI appliance and must be readable by the NIOS system to run the automation tasks. You can also select different scripts to execute for automation tasks that provide that feature in NIOS. Three NetMRI tasks allow for the choosing of non-default scripts for task operation:

  • Network Provisioning Task

  • Port Activation Automation Task

  • Specifying a Port Activation Script

Network Provisioning

The Network Provisioning task runs in two modes: a basic mode with a much shorter list of configuration options, and a more complex mode that provides detailed configuration for provisioning a network, including the use of NIOS network views, extensible attributes and network templates.

New networks can be provisioned on routed networks and on switched networks. In the latter case, you can specify the new VLAN number and VLAN name for provisioning, along with the Device Group Device and Interface. the Device Group values are taken from the Device Groups defined on the NetMRI appliance from which NIOS obtains its data.

Network Provisioning supports two types of networks: IPv4, in which the new network is IPv4 only, and IPv4 and IPv6, in which the new network runs both protocol stacks.

Simple vs. Complex Provisioning

Use of a Network View determines whether you use the simple or detailed views of provisioning a network. A network view is a single routing domain with its own networks and shared networks. In NIOS, all networks must belong to a network view. You can manage networks in one network view independently of other network views. Because network views are mutually exclusive, the networks in each view can have overlapping address spaces with multiple duplicate IP addresses without impacting network integrity.

Also, the same network segment can be present in multiple network views. When you create a new network, you select one view in which to place it, and preserve those values to apply to another view.
You also have the option to provision a single network segment without recourse to NIOS network views. The simple network provisioning option (accessible by simply clicking the IPv4 tool at the top of the Network Provisioning dialog box) allows you to specify as few as three values to configure a network.

The NIOS system also provides a default network view, which appears as an option for network provisioning.

If a single network view is configured in NIOS, you will not see a Network View option in the Network Provisioning task.

Applying Extensible Attributes

Extensible attributes are associated with a specific network view, and are referenced by the Network Provisioning task. Should you configure a new network using a network view, you may need to consider the application of extensible attributes to the new network (they are not automatically applied, but will appear in the Network Provisioning dialog if those attributes are defined in the chosen Network View). Extensible attributes are generally defined for descriptive and tracking purposes in the network. A network view may have attributes such as Building, Country, Region, Site, State or VLAN, for example. Attributes are defined for network views in NIOS but are not defined by the NetMRI appliance.

If the NIOS system supports only a single network view, no View selections are made for the purposes of network provisioning.

To perform an automatic network provisioning task:

  1. From the Dashboards tab, select the Tasks tab -> Network Provisioning.

  2. Select the network type for provisioning: IPv4 or IPv4 and IPv6.

  3. To configure IPv4 provisioning:

    1. Enter the required name value in the Interface Hostname field. (Examples include "eth0" and "serial0.")

    2. Select the DNS Zone under which the hostname operates.

    3. Choose a device group from the Device Group drop-down list.

    4. From the Device drop-down list, choose the switch or router on which the network will originate.

    5. If the selected device is a router, the VLAN Number and VLAN Name fields will be disabled.

    6. From the Interface list, choose the interface to which the network will be reassigned. The drop-down list contains all the interfaces from the chosen network device, and also shows the ports' respective states (up/down, up/up and so on).

    7. If the chosen device is a switch, enter the new VLAN Number on which the new network segment runs.

    8. If the chosen device is a switch, enter the new VLAN Name on which the new network segment runs.

    9. Click Provision Network to commit settings.

    10. Enter the Parent Network value (or click Select Network to choose the parent network from a list if using a Network View).

    11. Choose the Network Template from the drop-down list if one is provided by the chosen Network View. The Network template is otherwise optional.

    12. The Provision Network task provides subnetting tools.

    13. Drag the Netmask slider to the required CIDR mask bit depth (1-32).

    14. In the New Network field, enter the IP prefix for the new network.

    15. In the Router Address field, enter the IP address for the router interface.

    16. Select any Extensible Attributes in the list if they are provided; otherwise, you can create new ones by clicking Add and choosing the Attribute Name, Value and the Required setting.

4. To configure IPv6 provisioning:

a. Enter the Parent Network value. Or, if using a Network View, click Select Network to choose the parent network from the list.
b. Choose the Network Template from the drop-down list if one is provided by the chosen Network View. The Network template is otherwise optional.
    The Provision Network task provides subnetting tools.
c. Drag the Netmask slider to the required CIDR mask bit depth (1-32).
d. In the New Network field, enter the IP prefix for the new network.
e. In the Router Address field, enter the IP address for the router interface.
f. Select any Extensible Attributes in the list if they are provided; otherwise, you can create new ones by clicking Add and choosing the Attribute Name, Value and the Required setting.

5. Enter the required name value in the Interface Hostname field. (Examples include "eth0" and "serial0.")
6. Select the DNS Zone under which the hostname operates.
7. Choose a device group from the Device Group drop-down list.
8. From the Device drop-down list, choose the switch or router on which the network will originate.
9. If the selected device is a router, the VLAN Number and VLAN Name fields will be disabled.
10. From the Interface list, choose the interface to which the network will be reassigned. The drop-down list contains all the interfaces from the chosen network device, and also shows the ports' respective states (up/down, up/up and so on).
      If an interface shows Routed or Switched, it cannot be selected for provisioning as it is already being used as part of an active network.
11. If the chosen device is a switch, enter the new VLAN Number on which the new network segment runs.
12. If the chosen device is a switch, enter the new VLAN Name on which the new network segment runs.
13. Click Provision Network to commit settings.


The system sends the configuration request to the NetMRI appliance and displays the task configuration sequence.

Defining Options for the Network Provisioning Task

The Network Provisioning task provides several configuration options that affect how the task operates.

Hostname provisioning for interfaces is useful for troubleshooting purposes in the network, usually to ensure that an admin knows which router interface they are connecting through to communicate with the device. The hostname value is actually provisioned from within the Network Provisioning task. Enabling the Hostname Required? checkbox sets the NetMRI appliance to provision the network with hostnames applied to the router interfaces for easier identification.

Network provisioning requires that the system know exactly which IP address the gateway for the network will reside. For provisioning most networks, an Offset value of 1 indicates that the provisioned network gateway IP address ends with the host address of ...1, as in 192.168.1.1. An Offset value of 1 will be by far the most common value for provisioning networks. Specifying an offset value other than 1 indicates that the gateway IP is a specified number of host values from the prefix address of the network. For example, setting an IPv4 Gateway Address Offset of 12 indicates that the IP for the gateway ends in *..*.12, as in 10.1.1.12. Offsets work the same way for any size network: for an example such as 10.1.1.64/26, and an offset of 12, the provisioned gateway IP would be 10.1.1.76.

The same principles also apply for IPv6 networks, except that the IPv6 value is entered manually in hexadecimal instead of being selected from a drop-down list. Most provisioned IPv6 networks will use a /64 network address.

You can also select a different script from the default for the Network Provisioning task. To define settings for the Network Provisioning task:

  1. From the Dashboards tab, select the Tasks tab. Under the Network Provisioning task, click the settings icon on the top right.

  2. If the provisioning process requires a hostname, enable the Hostname Required? checkbox. (The network interface hostname ("eth0," "serial0") and the Zone that it belongs to are defined in the Network Provisioning task.)

  3. Choose a gateway offset value from the IPv4 Gateway Address Offset drop-down list. If no value is selected, the offset value defaults to 1 for the provisioned network address.

  4. If an IPv6 offset is required for provisioning an IPv6 network or for provisioning a network that supports both IPv4 and IPv6 addressing, enter the IPv6 Gateway Address Offset value in hexadecimal. If no value is entered, the offset value defaults to 0000.0000.0000.0001 for the provisioned network address, indicating an offset value of 1 for the gateway IP address.

  5. In the Script Name dropdown, choose the script that you wish to run for the Port Activation task. The scripts are located on the Trinzic Automation 4000 appliance, and referenced for use by NIOS. By default, the bundled Port Activation script is selected.

  6. Click Save.

  7. Click Cancel to close the dialog.

The system sends the request to the NetMRI appliance and displays a Provisioning Network Config updated notification message.

Port Activation

The Port Activation task provides a central console on which the interfaces for any device anywhere in the managed network can be conveniently enabled or disabled. Ports can be taken administratively Up or Down using this task, and all interfaces on a selected device can be activated or deactivated with a series of mouse clicks.

  1. From the Dashboards tab, select the Tasks tab -> Port Activation.

  2. Choose the Device Group from the drop-down list.

  3. From the Device drop-down list, choose the network device on which port activation will be executed.
    The Interfaces table lists all interfaces on the current device. The VLAN and VLAN Name columns list the VLAN assigned to each port (VLAN 1/Default resides on all ports without an explicit VLAN assignment). The OP Status column will show the current state of each interface.

  4. Scroll down the table to locate the interface(s) you want to activate.

  5. From the Admin Status column, select Up (or Down) from the drop-down list for the chosen interface.

  6. Set any other interfaces on the current device based on your assigned task.

  7. Click Apply.

The system sends the request to the NetMRI appliance and displays the task configuration sequence.

The Port Activation task will also write the full running configuration to memory, making it the saved configuration. If the user made a change to the running configuration, in parallel with the port activation change, and did not save it, those changes will also be saved.

Specifying a Port Activation Script

The Port Activation task provides a central console on which the interfaces for any device in the managed network can be conveniently activated. Ports can be taken administratively Up or Down using this task, and all interfaces on a selected device can be activated or deactivated with a series of mouse clicks.

The NetMRI appliance provides the ability to create new automation scripts for many purposes. You may, for example, wish to create a new Port Activation script and use that as an automation task.

To select a different script from the default choice in the software:

  1. From the Dashboards tab, select the Tasks tab. Under the Port Activation task, click the settings icon.

  2. For Port Activation Options, choose a new script from the Script Name drop-down list. The scripts are located on the Trinzic Automation 4000 appliance, and automatically referenced for use by NIOS. By default, the bundled Port Activation script is selected.

  3. Click Save.

The system sends the request to the NetMRI appliance and displays a notification message.

VLAN Reassignment

VLANs can be reassigned to new interfaces on individual L2/L3 switches in the managed network. A VLAN can have a path across several switches; when you make changes on a given switch, make sure that the path is maintained.

To ensure end-to-end connectivity, you may need to change VLAN port assignments on more than one switch in the path. This feature operates with the VLAN Trunking Protocol (VTP). VLAN switching is changed across one port per switch at a time. Should you need to change VLAN assignments across more than one switch in the path, plan accordingly.

VLANs must already be configured on the switch(es) being changed, and be detected by the NetMRI appliance.

  1. From the Dashboards tab, select the Tasks tab -> VLAN Reassignment.

  2. Begin by selecting the Device Group from the drop-down list. For VLAN Reassignments, you typically choose the Switching device group.

  3. From the Device drop-down list, choose the switch on which port reassignment will be executed.

  4. From the Port list, choose the interface to which the VLAN will be reassigned. The Port list also shows the Administrative and Operational states of each interface on the current device (Administratively Up/Operationally Down, for example.)

    Note that you can reassign a VLAN to a port that is operationally or administratively Down.The Current VLAN value will show the VLAN to which the selected interface is currently assigned.

  5. Choose the new VLAN value for port reassignment from the New VLAN drop-down list.

  6. Click Move VLAN.

The system sends the configuration request to the NetMRI appliance and displays the task configuration sequence.

The VLAN Reassignment task will also write the full running configuration to memory, making it the saved configuration. If the user made a change to the running configuration, in parallel with the port activation change, and did not save it, those changes will also be saved.

Assigning a New Script to the VLAN Reassignment Task

The NetMRI appliance provides the ability to create new automation scripts for many purposes. You can create and assign a new VLAN Reassignment script and use that for the automation task.

To select a different script from the default choice in the software:

  1. From the Dashboards tab, select the Tasks tab. Under the VLAN Reassignment task, click the settings icon.

  2. For Port Activation Options, choose a new script from the Script Name drop-down list.

  3. Click Save to commit settings.

The system sends the request to the NetMRI appliance and displays a notification message.

The VLAN Reassignment task will also write the full running configuration to the device's memory, making it the saved configuration. If the user made a change to the running configuration, in parallel with the port activation change, and did not save it, those changes will also be saved.

Bare Metal Provisioning

The Bare Metal Provisioning automated task enables automated installation of new switches and routers into the network. The Trinzic Automation task enables cost and convenience savings by detecting the default behavior of new devices on the network, pointing them to customized TFTP servers from which standardized bare-metal configuration files are downloaded and installed onto the new devices.

The Bare Metal Provisioning automated task does not provide NIOS-based optional settings; configuration for this task is done in the Trinzic Automation 4000 NetMRI user interface. The automated task is automatically triggered by detection of a network device requiring configuration.

Rogue DHCP Server Remediation

All DHCP servers on the network should be under administrative control. If any device offering DHCP leases to clients on the network is not properly administered, it violates many security guidelines and at the very least may cause configuration problems throughout the network. Some events may be unwitting or innocuous (an office worker installing a wireless access point in their cube to share a resource), or may be an attempt to hijack clients and steal information. To prevent such issues, the Rogue DHCP Server Remediation task enables the detection, location and isolation of such devices.

Viewing Tasks Execution Logs and Approving Tasks in the Task Viewer

You can view the logged results from any task run from the Automation Tasks panel through Grid Manager's Task Viewer that displays the following pages:

  • Job History: Provides a log history of all NetMRI tasks that have recently run, including all automation task types in the dashboard.

  • Issues & Approvals: Provides links to two important items: 

    • Issue Details: Displays details about any network issue related to NetMRI tasks and jobs in an Issue Viewer from the NetMRI appliance.

    • Approve Jobs: These are jobs that must be approved before the NetMRI appliance can execute the job. For example, the Isolate Rogue DHCP Server job must be approved before it will run and attempt to isolate the detected rogue DHCP server in the network.

To view and approve tasks:

  1. From the Dashboards tab, select the Tasks tab.

  2. In the Automation Tasks panel, click the down arrow icon on the right and select Task Viewer.
    The Task Viewer window appears, displaying a scrollable and sortable Job History table. Important columns include the Start Time, the Job ID (a numeric value with a clickable link to the TAE Job Details Viewer, which will open in a new browser tab), the Job Name, the User account that executed the task, the job Status and the # Devices (the number of devices) against which the task ran. The Job History page shows the most recent subset of executed NetMRI jobs. A yellow bar at the top of the table provides a click here to see more link, which takes the user to the NetMRI appliance Job History page in a new browser tab.

  3. If an item appears in the Issues & Approvals page, do one of the folllowing in the Action column:
    a. To view an issue in more detail, click an Issue Details link. This displays the NetMRI appliance Job Details page in a new browser tab for the selected job.
    b. To approve a job, click an Approve Job link. This displays the Summary page of the NetMRI Job Wizard. Click Approve Job.

  4. Click Close to close the Task Viewer.

Viewing Tasks Execution Logs in NetMRI

You can start NetMRI directly from the Grid Manager's Dashboards tab to view tasks execution logs:

  1. From the Dashboards tab, select the Tasks tab.

  2. In the Automation Tasks panel, click the down arrow icon on the right and select Launch NetMRI.
    NetMRI launches in a new browser tab.

  3. Go to Configuration Management –> Job Management side tab –> Scripts and check the Last Run column.