Discovery: Complex Network - Discovery Range Sets

Go to solution
gagribben
Tera Contributor

‎12-23-2024 09:12 AM

Hey guys, I found an older post outlining best practices for setting up discovery schedules. Its from 2017 (https://www.servicenow.com/community/itom-blog/best-practices-for-setting-up-discovery-schedules/ba-....)

 

We have a rather complex network and are centralized in one general location.  In our IPAM (InfoBlox) most of the networks (17) are configured as a /16. Within the /16 we have ~20+ additional subnets mostly /24, /26, and /27.

 

I am wondering what is the best practice for discovering and managing IP ranges in a complex environment. Should I create an IP Range Set and then break out the /16 into each specific network, manually creating 20+ IP ranges for a given set?

Labels:
0 Helpfuls
  • 1,657 Views
1 ACCEPTED SOLUTION

Go to solution
SELECT Username
ServiceNow Employee
ServiceNow Employee

‎12-24-2024 09:22 AM - edited ‎12-24-2024 09:23 AM

You probably want to break down the networks and define them in ServiceNow as you have them broken down in InfoBlox.  There are two main reasons I can think of for this:

  1. Breaking them down will handle network and broadcast IPs correctly.  If you don't do this, you'll have to manually maintain all those so that you're not getting bad discovery data from running against broadcast IPs.
  2. a /16 network is pretty big.  When attempting discovery against 65,536 host addresses, the schedules will run slowly, and may never complete.  Things like Shazaam results will be excessively large and slow as well. 

Best practice is to have ranges defined in ServiceNow to match your actual network configs so that you can target those with schedules that will complete within a reasonable period of time, but I wouldn't necessarily say that the best practice is to create all those manually.  There is a tool or two out there on the store (like this one) that can do some of this for you.  We have a spoke so that you could build your own via Integration Hub as well.

View solution in original post

0 Helpfuls
3 REPLIES 3

Go to solution
SELECT Username
ServiceNow Employee
ServiceNow Employee

‎12-24-2024 09:22 AM - edited ‎12-24-2024 09:23 AM

You probably want to break down the networks and define them in ServiceNow as you have them broken down in InfoBlox.  There are two main reasons I can think of for this:

  1. Breaking them down will handle network and broadcast IPs correctly.  If you don't do this, you'll have to manually maintain all those so that you're not getting bad discovery data from running against broadcast IPs.
  2. a /16 network is pretty big.  When attempting discovery against 65,536 host addresses, the schedules will run slowly, and may never complete.  Things like Shazaam results will be excessively large and slow as well. 

Best practice is to have ranges defined in ServiceNow to match your actual network configs so that you can target those with schedules that will complete within a reasonable period of time, but I wouldn't necessarily say that the best practice is to create all those manually.  There is a tool or two out there on the store (like this one) that can do some of this for you.  We have a spoke so that you could build your own via Integration Hub as well.

0 Helpfuls

Go to solution
SK Chand Basha
Tera Sage

‎12-24-2024 09:55 PM

Hi @gagribben 

 

First run the subnet discovery you can find easily which wants to scanned with CI discovery. 

 

 

0 Helpfuls

Go to solution
Runjay Patel
Giga Sage

‎12-24-2024 11:42 PM

HI @gagribben ,

 

I would recommend you below as Best Practice for Discovering and Managing IP Ranges.

  1. You don’t have to manually create each individual subnet as an IP range. Instead, ServiceNow allows you to use IP Range Sets for better scalability and maintenance.
  2. Group Subnets into IP Range Sets: Create IP Range Sets that logically group your subnets (e.g., by departments, physical locations, or network segments). This reduces the need for manual configuration, and allows you to manage these ranges more efficiently.
  3. While a /16 network is large, breaking it into smaller ranges (e.g., /24, /26, /27 subnets) is important to improve the efficiency of the Discovery process.
  4. You can split the /16 range into smaller subnets that better represent your network’s structure. For example, create a /24 range for each department or location.
  5. For each IP Range Set, create a separate Discovery Schedule. This will allow you to stagger discovery across different network segments (subnets), avoiding overloading the system and improving performance.
  6. For example, if you have 20+ subnets, create a Discovery Schedule for each subnet group, with a time gap between the different schedules to prevent simultaneous overlapping discovery tasks.

 

In a complex network setup like yours, where you have a /16 network and numerous subnets, it's essential to follow a structured and efficient approach to configure your Discovery Schedules

 

-------------------------------------------------------------------------

If you found my response helpful, please consider selecting "Accept as Solution" and marking it as "Helpful." This not only supports me but also benefits the community.


Regards
Runjay Patel - ServiceNow Solution Architect
YouTube: https://www.youtube.com/@RunjayP
LinkedIn: https://www.linkedin.com/in/runjay

-------------------------------------------------------------------------