Discovery - IP Address Range vs IP Network

poyntzj
Kilo Sage

‎09-18-2014 06:57 AM

Is there a preference when configuring the discovery ranges to use IP Address Range vs IP Network ?

 

Also, for some locations there are two or three user VLANs that are continuous in their addressing

a.b.1.0/14

a.b.2.0/24

a.b.3.0/24

 

Is it best to

  • create 3 IP networks ?
  • create 3 IP Address ranges
  • create a large IP Address range

 

I ask as I am finding a few oddities with some of our scans (including missing devices from a scan), but when I scan that address manually it works fine.

I just wonder if any of the above have implications and could be contributing

 

cheers

Labels:
0 Helpfuls
  • 4,366 Views
7 REPLIES 7

carl_hensley
Kilo Contributor

‎09-18-2014 08:15 PM

I do not think it matters what method you use to define the ip addresses you want to discover, they all should work.



Occasionally I also notice devices not being picked up.   Usually I find this is SNMP devices as the UDP packets are not responded to in time, and on retrying the device will be successfully found.



If it is not network devices and you can replicate it not being found in a schedule with multi IP's, but it is being discovered individually, I'd raise a Hi ticket on it.


0 Helpfuls

Phil32
Tera Expert
In response to carl_hensley

‎03-27-2017 08:18 AM

Product documentation (Create a Discovery schedule ) really doesn't outline the difference between 'Discovery IP Ranges' and 'Discovery Range Sets'


0 Helpfuls

Ankush13
Kilo Guru

‎09-19-2014 10:16 AM

Whichever you use, it really doesn't matter as in essence, all the IPs within the given subnet will be scanned.



The devices are missed is the exact reason why I am discouraged to use subnet scans. To put it bluntly, it is unreliable. Plus I have noticed this in target scans as well(like 10 windows devices in one go). If we are working with Linux/Unix, I have observed that it is 99.9% surety that they will be discovered given the pre-reqs are met. I agree with Carl on network devices. They too are unreliable but that can be due to UDP which in itself is unreliable.


0 Helpfuls

JBark
Tera Expert
In response to Ankush13

‎09-19-2014 11:06 AM

I agree with Ankush, I started with Subnets and noticed discovery just not even trying to scan some IPs. Plus our net engineers were not happy with some IPs getting scanned i.e. broadcast (255) and gateway IPs. I revamped the whole setup by spending a day and created range sets with exclusions, then built my daily discovery schedules with multiple range sets added to each.



I saw a net increase of around 15% computer CIs discovered, plus the network guys stopped ping storming my email Win win!  


0 Helpfuls