Forum Discussion

cuotos's avatar
8 years ago

Ability to ignore some IPs in NetScan Policies, Docker Problem

We have multiple servers running Docker. Docker creates a network interface with the ip 172.17.0.0/16 by default, using 172.17.0.1 for the host.

When we run a netscan policy, it finds the first server, and any subsequent servers running docker will be excluded as it detects that they all have the ip of 172.17.0.1 and assumes they are the same server.

I want to be able to ignore some ips / ranges so the NSP does not incorrectly assume 2 devices are the same.

  • Makes sense - and we'll take that into consideration.  We implemented it as is to avoid devices such as routers being added more than once - and we've seen the common use case for Docker has been to add monitoring via other orchestration tools so haven't run into this often.

  • Just to clarify, i want the NetScan Policy to NOT take 172.17.0.1 into consideration when deciding if a server is a duplicate.

    All servers will have 2 ip, their real one and the docker one, which is always 172.17.0.1.

    I don't want to exclude servers that have that IP, I want the opposite, but NSP is excluding them.