Update: NetBox has been released!

Several years ago, I lamented the few options available for a provider-grade IPAM solution. Specifically, I explained why building a custom application would be undesirable:

Could I create a custom IPAM solution with everything we need? Sure! The problem is that I'm a network engineer, not a programmer (a natural division of labor which, it seems, is mostly to blame for the lack of robust IPAM solutions available). Even if I had the time to undertake such a project, I have little interest in providing long-term maintenance of it.

But I suppose time makes fools of us all.

Nearly one year ago, I started developing an IPAM application as part of my day job. Leveraging my experience with the Django Python framework, I had a working proof-of-concept in just a week. Over the next several months, the project grew more mature and began to take on additional roles: data center infrastructure management, circuit tracking, and credentials storage. Today, the tool functions as our "source of truth" for many aspects of our infrastructure. We call it NetBox.

What is NetBox?

NetBox is a web application for IPAM and DCIM. Its target audience comprises network engineers, data center techs, and systems administrators. NetBox is written in Python, utilizing the Django framework and a PostgreSQL database. Similar applications include:

NetBox was developed to provide features not found in these tools, with several guiding tenets in mind.

Single Converged Database

Whereas most open source IPAM tools available today provide little functionality around tracking physical connections, NetBox provides both IPAM and DCIM functions under one roof. NetBox provides a single view showing address information as well as physical connectivity for each device. Navigation between physical and logical infrastructure is seamless.

Model the Real World

NetBox's data model seeks to replicate the real world as closely as possible. For example, many tools require that you define exactly one IP address for a device. But that's not how the real world works: IP addresses are assigned not to devices but to specific interfaces within a device, and interfaces may have multiple IP addresses. NetBox was designed to minimize the degree of abstraction needed to represent a real network.

Robust IP Hierarchy

NetBox employs PostgreSQL's native network data types to construct a robust, efficient hierarchy of IP prefixes and addresses. For example, suppose you define a prefix 192.168.0.0/24, and then create 192.168.0.64/26 within it. NetBox will show the child prefix under its parent along with available allocations of 192.168.0.0/26 and 192.168.128.0/25. IP objects are arranged as a set of hierarchies defined at their root as arbitrary aggregate networks. And all IP objects can optionally be assigned to a VRF.

What NetBox is Not

While NetBox can fulfill a number of roles, I also want to point out what it does not do, in an attempt to mitigate any confusion. NetBox is not:

A network monitoring system (NMS). There are more than enough of those already. However, it can be used to tell your NMS what to monitor.

A ticketing system. NetBox does not track issues or outages. But it does provide an easy way to link to objects from an existing ticketing system.

Network discovery. NetBox will not automatically discover your network for you (although it does have limited inventorying functionality). It is intended to represent the correct state of your network, which can only be defined by a human. If you simply import the actual state of your network (which is most likely not 100% correct), you end up with a corrupted source of truth.

DNS service. NetBox does not provide DNS, although it can be used to populate records for BIND, PowerDNS, or other DNS services.

Release

The one question flooding my inbox lately has been, "When will it be released?" While I can't yet provide an exact date, I'm shooting for late June/early July. My employer, DigitalOcean, is on board and we have made a lot of progress toward a public release. Now it's mostly a matter of finishing a few features that require modifying the database schema to avoid implementing potentially disruptive modifications soon after release.

Keep an eye out for updates here or follow me on Twitter!