Local IP address of devices

Contents

Local IP address of devices

Prerequisite

The Collector reports the Local IP address of devices only if configured to send data exclusively through the TCP port (no UDP channel).

Local vs Source IP address

Traditionally, Nexthink Engines read the IP address (or addresses) of a device from the header of the IP packets that they receive from the Collector. Indeed, a field called Source IP Address is part of the header of every IP packet. Thus, for Engines that share the same network as their monitored devices, reading the IP addresses of devices from the header of the received IP packets makes perfect sense.

When an Engine monitors devices in a different network though, the routers between the two networks perform what is known as network address translation (NAT) to IP packets in transit, effectively changing the original source IP address on each packet to the IP address of the router in the destination network. A similar situation arises when Collector traffic from remote devices is redirected by a Nexthink Appliance in a DMZ. As a result, the Engine records the IP address of the router (or Appliance) as if it were the IP address of the device that sent the packet.

NATSourceIP.png

For example, in the simplified figure above, the Engine records the source IP address of all devices behind the router to be the same: 203.0.113.1; that is, the address of the router as seen by the Engine.

To alleviate this problem, starting from V6.24, the Collector additionally reports the local IP address of devices; that is, the IP address of the device as seen from the local network before any NATting takes place. In the example, the local addresses of the devices are 192.0.2.10-12.

The rules to assign Collectors to Engines can thus be based either on the source IP address, which may be changed on transit as explained, or on the new local IP address, which is never modified by NAT routers.

Multiple local IP addresses

A single device can have multiple network adapters, each one with a different IP address assigned in the local network. For instance, a laptop may simultaneously have a wired Ethernet connection and a wireless connection to the local network.

In this case, the Collector reports the IP address of the adapter that is used to communicate with the Engine as the Local IP address.