We've all heard that the world is running out of IPv4 addresses, and as your business grows, you're likely to need more of them. So how do you create an IP addressing scheme from the beginning that will be able to grow with your company and network? Let's take a look at ways to plan ahead and how you can conserve addresses if your organization is growing faster than anticipated.
Starting small with a private addressing scheme
When your small company sets up its first computer network, IP addressing may not be an issue to which you give much thought. If you only have a few computers and your bandwidth needs aren't heavy, you’ll probably assign your computers private IP addresses from the 192.168.0.0 to 192.168.255.255 range. There are enough addresses available in this block to create 256 contiguous class C networks with a total of 65,535 addresses.
Of course, if you needed more private addresses (and fewer subnets) than that, you could use the class B and class A private address ranges. The 20 bit class B block set aside for private addresses, 172.16.0.0 to 172.31.255.255 provides for 16 contiguous class B networks with a total of 1,048,576 addresses. The 24 bit block set aside for class A private addresses is 10.0.0.0 to 10.255.255.255. This is one class A network with 16,777,215 individual addresses.
These three ranges are reserved for private IP addressing and addresses belonging to them cannot be used on the public Internet. If you use private addresses on your internal local area network, you can use a Network Address Translation (NAT) device to allow the internal computers to access the Internet through a single public IP address that’s assigned by your Internet Service Provider (either a static address or one that’s assigned via DHCP).
However, as your network grows, even if you still use NAT with private IPs for most of your internal machines, you will probably need a number of public IP addresses.
As the company grows, it’s likely that you’ll want to deploy servers on your network or in a DMZ (perimeter network that’s separated from the LAN by a firewall) that can be accessed from the Internet. These could include Web servers, mail servers, DNS servers and so forth. Such servers will need public IP addresses and those addresses need to remain the same over time -- if your servers change addresses, it will be difficult for Internet users to access them.
Thus, instead of having your ISP automatically assign an IP address to your connection, you’ll need to have them assign you a set of static addresses. This usually costs extra, but allows you much more flexibility in creating your addressing infrastructure.
Depending on your anticipated growth, you can purchase a part of a class C network (some ISPs assign addresses in blocks of 5, 10 or 25), an entire class C address block (256 addresses) or several contiguous class C addresses.
More efficient subnetting
As the network grows, you will almost certainly want to divide it into subnets -- groups of addresses that can be assigned to all the computers on a particular floor or in a particular building, for example. With traditional subnetting, all of the subnets must be the same size. For example, you can split a class C network containing 254 addresses into eight subnets of 30 hosts each. However, the groups of computers represented by subnets are rarely created equal. If you need eight subnets but some only need 10 addresses while another needs 60 addresses, traditional subnetting would require that you purchase a second class C network block.
The solution is Variable Length Subnet Masking (VLSM). This is a subnetting method that allows you to subnet the subnets. Because you can subnet selected subnets and leave others unsubnetted, you can have subnets within the network of different sizes. This way, you don’t waste a bunch of IP addresses (nor do you waste a bunch of money purchasing new address blocks when it’s not necessary).
VLSM routes are called "classless" and if you use VLSM to subnet the network, it’s important that your routers use routing protocols that support classless addressing. Some examples of routing protocols that support VLSM routes include:
- Open Shortest Path First (OSPF)
- Routing Information Protocol (RIP) v2
- Border Gateway Protocol (BGP) 4
- (Enhanced Interior Gateway Routing Protocol (EIGRP)
Click here for information on how to choose a classless routing protocol.
Variable length addressing is also called Classless Inter-Domain Routing (CIDR). IPv4 CIDR addresses use the same "dotted quad" format as regular ("classful") IPv4 addresses, but the four-part dotted decimal address has appended to it a slash and then a number ranging from 0 to 32 that represents the length of the prefix, to indicate which bits in the binary address represent the subnet and which represent the individual host machine.
In traditional classful addressing, the default subnet masks define which bits represent the network and which the host as follows:
- Class A networks: Default subnet mask 255.0.0.0; the first octet (first eight bits of the address) defines the network and the last three (last twenty-four bits) define the host.
- Class B networks: Default subnet mask 255.255.0.0; the first two octets (first sixteen bits of the address) define the network and the last two (last sixteen bits) define the host
- Class C networks: Default subnet mask 255.255.255.0; the first three octets (first twenty-four bits define the network and the last one (last eight bits) defines the host
You can see that CIDR addressing gives you much more flexibility and scalability. CIDR addressing is defined in RFC 1519, which you can read at http://www.faqs.org/rfcs/rfc1519.html.
To ensure scalability of your IP addressing plan, purchase as large a block of public IP addresses as you reasonably anticipate needing and use VLSM/CIDR to conserve addresses and use the address space you have most efficiently.
Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 additional books on subjects such as the Windows 2000 and Windows 2003 MCSE exams, CompTIA Security+ exam, and TruSecure's ICSA certification.