IP addressing is often one of the most underdocumented aspects of a network infrastructure. Many networks evolve so quickly and change IT staff so frequently that IP addressing documentation quickly becomes obsolete. However, as I will show you, developing and maintaining a well-planned IP addressing scheme can provide an organization with important benefits, especially in a dynamic network. As a companion to this article, I have created an IP addressing workbook that you can download.
Critical design elements
When planning your IP addressing, you should cover all of the networks currently connected to your larger network as well as making your best guess to predict additional networks and network changes in the foreseeable future. (Good luck.) To help in the planning process, I have broken down the IP addressing plan into four main parts.
- Routing: This involves selecting the best solution to answer the question of how your networks communicate with each other, and it is an important consideration for setting the default gateways in your IP addressing plan. When addressing your networks, you may find it beneficial if every gateway or router has similar addressing (e.g., you could have all your gateways use number 1 in the final octet of the IP address).
- Name resolution: Your network addressing policy also needs to include consideration for the important function of resolving host (or NetBIOS) names to IP addresses. Depending on the size of the network involved, you can handle this with a variety of technologies, including DNS, WINS, hosts and LMHosts files, and peer-to-peer broadcasting (on small, remote networks).
- Maintenance: This is where IT diligence will pay off. The amount of effort required to maintain and keep documentation current will depend on how dynamic your IT environment is. Larger networks will require more effort to keep documentation current, but a small, remote network can be as difficult to keep track of as a much bigger network that you can physically access.
Separate systems = separate segments
Today, we see many custom software solutions that become integrated into client networks. I've worked on teams deploying such solutions, which have their own servers, clients, printers, and other network devices all attached to the customer’s network. The IT group at the customer’s site integrates these solutions into their network, and usually they provide an entire LAN segment exclusively for the use of the installed solution. Sometimes, the solutions we provide interact with their host computers or other devices on their network. Either way, it is a good design principle to create a separate network for the software solution.
You can apply this to specialized installations within your own organization. For example, if you have a UNIX or ERP installation that has terminals that are separate from your workstations, they would be a good candidate for a separate network. Maintaining cross-platform name resolution and routing should be created only if you need connectivity beyond the current network. This is a security point. If/when the next virus or worm sweeps across your network bandwidth, these isolated systems will not be affected—or the culprit. Designing networks around your systems instead of designing your systems around your network is a strong point to consider.
For the high-complexity networked environment, software solutions can provide system control to avoid the pitfalls of IP addressing issues. These packages generally give you the following benefits:
- Centralized IP addressing control with fault tolerance
- Avoidance of duplicate addresses
- DNS management
- Centralized control of multiple networks
- A database for queries and reports
These products are aimed at the largest networks (Nortel's NetID, for example, starts licensing in the thousands of nodes), and they bring a price tag that will definitely turn heads. These products are historically used in service provider roles, but they're making inroads into network operation centers and other groups that administer remote networks.
A template to get you started
I've created a workbook you can download to help you map out your IP addressing plan. This workbook is in Excel 2000 format and includes five worksheets. The first worksheet, Summary and Info, provides a brief overview on how to use the workbook. The template will allow you to define the following information for your networks:
- Static address assignments
- DHCP clients
- Name resolution
- Types of devices on each network
- History and notes for each network
The workbook is also populated with a sample local area network (the three middle worksheets), which you can use for reference. The sample has two client networks, a server network, a DMZ network, an Internet network, and a partner network. The last worksheet, Blank_Worksheet, is a clean template you can use to start charting your own network segments.
There are, of course, many dimensions of a network to keep in your documentation. The planning and documentation of IP addressing is an area that many administrators (myself included) don't always keep up with. However, it's important to do just that and to use the IP addressing plan as a tool in documenting, designing, and organizing your network. The guidelines in this article and the downloadable workbook will be especially useful if you are at thecrossroads of renumbering your network due to consolidation, integration, or operational issues.
Rick Vanover is a software strategy specialist for Veeam Software, based in Columbus, Ohio. Rick has years of IT experience and focuses on virtualization, Windows-based server administration, and system hardware.