What Is IP Address Management or IPAM?
By breaking down and assigning your internal IP block into segments allows faster troubleshooting when monitoring the network and seeing an erratic IP.
Because you’ve segmented the IPs out, you’ll know exactly which segment it’s coming from and can narrow down finding it faster.
Why Manage IPs?
Easily track when network monitor software shows errors. If you’re logged on locally to a User’s computer and you’re mapping batch file didn’t run and you need to get a file from one of your servers you don’t have to know the server name, you can simply type \192.168.1.x to get access to the server you’re needing the file from.
In the scenario I explain below, we’ll have 1 External IP, 5 servers ((Static) 1 handles DHCP (2k3)), 10 printers (Static), 200 wired PCs/users (DHCP).
There are several different ways to set up exact scenarios. This scenario will explain IP Address Management (IPAM) for a small network using my experience and knowledge.
For ease of use, we’re going to say that this is in a brand new facility where no IPs have been assigned and you, as the LAN Admin, have just been told your internet connection is in place and ready to use (this is where the single external IP comes from).
You already know how many devices will be connected to your network in the beginning so it’s now time to lay out a plan. Since most everyone is familiar with the 192.168.1.x IPs, I’ll stick with those. Technically, your first IP is 192.168.1.0 and your last is 192.168.1.255 which gives you 256 IPs. I don’t know of anyone that uses 192.168.1.0. Since we’re human, the first number to us is 1. To a computer, the first number is 0. I don’t think .255 is useable so really, you have 254 IPs available. Your 5 servers should get your first 5 IP addresses and assign them statically even though you can control static assignment in DHCP. You don’t want there to be any chance of these servers losing their IP addresses so you don’t want them to depend on DHCP for IP assignment.
Server_1 also happens to be your DHCP server: 192.168.1.1
You have to account for growth so leave .6 through .9 open for future servers whether they’re physical or virtual, you’ll need an IP.
You have 10 printers that will be used by multiple users. IPs in the next segment of the block can be statically assigned at the printer or via the DHCP server... your choice. Every office has a "main" printer/copier/fax. Give it 192.168.1.10. If you think far enough in advance and know that Group 1 will use printer_1 then assign printer_1 192.168.10.11, printer_2 for Group 2 would get 192.168.10.12, etc. all the way through .19. In my experience, if there’s any one piece of equipment you’ll add to your network more than any other, it’ll be a printer. Somebody in one of those groups will get tired of walking 15 feet to the printer and suck up to the boss to get their own printer. Then, people within 5 feet of that person will want to share with them so they don’t have to walk 15 feet to get their stuff either. So that printer will need to be on the network vs. just connected directly to the complainers PC and shared. Lucky you. By the way, remember at the beginning I said this was a brand new facility... hopefully, the people that ran the network drops put in 2 cables at each requested location. Otherwise, you’ll either need to run a cable or take the easy way out and install a 5 port switch. Trust me when I say leave plenty of IPs open for future printers. I would assign .10 through .29 for printers. This gives you 20 IPs for printers so you’ll have 10 IPs free after installing the initial 10 printers.
Finally, we have 200 PCs that will all be hardwired to the LAN and will each need an IP. Starting at .30 going through and including .254 gives you 225 IPs. I’d start my scope in DHCP at .40 through .254. That gives you 215 IPs for users (15 extra) and that also leaves 10 IPs open at the lower range (.30 through .39) for device growth. One thing I didn’t mention yet was managed switches. They’re going to need IP addresses. You can do those at the high end of the spectrum so they’re “out of the way”. Maybe assign them .254, .253, .252, etc. depending on how many you have.
IPAM can get pretty deep especially if you’re dealing with 100’s of PCs and devices. This is where subnetting comes in. I’ll go into further detail in another article, but just for gee whiz this is the tip of the iceberg on subnetting:
For example, 192.168.1.1 with a subnet of 255.255.255.0 is not on the same network as 192.168.2.1/255.255.255.0 even though they both might be in the same building. However, if you change the third octet in the subnet to 0 like this 255.255.0.0 now 192.168.1.1/255.255.0.0 and 192.168.2.1/255.255.0.0 are on the same network. The 255 is sort of a true/false in simple terms, but can get pretty complex if you’re trying to keep networks separate. I’m not a subnet guru by any means, but if you Google subnet calculator you can get a pretty good appreciation for its complexity.
Feel free to ask questions in the IP Questions Section.