The Challenge of Managing an Address Space


On the surface, addressing serves a very logical and necessary function. A network address allows each device connected to a network to be uniquely identified. This is the basis for accurately forwarding data to its intended destination. However critical and necessary this function is, it is not the sole purpose of an addressing system. Addressing also directly affects the efficiency with which a network operates and its potential for scalability.

A network's scalability is also a direct function of how well-designed and -implemented that network's addressing system is. An addressing system that is either poorly designed or poorly implemented has a distinct impact on a network's operating efficiency, as well as its ability to grow.

We'll take a quick look at how you might plan the use of an address space. We'll use the same sample network to show you how the challenges you might face vary depending on whether you are acquiring a new address space or remediating one that's been in use for a while. The responsibility for planning and managing an address space falls on the hostmaster.

Role of the Hostmaster

The hostmaster has an utterly thankless, but critical, job: managing an IP address space. Managing an address space involves allocating smaller address blocks carved out of the large block to functions, groups, and so on that need addresses. Their needs can change over time, which directly affects the number of addresses they require. Thus, the hostmaster must satisfy present requirements while carefully husbanding the scarce IP address space to ensure that it will continue to meet requirements long into the future.

Context is everything. The context in which a hostmaster is employed can have a tremendous impact on his operational challenges. His requirements and goals can change dramatically based on whether he is working for an enterprise or an ISP or running an Internet hosting center. Depending on the context, parsing out address space can be interpreted to mean sizing and assigning subnets, managing routable variable-length CIDR prefixes, or even assigning individual IP addresses to endpoints. For now, let's start with the big-picture perspective and drill down to the details.

Developing an Approach

If you ever sneak up on a hostmaster hard at work, you will probably find him staring off into space. Fear not! He is not loafing; he is thinking! The role of the hostmaster is probably at least 90% planning. Some of the many things that a hostmaster needs to do include developing an approach to managing an address space. To do that properly, you must hash a thorough appreciation of the binary mathematics of the IPv4 address space against business strategies and goals, including the following:

  • Defining goals for the network, which translate into goals for its address space

  • Establishing the scope of the network that will be satisfied with specific address spaces

  • Identifying the challenges

  • Future expectations, including growth projections, merger and acquisition (M&A) activity, and any other business plans that will affect the network

Obviously, your approach also depends directly on whether you are starting from scratch with a new address space or just trying to continue the management of an existing network and address space. We'll look at both cases in this chapter. Specific approaches to managing an address space are examined in great detail in the next chapter. Let's move on and round out your appreciation of managing an address space by continuing our big-picture exploration of the process.

You implement an address space strategy via allocations and assignments of IP addresses. The distinction between these two actions is made clear in the next section.

Allocation Versus Assignment

Just as DNS permits you to hierarchically distribute name resolution into zones, a hostmaster might opt to distribute responsibility for the assignment of IP addresses. Before that can make sense, you need to appreciate the distinction between allocation and assignment of IP addresses. Perhaps the simplest explanation is that you allocate blocks of addresses but you assign addresses individually. It should be obvious that you assign individual addresses out of a block that was previously allocated to a specific purpose or group. Allocations ensure future flexibility by accommodating growth.

More important than future flexibility is keeping a tidy address space. If done properly, allocations help maintain the symmetry of a CIDRized address space. The hostmaster must be ever-mindful of the binary mathematics that are the foundation of the IPv4 address space. As you've seen throughout this book, mistakes are very easy to make but very difficult to correct. The way to avoid mistakes is to take great care when making block allocations. Each block should be crafted with a clear understanding of binary mathematics and the natural CIDR boundaries.

Let's make that more clear with an example. You wouldn't just assign space serially; you would likely be creating idle blocks of addresses that complemented the block allocated. Thus, if you needed to allocate a /25 to a new department, you would begin by searching through your inventory of available blocks to see if you had an unassigned /25 network block. If you did, great! Your search is over. Otherwise, you might look for an available /24. Finding such an address block, you would then have to decide whether to allocate the top half or the bottom half of that block. Table 13-1 demonstrates the two halves of a /24 network block.

Table 13-1. Upper and Lower Halves of a /24

Dotted-Quad IP Block

Binary IP Block

Which Half

10.5.1.0 /25

00001010.00000101.00000001.00000000

Upper

10.5.1.128 /25

00001010.00000101.00000001.10000000

Lower


NOTE

The concept of upper versus lower halves of an address space can be confusing. The example presented in Table 13-1 shows the popular approach to identifying the upper and lower halves. However, if you stop to think about it, you might be tempted to assign the description of "lower" to the block with the lower address numbers. When you chart this outas hostmasters must do for recording block assignmentsthe "upper" half of a block is the one you list first. You guessed it: That's the block with the lower numbers.


This symmetry of upper and lower halves progresses even further with each additional bit you add to the network mask. The point is that block allocations are made network masks. The starting point for each allocated CIDR block is readily apparent. However, you won't necessarily see the end of each of those allocated blocks just by looking at the network mask. Thus, by striving to make block allocations by examining the symmetrical relationship between CIDR blocks, you can prevent allocated blocks from unintentionally overlapping. An overlap occurs when one or more IP addresses mathematically fall into two numerically contiguous CIDR blocks.

It should go without saying that the hostmaster must track all address allocations and assignments. Something as simple as an electronic spreadsheet suffices. The actual tool used for tracking is almost unimportant in comparison to the availability of accurate records.

Now that we have briefly examined the role of a hostmaster, the next aspect of managing an address space we need to consider is acquiring an address space.

Acquiring an Address Space

The obvious prerequisite for managing an address space is to actually have an address space. Fortunately, there are several good avenues to pursue when it comes time to acquire an IP address space. Of course, there are also one or two really bad ideas! We'll look at all of them so that you can appreciate a bad idea when you see one. Your basic options include the following:

  • Obtaining a directly registered IP address space

  • "Leasing" one from your ISP

  • Implementing one of the address blocks reserved in RFC 1918

  • Simply "making up" a network address and hoping it doesn't cause problems

This is far from an exhaustive list, but making it any more complete would require preempting some of the later sections in this chapter. For now, let's assume that this list comprises your basic options for acquiring an address space. This will let us move forward and identify some of the other IP address management issues and challenges that lie ahead.

NOTE

Each of the options for acquiring an address space can be used at any point in a network's life cycle. In other words, none of them are useful only during the prestartup planning stages. They can be equally useful when you're planning for a new network or when you're managing an existing network and address space.


Directly Registered Address Space

The Holy Grail of the Internet's address space is a directly registered network block. Such an address space isn't "owned" by an end-user organization. The entire IP address space (including both IPv4 and IPv6) is owned by IANA. IANA authorizes certain agencies to register other organizations for the exclusive use of portions of this address space. Having a network address block that is directly registered to you lets you continue using that block regardless of which ISP you are using for Internet access.

In return for this exclusivity, the registered organization must agree to pay an annual fee to its regional registrar. Unfortunately for the vast majority of the Internet's user community, the qualifying criteria for obtaining a directly registered address space has become an insurmountable hurdle. This is by design. The tandem goals of this higher hurdle are as follows:

  • To ensure that the remaining address space is used wisely by carefully qualifying the stated needs of organizations that apply for such space

  • To absolutely minimize the bloating of the Internet's routing tables by encouraging end users to obtain temporary usage rights to an address block from their ISP

"Leasing" an Address Space

RFC 2050 counsels all Internet users to obtain an address space from their current ISP and to regard that space as "leased." When an end-user organization enters into a contract for Internet access with an ISP, that ISP offers the organization the use of a portion of its address space. This address space is what RFC 2050 urges us to regard as being leased. When the contract for service expires, the space must be returned to the ISP. The benefit to the Internet is that each ISP can aggregate all its customers' address blocks into an absolute minimum number of network address blocks that are directly registered to that ISP. Only these high-level address blocks get shared with the Internet's other ISPs and networks.

The problem, from an end-user organization's perspective, is that RFC 2050 could force it to either pick one ISP and stay with that provider forever, or face the undesirable chore of renumbering its network when it needs to change ISPs.

RFC 1918 Reserved Address Spaces

Way back in Chapter 7, "Private Addresses and NAT," you learned about the reserved addresses stipulated in RFC 1918. These reserved private address blocks might be an organization's best option for addressing. No approvals are required, and implementing them does not preclude the future use of any other source of addresses.

In today's Internet environment, the best strategy for an organization that can't get its own directly registered address space is to both lease an address space from an ISP and implement RFC 1918. After having explored NAT in Chapter 7, you know that you need to configure inside local (IL) addresses (these would be from RFC 1918's reserved ranges) and inside global (IG) addresses. The IG addresses would be the globally unique addresses that you "lease" from your current ISP. Changing ISPs results in the relatively minor chore of swapping out the IG block configured on your network address translators.

Just Make It Up!

The last option for acquiring an address space is the least practical, although it might be the easiest approach. Most of the other ways of acquiring an address space require an approval or some other formal agreement. Just making up an address space is as easy as using an RFC 1918 address. No paperwork, review-and-approval process, or anything else is required. You might wonder why anyone would just pick a network address block arbitrarily.

Although I won't pretend to understand the mentality behind such actions, I can tell you that it is done with far more frequency than I care to see! In theory, if the network is isolated from the Internet, it shouldn't matter which network address you use. Based on this fact, some network administrators and/or hostmasters simply exercise a level of professional arrogance by picking a network address block and implementing it. Such actions are extremely shortsighted. You should make every attempt to comply with the Internet's RFCs and Best Current Practices.

Inheriting an Existing Address Space

Inheriting an existing address space might free you from the burden of planning and implementing an address space. But this isn't a free lunch. Instead, you get the dubious distinction of trying to figure out why someone else did things the way they did. Worse, it becomes incumbent upon you to clean things up. Unfortunately, managing an IP space is similar to driving an aircraft carrier: You can't turn either one on a dime!

In very simple terms, it is always easier to start fresh with a new address space and a new network than it is to inherit someone else's mess. If you do find yourself in this position, your approach should be to thoroughly study the existing allocation scheme. Next, define your priorities for the address space, pick a suitable strategy, and look for opportunities to improve over time. The persistent nature of IP assignments means that solving inherited problems takes a lot of time and patience. You have to iterate toward perfection slowly. This means you have to have a very long-term planning horizon and act in a consistent manner over time.

This might sound like simple common sense, but unless you have a solid command of the mathematics of IP addressing, and enough foresight to have a plan, it is impossible to manage an address space well.

The remainder of this chapter focuses on various issues that inevitably accompany the management of an address space. The issues can vary widely based on a number of factors, including where you got your IP address space. Then we can look at those issues in the specific context in which you might find yourself operatingnamely, an enterprise organization, an ISP, or an Internet hosting facility.




IP Addressing Fundamentals
IP Addressing Fundamentals
ISBN: 1587050676
EAN: 2147483647
Year: 2002
Pages: 118
Authors: Mark Sportack

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net