IP network connectivity is becoming so important for business that it is being compared today to basic utilities, such as water and electricity. As key enablers of IP network connectivity, IP addresses are positioned today among the most important resources to be managed. Ready access and flawless handling of IP address usage, assignment, tracking and reallocation help in enhancing network reliability and security, while enabling more efficient network expansion and troubleshooting. Today, more than any time before, companies are realizing the need to adopt and implement a comprehensive IP Address Management (IPAM) strategy. Such a strategy, backed by automated IPAM tools, will enable organizations to address the stringent requirements imposed by new converged technologies. This chapter turns the spotlight on the most important challenges in IPAM and attempts to address some of the solutions and best practices to tackle these challenges. The author’s views on future IPAM perspectives are discussed and some open research issues are pointed out. The paper underlines the need for organizations to adopt proven IPAM best practices and deploy good automated IPAM tools. This will put them in a better position to expand and leverage their existing networks, while optimizing their IP address space in a secured and controlled fashion.
Most organizations today, whether carriers, service providers or enterprises, rely on IP -based networks to service their information processing and communication needs. Core business applications such as enterprise collaboration, electronic-commerce and internal business operations rely on network integrity, availability, and reliability. IP-centric networks will become even more important with the ongoing integration of converged data, voice and video services over a unified IP-based network infrastructure. The recent proliferation of IP-based devices such as IP phones, wireless PDAs, access devices and RFID readers is further amplifying the role of IP-based networks in enabling next-generation services such as enterprise mobility and mixed-mode unified communications. As a result, IP network connectivity is becoming so vital for business that it is being compared to utilities such as water and electricity (Liu, 2005). As key network connectivity enablers, IP addresses turn out to be one of the most strategic resources to be managed in modern networks.
Broadly speaking, IP Address Management (IPAM) can be defined as an ongoing practice which deals with the proper allocation, assignment, tracking and reallocation of IP addresses. To achieve these tasks, organizations need to formalize and adopt comprehensive IPAM strategies that best suit their needs. As shown in Figure 1, this IPAM strategy spans across three unified management functions, namely IP Address Inventory Management, Domain Name Service (DNS) management and Dynamic Host Configuration Protocol (DHCP) management (Kerravala, 2005). Each of these functions is essential for the proper operation of an IP network, as detailed below.
IPAM functions and associated four functional areas
IP address inventory management provides the ability to remotely handle the allocation of IP addresses within the organization’s IP address space. This function is also responsible for archiving IP inventory data and for optimizing usage of the IP space.
DNS management handles the proper configuration of DNS servers, based on best practices. The objective is to keep DNS servers highly secure and available, while keeping DNS configuration data sanitized from syntactical and logical errors (“IP address management demands,” 2007).
DHCP management enables the assignment of static and dynamic IP addresses, ensuring that these are available on the fly to authorized hosts that require connection to the network. This requires the proper configuration and provisioning of DHCP servers to maintain their security, integrity, and availability. DHCP management also aims to automate and optimize the usage of the scarce IP address space.
Today, a new breed of IPAM solutions is being proposed, with a promise to automate and optimize the management of the IP address space throughout the IPAM lifecycle, as shown in Figure 2. Some of the strategic tools offered by these IPAM solutions include centralized management and automated provisioning, auditing, diagnostics and reporting. Automation is a key success factor in delivering efficient IPAM solutions that are scalable, flexible and secure and which are capable of addressing the stringent requirements imposed by new converged technologies.
The cost of not adhering to good IPAM strategies and practices can be devastating for organizations. Potential adverse impacts include increased network downtime, revenue losses, decreased IT staff productivity, security breaches, end-user dissatisfaction and slower responsiveness to network changes. In light of the above, organizations need to be aware of the many facets of IPAM, including challenges and best practices.
This chapter starts by highlighting the importance for organizations to adopt comprehensive IPAM strategies, and then summarizes the main approaches to IPAM. This is followed by a discussion of the major IPAM challenges and some corresponding solutions and best practices. Some recent IPAM trends and future perspectives are also explored.
Key Terms in this Chapter
RIR (Regional Internet Registry): A non-profit agency that manages the distribution and registration of Internet number resources (IP addresses and BGP autonomous system numbers) within a particular region of the world. There are currently 5 RIRs in operation: ARIN for North America, RIPE NCC for Europe, Middle East and Central Asia, APNIC for Asia and the Pacific region, LACNIC for Latin America and the Caribbean region and AfriNIC for Africa.
IPAM (IP Address Management): A framework designed to simplify the planning, tracking, and management of the IP address space, while managing dynamic IP address services (DHCP) and IP name services (DNS).
Audit Trail: A chronological sequence of logs and audit records, each containing evidence of completed or attempted transactions (such as system activities, operations, events, user access requests, and services). Audit trails are used to reconstruct or investigate user actions or sequence of events that are behind an operation or a system response.
NMS (Network Management System): A platform that contains a set of applications which reside on a management station. The NMS is used to remotely monitor, control and administer a network.
DNS (Domain Name System or Service): An Internet service that translates human-readable computer hostnames into IP addresses. DNS servers maintain a distributed database of numeric IP addresses and their corresponding domain names and resolve them to locate remote machines.
DAD (Duplicate Address Detection): A feature of the IPv6 networking stack that can detect the presence of a duplicate address that is already being used on the network.
TCO (Total Cost of Ownership): A calculation that assesses the sum of all costs of an asset. This includes the cost to acquire, deploy, operate, upgrade and maintain an asset. Technical support and training costs are also included in the TCO.
DHCP (Dynamic Host Configuration Protocol): An application layer protocol in the TCP/IP suite that automates the assignment of IP addresses, subnet masks, default gateway, and other IP parameters on a network.