IPv4 Address Planning‘Share and Explore’Chair: Tim Chown, Jisctim.chown@jisc.ac.uk

Introduction

»Many Janet-connected organisations have long-standing IPv4 address space, commonly a /16 dating back 20+ years

»Others, especially more recently connected sites, may only have a relatively small block of address space, perhaps /24 or less

»Open question: how do you manage your address space as it becomes exhausted, or when your original allocation was relatively small in the first place?› And doing that given an ever-growing number of networked

devices, including those connecting wirelessly via eduroam

»Aim of this session is to discuss issues and share ideas01/05/2023

IPv4 Address Planning ‘Share and Explore’

IPv4 Address Planning ‘Share and Explore’

Topics

»Some topics have arisen from my own recent conversations with sites – we can discuss these and then any other thoughts or questions you may have

»Topics:› Ongoing address planning – handling fragmentation over

time of your of address space, and reclaiming larger blocks of space

› When to use NAT, and when not› Tools (IPAM software) used to manage your address space,

and mapping to DNS and DHCP services, etc› Allocating static IPv4 addresses to user devices› Planning for IPv6 (dual-stack)

»We can look at each of these in turn…01/05/2023

IPv4 Address Planning ‘Share and Explore’

Ongoing address planning

»An address plan is an evolving, ‘living’ thing› Likely to be constantly under review

»New demands on your address space, e.g. new buildings, new services, expanding services (like eduroam)› May mean you want large contiguous blocks of address

space»Sites with ‘historic’ address space (/16) likely to have become

fragmented over time› For efficiency, want to ‘shrink-wrap’ allocations to number

of hosts in a subnet

»As you reach exhaustion, this task becomes more difficult»Is this a problem you recognise? If so, how big an issue is it?01/05/2023

IPv4 Address Planning ‘Share and Explore’

When to use NAT

»An obvious way to conserve use of your global IPv4 address space is to use Network Address Translation (NAT)

»But when / where is it appropriate / acceptable to do so?› Your eduroam network may be one target – probably the

fastest growing part of your network, with many BYOD devices per person

»In many cases, ‘needs must’»Always need a certain amount of global address space for

public-facing services»Some devices may only communicate internally within your

site – no need to have a global address

»Thoughts?01/05/2023

IPv4 Address Planning ‘Share and Explore’

Address management tools (IPAMs)

»Most (all?) sites will be using some form of IP address management (IPAM) software› May be a commercial off-the-shelf tool› Might be home-grown software that has been lovingly

crafted and updated over many years – Maybe the original author is still with you, or maybe not

› Will typically integrate with DNS and DHCP services»What are you using?»Does it do the job you need?»If not, what are the gaps / problems?

01/05/2023

Static IP address allocations

»In many sites, it seems common that users can request static IP addresses for their devices or services› Might be servers› Might also be clients – perhaps less necessary?

»Typically implemented through IP-MAC address mappings› But note what Stephen Farrell said yesterday about operating

systems and randomising MAC addresses over time› Good for user privacy, but adds challenges to network

management»Are static IP address allocations something you support?»Can you continue to do so when facing address exhaustion?01/05/2023

Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)

Planning for IPv6 (dual-stack)

»IPv6 is the long-term solution for address space shortages / problems in Janet-connected sites

»Some deployments happening (as reported earlier today – see the slides online)› Pretty much universally dual-stack (IPv4 alongside IPv6)› IPv6-only networking will follow, but not quite ready yet,

especially for BYOD environments»Question: how might you integrate an IPv6 address plan in

your IPv4 network?› Add a /64 IPv4 prefix for each IPv4 subnet, as it is today?› Or try to start afresh? (with much renumbering…)› No right or wrong answer, but an interesting challenge01/05/202

3Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)

jisc.ac.uk

Other issues?

01/05/2023

Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)

Are there any other issues you’d like to discuss?Tim ChownSenior network services developerTim.Chown@jisc.ac.uk