When you are designing or expanding your network, it is important to know how to manage IP address allocation properly, because this is crucial to the performance and expandability of your network. Here, we cover how to properly allocate IP addresses for a new network -- and what to do if your network runs out of IP addresses.
Allocating IP addresses
When you define which IP addresses will be on which network, you are not only setting a precedent that will be difficult to change, you are limiting the size of your network. This is because IP networks/subnets have limited sizes. For example, a Class C network (like 192.168.1.0 /24) can have up to 254 usable computers. That may be enough for your network today, but it may not be enough for your network next year.
Of course, the ideal time to properly size these IP networks is when you design the network. Your design is only as good as the information you have at hand. Let's say that you expect each network to have 125 computers and not grow beyond 254 computers. When you configure your routers and design an IP address scheme, you will assign a Class C IP address network to this network. If after six months the device count needs to go up to 400, however, you will have to make a change in your design. You will have a couple of choices.
Sizing your network
To properly size your network from the beginning, use the host's formula. This formula says that for the number of zeros in the subnet mask when converted to binary, take 2 to the power of that number, minus 2, and you will see the number of possible hosts when using that subnet mask. This can be done on a subnetting calculator, of course, or with the help of handy subnetting charts. (See IP addressing and subnetting: Calculate a subnet mask using the host's formula for more information.)
If possible, it is important to know where your company is going with this location -- meaning, how many networked devices will be at this site? Don't forget to include laser printers, servers and other networked managed devices (UPS systems, for instance).
Once you know that, you need to try to find out what the expected growth is for this site. Will the number of devices eventually double? Often, this can be limited by the physical size of the office. If all you have is a small lot with a single building, and every office is already filled with a PC, there isn't physical space to add many more devices.
In having all this information, you will know how many IP addresses you may need in the future, so you can select the proper IP address space.
NAT and the Internet
With private networking (RFC1918), you have many IP addresses available for your internal use. To access the Internet from those IP addresses, you just have to perform network address translation (NAT).
Let's look at an example. Say your company has 70 locations with 50 devices each. One option would be to allocate 126 usable IP addresses with a /25 subnet mask (or 255.255.255.128), still allowing enough IPs for the network to double in size and using the IP address space as efficiently as possible. This would allow you enough growth to have some 130,000 networks of this size. I doubt that your company would grow beyond that number of sites.
On the other hand, you could allocate more IP addresses per site and have fewer networks. Say you allocated 65,000 hosts to this subnet with a /16 mask (or 255.255.0.0). That would leave you the ability to grow to 256 networks of this size, but this seems like a huge waste of IP addresses.
Finally, you could allocate many more IP addresses than you might need, break the network at the octet boundary, and still have the ability to add many networks. Let's say you allocated a /24 subnet mask (or 255.255.255.0). That would give you 254 usable hosts per network (you could grow 5x) and the ability to have 65,536 subnets (or locations). This seems like a more reasonable approach.
In my opinion, the worst thing you could do is to allocate a /26 subnet mask (or 255.255.255.192) and give yourself only 62 usable hosts on each network. The 50 hosts you have would almost certainly outgrow this at some site.
Options when you are out of IP addresses
Let's say that someone allocated too few IP addresses to a network. What are your options?
Option A: Re-address the network
The first option to resolve a network that is out of IP addresses is to allocate a larger IP subnet (more addresses) and change the subnet mask on all devices. Although this costs nothing monetarily, it could cost quite a bit in time.
You don't want to let your LAN get too big, however. The more devices, the more broadcasts you will have. Eventually, over perhaps 300+ devices, your network will begin to have performance problems from the devices' having to process so many broadcasts that weren't meant for them.
Option B: Add a second network or VLAN
Another option would be to add a second network. Say you have one network of 192.168.1.0/26 with 62 usable hosts. Suppose you have 60 hosts and need more. You could add network 192.168.1.64 and use hosts 192.168.1.65-192.168.1.126. To do this and allow the two networks to communicate, you would add a second LAN interface on your router and route between these two networks. Each network would have a different IP gateway, and you might have different DHCP servers on each network.
The problem with doing this is that the devices on each network must be physically cabled separately, come back to a single switch, and then be connected to their respective interfaces on the router. In a larger office, this can be very difficult.
A great solution to this as the number of devices grows is to use VLANs. With VLANs, the devices in the different networks could be anywhere, still be on their network, and still communicate to the devices on the other VLANs.
About the author:
David Davis (CCIE #9369, CWNA, MCSE, CISSP, Linux+, CEH) has been in the IT industry for 15 years. Currently, he manages a group of systems/network administrators for a privately owned retail company and authors IT-related material in his spare time. He has written more than 100 articles, eight practice tests and four video courses, and he has co-authored one book. His Web site is HappyRouter.com.
