Slashdot Mirror

← Back to Stories (view on slashdot.org)

Managing Lots of IP Addresses?

Posted by Cliff on from the more-than-just-DHCP dept.

haggisbrain asks: "I'm a Systems Administrator and I've recently started work with a new company where I'm now helping to support a much larger number of nodes than I've previously supported. We have just over 1000 nodes to support, but no efficient method to manage the IP addresses and subnets used. Previously, an Excel Spreadsheet has been sufficient enough for my needs, but now I need to find a new way. Can someone recommend a piece of software which can help me? Is there a simple way to list and view the IP addresses used on my network?"

11 of 97 comments (clear)

  1. Need more information by HomelessInLaJolla · · Score: 2, Insightful

    What specifically is it about the spreadsheet m0del which is insufficient? I don't manage large blocks of IP addresses and subnets so I'm not familiar with the information which you'll be compiling or how you'll need to manipulate and mine it.

    When other people figure out a complex organizational scheme for a spreadsheet they often turn it into a database. If you have kept a spreadsheet for a similar task, on a smaller scale, then you should be able to identify very quickly which axes you need to expand in order to accomodate the larger task.

    --
    the NPG electrode was replaced with carbon blac
    1. Re:Need more information by Spazmania · · Score: 4, Insightful

      When I worked for an ISP one of the tasks I had to deal with was, "Assign a /28 to customer X." That's a deceptively simple request.

      First, some of my routers had as little as 16 megs of ram. Route aggregation is essential. So its not just assign it to customer X, its "Assign a /28 to customer X in network area A." That of course means that I first have to assign a superblock, say a /22 to network area A and install the /22 route at the borders of network area A. So now its, "Assign a /28 to customer X in network area A. Assign and route a new superblock to area A if necessary."

      Second, there is the question of conservation. Today its assign a /28 but tomorrow it could be assign a /24. If I want to actually have a /24 tomorrow then I need to assign a /28 ideally from an available block in area A that's exactly a /28 long. If none are availale, I'd prefer to break a /27 (still in area A) rather than a /26 or a /25. So now its, "Assign a /28 from the smallest available block in network area A to customer X. Assign and route a new superblock to area A if necessary."

      But, see, I've been doing this for years now and customers come and go. Quite a few of the blocks assigned in my list may be dead; no longer associated with active customers. I don't want to go breaking larger blocks if there's an assigned but dead /28 I can grab. So now its, "Clean dead assignments from the list. Then assign a /28 from the smallest available block in network area A to customer X. Assign and route a new superblock to area A if necessary."

      And lets not forget reverse-DNS. Ideally I want the customer to have some sort of control over it. So now its, "Clean dead assignments from the list. Then assign a /28 from the smallest available block in network area A to customer X. Assign and route a new superblock to area A if necessary. Delegate the reverse DNS for those IP addresses to the customer."

      Needless to say, a spreadsheet is not very helpful for any of this. Finding that optimal /28 from network area A is like searching for a needle in a haystack. What I really need a system that:

      A. Processes the cancelled customer list so it knows which assigned blocks are dead,
      B. Find's the optimal /28 for me from area A for me, and
      C. Sets up an appropriate delegation so the customer will be able to manage the reverse-DNS for his IP addresses but no others.

      And no, I never did find a good system to do this. I used a flat file that could be used to generate a graphic representation of the assigned addresses and tagged all blocks to customer ids so I could automatically check them against the accounting system. It was better than excel but it wasn't good.

      --
      Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
  2. Uhhh... by Talez · · Score: 3, Insightful

    Shouldn't your DHCP server have a list of its leases?

  3. Re:Just like the average ask slashdot.. by sk8king · · Score: 5, Insightful

    What an annoying comment....perhaps a troll.

    Asking slashdot is informative for everyone. Sure, google may turn up a few thousand hits, but there may still be some gems hidden in there that slashdot can provide links to.

    Maybe people will find a new version/product that they didn't know they wanted/needed.

  4. Cheops-NG by ET_Fleshy · · Score: 2, Insightful

    I like Cheops-ng, though I'm not sure if that's exactly what you're looking for. Also, I wouldn't run it during peak business hours -- don't wanna clog those tubes ;)

  5. Using the right tool for the job by Sloppy · · Score: 2, Insightful

    Previously, an Excel Spreadsheet has been sufficient enough for my needs

    Awesome. By using a spreadsheet, you can "what if?" and see what would happen if you were to change a certain node's address, as the change instantly propogates through various calculations, ultimately altering that final cell either subtly, or drastically. You can even make a pie chart that shows the addresses!

    But best of all, since it's not just a spreadsheet -- it's an Excel(TM) spreadsheet! -- you have the advantage of Microsoft's advanced proprietary technology. Pity the fool who has to settle for Lotus 1-2-3 to .. um .. record a list.

    --
    As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
  6. Re:Just like the average ask slashdot.. by Matt+Perry · · Score: 4, Insightful

    "Hey, Slashdot, I don't know how to do my job.. please help me. I could PROBABLY google around for 30-40 seconds and find a solution, and earning my paycheck by doing so.. but I figure I'll waste everyone's time."

    "Hey Slashdot, I'm good at my job but I don't know everything.. please help me. I've already googled around for at least an hour to see what solutions exist. Being a social and intelligent human being who doesn't live in a vacuum, I'd love to have a conversation with other administrators about what solutions they have found valuable. I'm hoping that I can learn something those who have already investigated these solutions. I want to learn from your experience and leave a public record on Slashdot for other people who might have the same need in the future."
    --
    Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
  7. Re:Just like the average ask slashdot.. by Anonymous Coward · · Score: 1, Insightful

    You're kidding, right?

    Anyone who's had an IT position at a level slightly above Geeksquad tech would know to use DHCP/DNS. Anyone who's administered a home network I would assume knows how DHCP works.

    Its questions like these that make me understand the perception on /. that the tech market is in the shitter. There's a boatload of morons who have no business working in IT, and the OP is a perfect example.

  8. Re:If only... by zeugma-amp · · Score: 2, Insightful

    That works fine if you only have small systems where every box has one IP. What about the webservers where you are running 20-30 websites on a single box, or application servers with a similar number of unique IPs?

    We've been dealing with spreadsheet hell at the company where I work for years now, and it is only getting worse. We've got huge multi-page spreadsheets with hundreds of nonroutable network subnets in them. Worst thing about this is that ultimately, the spreadsheets cannot really be trusted because there is no way to verify that each IP in the sheet is live, or even desired to still be reserved for a specific purpose, because over time, people leave, projects come and go, and networks change through mergers/acquisitions.

    You also have the little fiefdoms to worry about where group X has control over a big bunch of IP address space, but because it is managed through MS-AD, it doesn't communicate with anything to help you to manage it, or at least the controlling organizations won't let you manage it from a global perspective.

    Of the packages I've looked at in the open source world, IPPlan and Sauron seem to be just about good enough for the task, but neither one seems to be actively developed anymore.

    --
    This is an ex-parrot!
  9. Re:nmap & dhcp? by Stephen+Samuel · · Score: 2, Insightful
    The purpose of this tracking is to be able to specify the router configs, and having to talk to dozens of routers every time someone wants a block of IPs assigned is going to get onerous. That's why this person (and any sane person in a similar situation) would like a reasonably straightforward and central way of knowing what networks are (and can be) assigned where, and what the router configs should be.

    Of course, after that I'd probably write a script to call up each router, compare their routing tables to what I think they should be an email me with any discrepancies.

    --
    Free Software: Like love, it grows best when given away.
  10. Re:IPplan by Builder · · Score: 2, Insightful

    I love it when someone asks for personal experience and advice, and someone else just points to some tool they found on google. No explanation of how good it is, no personal experience, but hey, I found it on Google so it must be good enough, right ?