Slashdot Mirror
Managing Lots of IP Addresses?
haggisbrain asks: "I'm a Systems Administrator and I've recently started work with a new company where I'm now helping to support a much larger number of nodes than I've previously supported. We have just over 1000 nodes to support, but no efficient method to manage the IP addresses and subnets used. Previously, an Excel Spreadsheet has been sufficient enough for my needs, but now I need to find a new way. Can someone recommend a piece of software which can help me? Is there a simple way to list and view the IP addresses used on my network?"
Look@Lan It's a great little tool once you have it configured. It even will produce those nifty excel files for you if you wish. But man... I HATE that sonar sound effect. It's worse than the "UH OH!" sound made infamous by ICQ.
What specifically is it about the spreadsheet m0del which is insufficient? I don't manage large blocks of IP addresses and subnets so I'm not familiar with the information which you'll be compiling or how you'll need to manipulate and mine it.
When other people figure out a complex organizational scheme for a spreadsheet they often turn it into a database. If you have kept a spreadsheet for a similar task, on a smaller scale, then you should be able to identify very quickly which axes you need to expand in order to accomodate the larger task.
the NPG electrode was replaced with carbon blac
DHCP, FTW!!!!
Shouldn't your DHCP server have a list of its leases?
First off, just looking at your router configs should tell you what addresses are where.
Then, make sure you're using dhcp to assign the addresses.
Use nmap to check for weirdness.
Hello 30 seconds on google:
http://iptrack.sourceforge.net/
Imagine using spreadsheets these days.
On top of DHCP, add Dynamic DNS and you're almost all set. Just make sure to use a DHCP and DNS server from the same producer, they're generally not 100% compatible with one-another if you don't. They might be 99% but that 1% creates a whole world of trouble.
Deleted
What's wrong with DHCP and dynamically updated DNS?
You don't want users connecting their own systems onto the network whenever they feel like it. All PC's in our university have static IP's. And an alarm goes off whenever anyone as much as removes a single computer from the network. Even the cables from the router to the wall sockets are manually connected and disconnected. There are however, Wi-Fi areas for anyone who wishes to connect their laptops to the network, and users are free to use USB memory keys, CD/DVD burners and external drives.
Tech-support still have painful memories of when someone tried and failed to smuggle a PC out through the small bathroom windows in the block.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
This question has come up once or twice before.
The usual suspects for answers to this question are as follows:
NorthStar, which is quite feature rich. "NorthStar is a system to help track and allocate blocks in an IP Network"
IPplan which is another open source product.
And PHPip
If you want to go commercial VitalQIP Enterprise could suit your needs quite well.
Berny
Curiosity was framed; ignorance killed the cat. -- Author unknown
What an annoying comment....perhaps a troll.
Asking slashdot is informative for everyone. Sure, google may turn up a few thousand hits, but there may still be some gems hidden in there that slashdot can provide links to.
Maybe people will find a new version/product that they didn't know they wanted/needed.
Deleted
My company has been using Ubersmith Datacenter Edition (Uber DE, for those in the know) for a few months now - the IP management stuff they've integrated into the device manager is pretty slick to say the least. We've done the spreadsheet before, as well as North*, but neither of those options mesh well with any external systems. If you've got hardware/network stuff to manage as well (which I assume you do) give the Ubersmith guys a call. I don't think there's an online demo of DE yet (lame) but when we were interested in the system we called up and one of the developers gave us a walkthrough of a live build, explaining what was going on. http://www.ubersmith.com/
A decent DHCP server can easily be configured not to hand out addresses to anything. It can be configured to only hand out an address (dynamic or static, take your pick) to only a specific MAC address (or addresses).
>And an alarm goes off whenever anyone as much as removes a single computer from the network.
That'd be quite a bit of overhead, what with pinging every single machine constantly to check it's state. No DHCP server I've seen would do that, but with the open source DHCP servers, it wouldn't be too tough to implement.
>Even the cables from the router to the wall sockets are manually connected and disconnected.
That's not at the layer DHCP operates at, so yeah, that's a problem only the switch it's connected to can handle.
>There are however, Wi-Fi areas for anyone who wishes to connect their laptops to the network, and users are free to use USB memory keys, CD/DVD burners and external drives.
Something else, obviously, DHCP is designed for.
Really, it's a great tool. I'd still recommend setting up DHCP to hand out addresses to machines that aren't listed in the MAC address database, but they should be handed out an address on a network that isn't reachable by anything but the DHCP server. Lets you know that the machine is connecting OK, and, if you have the machine configured to allow you to push software on to it (to lock it down / whatever) you'll still be able to do that.
I like Cheops-ng, though I'm not sure if that's exactly what you're looking for. Also, I wouldn't run it during peak business hours -- don't wanna clog those tubes ;)
Maybe you can find some useful info here, this topic came up about a year ago:2 51224
http://ask.slashdot.org/article.pl?sid=06/04/26/2
sig? uhh, umm, ok
Awesome. By using a spreadsheet, you can "what if?" and see what would happen if you were to change a certain node's address, as the change instantly propogates through various calculations, ultimately altering that final cell either subtly, or drastically. You can even make a pie chart that shows the addresses!
But best of all, since it's not just a spreadsheet -- it's an Excel(TM) spreadsheet! -- you have the advantage of Microsoft's advanced proprietary technology. Pity the fool who has to settle for Lotus 1-2-3 to .. um .. record a list.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
"Hey Slashdot, I'm good at my job but I don't know everything.. please help me. I've already googled around for at least an hour to see what solutions exist. Being a social and intelligent human being who doesn't live in a vacuum, I'd love to have a conversation with other administrators about what solutions they have found valuable. I'm hoping that I can learn something those who have already investigated these solutions. I want to learn from your experience and leave a public record on Slashdot for other people who might have the same need in the future."
Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
That works fine if you only have small systems where every box has one IP. What about the webservers where you are running 20-30 websites on a single box, or application servers with a similar number of unique IPs?
We've been dealing with spreadsheet hell at the company where I work for years now, and it is only getting worse. We've got huge multi-page spreadsheets with hundreds of nonroutable network subnets in them. Worst thing about this is that ultimately, the spreadsheets cannot really be trusted because there is no way to verify that each IP in the sheet is live, or even desired to still be reserved for a specific purpose, because over time, people leave, projects come and go, and networks change through mergers/acquisitions.
You also have the little fiefdoms to worry about where group X has control over a big bunch of IP address space, but because it is managed through MS-AD, it doesn't communicate with anything to help you to manage it, or at least the controlling organizations won't let you manage it from a global perspective.
Of the packages I've looked at in the open source world, IPPlan and Sauron seem to be just about good enough for the task, but neither one seems to be actively developed anymore.
This is an ex-parrot!