IP Address Management Best Practices

The following are best practices for overall IP address management.

Best Practice

Centralize management of IP inventory and DHCP and DNS services

Centralizing the management of IP inventory with DHCP and DNS configuration simplifies and automates the closely related functions of IP inventory, DHCP and DNS. A centralized "umbrella" function promotes consistency among these key elements and streamlines IPAM processes.

Enable delegation of IPAM responsibility as desired while controlling access to relevant information.

Access control is an important consideration when multiple users have access to the IPAM system. While a core set of users will likely require full access to all system functions and features, it is likely that other administrators would receive a limited set of functionality and scope control based on their respective responsibilities.

Deploy highly available IP services

It goes without saying that DHCP and DNS services are critical to any IP network. Deploy these IP services in site-diverse configurations to provide continuity during disaster recovery. Consider appliances for intrasite hardware level redundancy for critical servers. If using a centralized IPAM system as recommended, ensure it is not in the critical path to proper DHCP and DNS processing. Consider a high availability deployment of the IPAM system, especially if it is in the critical path.

Monitor IP services to proactively manage services availability

Keep track of the status of DHCP and DNS services operating throughout the network via periodic polling or event notification. Enable drill-down into event logs and remotely control services to facilitate trouble diagnosis and resolution.

Streamline IP services upgrades and patches

With appliance-based deployments, one vendor is responsible for not only the DHCP and DNS services version, but also for the appliance operating system and kernel. Staging patches and upgrades on a centralized system with the ability to deploy to remote servers vastly simplifies the coordination, timing, and resource requirements for this otherwise costly and cumbersome process.

Adapt IP management functions to your business processes.

Every organization's IP network management is unique, despite their common need to effectively manage address space and DHCP and DNS server configurations. To the extent possible, adapt the systems you use to define your addressing topology, device types and naming policies, as well as attributes on topology nodes, blocks, subnets, devices and domains. This enables you to manage your IP address space according to your business processes.

Integrate IPAM processes into broader enterprise workflows

In addition to adapting the IPAM system constructs and attributes to your business processes; consider further automating IPAM-related functions into broader IT workflows, such as deploying a new site, externalizing IP address requests, tracking asset information on devices and creating trouble tickets.

Enable reporting for addressing status and audit information

Communications across organizational levels can be simplified with intuitive, highly graphical reporting. Filtering information to particular "hot spots" within the network can highlight and convey information that potentially requires escalation. Audit reports are also required to track user accountability and comply with regulatory requirements.