Writing

Software, technology, sysadmin war stories, and more. Feed
Thursday, September 22, 2011

IP assignments done with no planning for the future

One time, I inherited a really bad IP allocation scheme. It really needs to be documented so that nobody else has to suffer through this in the future.

The organization in question had a /19 -- that's 32 contiguous /24s. Their space was xx.xx.32.0 to xx.xx.63.255. You'd think that a network engineer would know how to allocate these things in such a way that would allow for expansion. You'd be wrong.

From what I can tell, the original person took the space and said "well, we have five things to put out here, and 32 divided by 5 is 6.4, so let's put them 7 apart". That gave an allocation scheme like this:

Looking good, right? Well, okay, sure, if those schools never grow, fine. But things are never that simple. Two of those were high schools and the other three were middle schools. Worse still, there were more locations to be added over the next couple of years as new schools and other administrative sites went up.

Here's why. It's all in the bits.

School #1 was fine, since it was on a natural boundary. It could be 32.0/24 for 254 usable hosts, 32.0/23 for 510 usable hosts, or even 32.0/22 for 1022 usable hosts. That's no big deal. It got messy when you started looking at the others.

School #2, by virtue of having the operative bits end in "11", would be at the end of a /22 or a /23. You would have to grow the network "up" to be 38.0/23 or 36.0/22. What a mess. This meant changing routing details and other device configurations, since the network number would now be xx.xx.38.0 or xx.xx.36.0 instead of xx.xx.39.0.

This same pattern would play out at school #3 or #4, too, by virtue of their suboptimal placement. School #5 lucked out by landing on another natural boundary for a /23 or a /22.

By the time I got a hold of it, several more allocations had happened. Site #6 was added at xx.xx.59.0/24. Then another, #7, was added at xx.xx.58.0/24. The first one probably wouldn't have needed to grow, but #7 was a school and those tend to get a lot of computers.

Somehow, we managed to avoid a full-on network-wide renumbering. There were just enough holes left to fit a few new big schools like one that was a combination elementary and middle school: K-8 in one building. I figured out where we could fit /22s and /23s and started reserving room for future sites by their approximate sizes. The insanity was over.

Only one network had to move outright, and that was arranged over a summer break when every machine was reinstalled anyway.

Bullet dodged.