Managing Lots of IP Addresses?

haggisbrain asks: "I'm a Systems Administrator and I've recently started work with a new company where I'm now helping to support a much larger number of nodes than I've previously supported. We have just over 1000 nodes to support, but no efficient method to manage the IP addresses and subnets used. Previously, an Excel Spreadsheet has been sufficient enough for my needs, but now I need to find a new way. Can someone recommend a piece of software which can help me? Is there a simple way to list and view the IP addresses used on my network?"

Look@Lan

[bdr529]

Look@Lan [lookatlan.com] It's a great little tool once you have it configured. It even will produce those nifty excel files for you if you wish. But man... I HATE that sonar sound effect. It's worse than the "UH OH!" sound made infamous by ICQ.

Re:

[empaler]

Hmm, I don't have speakers on this particular compy...
I'll venture a whirl.

Need more information

[HomelessInLaJolla]

What specifically is it about the spreadsheet m0del which is insufficient? I don't manage large blocks of IP addresses and subnets so I'm not familiar with the information which you'll be compiling or how you'll need to manipulate and mine it.

When other people figure out a complex organizational scheme for a spreadsheet they often turn it into a database. If you have kept a spreadsheet for a similar task, on a smaller scale, then you should be able to identify very quickly which axes you need to expand in order to accomodate the larger task.

Re:Need more information

[Spazmania]

When I worked for an ISP one of the tasks I had to deal with was, "Assign a /28 to customer X." That's a deceptively simple request.

First, some of my routers had as little as 16 megs of ram. Route aggregation is essential. So its not just assign it to customer X, its "Assign a /28 to customer X in network area A." That of course means that I first have to assign a superblock, say a /22 to network area A and install the /22 route at the borders of network area A. So now its, "Assign a /28 to customer X in network area A. Assign and route a new superblock to area A if necessary."

Second, there is the question of conservation. Today its assign a /28 but tomorrow it could be assign a /24. If I want to actually have a /24 tomorrow then I need to assign a /28 ideally from an available block in area A that's exactly a /28 long. If none are availale, I'd prefer to break a /27 (still in area A) rather than a /26 or a /25. So now its, "Assign a /28 from the smallest available block in network area A to customer X. Assign and route a new superblock to area A if necessary."

But, see, I've been doing this for years now and customers come and go. Quite a few of the blocks assigned in my list may be dead; no longer associated with active customers. I don't want to go breaking larger blocks if there's an assigned but dead /28 I can grab. So now its, "Clean dead assignments from the list. Then assign a /28 from the smallest available block in network area A to customer X. Assign and route a new superblock to area A if necessary."

And lets not forget reverse-DNS. Ideally I want the customer to have some sort of control over it. So now its, "Clean dead assignments from the list. Then assign a /28 from the smallest available block in network area A to customer X. Assign and route a new superblock to area A if necessary. Delegate the reverse DNS for those IP addresses to the customer."

Needless to say, a spreadsheet is not very helpful for any of this. Finding that optimal /28 from network area A is like searching for a needle in a haystack. What I really need a system that:

A. Processes the cancelled customer list so it knows which assigned blocks are dead,
B. Find's the optimal /28 for me from area A for me, and
C. Sets up an appropriate delegation so the customer will be able to manage the reverse-DNS for his IP addresses but no others.

And no, I never did find a good system to do this. I used a flat file that could be used to generate a graphic representation of the assigned addresses and tagged all blocks to customer ids so I could automatically check them against the accounting system. It was better than excel but it wasn't good.

Grep, cut, sed, awk

[HomelessInLaJolla]

Sounds like a task for shell scripts to manipulate an ASCII file and grep | cut | sed or maybe awk if the plain ASCII file is formatted correctly. I don't want to be drawn into UUOC.

Sure you could do it in C if you're familiar with the IO and text manipulations in that language--I always wanted to learn C but never devoted enough free time to it. The largest motivator to write the system from scratch in C is if the list becomes long enough that grep and awk can't process it quickly enough to keep up with

Re:

[Sancho]

C isn't really suited for text manipulation. It's unlikely that you'd need the raw power C gives for such a small task (unless you're running on really old computers). You could get away with Perl--this is basically what it was designed for.

Re:

[Cato]

If there's no suitable application out there, I would do this with Perl, starting with a prototype that just reads in text files, processes them, and writes them back - then you can graduate to a more sophisticated version that uses a database if needed.

However, the relevant searching would take some time to do efficiently in a DB, and the stated number of subnets is quite small, so writing the algorithms in Perl would be easier - and as I expected there are some potentially useful CPAN modules:

- http://sea [cpan.org]

Re:

[Sancho]

Indeed. We use many of the Networking-based libraries in my office. They're quite useful.

Modify

[HomelessInLaJolla]

The largest motivator to write the system from scratch in C is if the list becomes long enough that grep and awk can't process it quickly enough to keep up with incoming requests or if requests come through so often that beating up the disk platters is a consideration.

Use a RAMdisk.

Re:

[Short Circuit]

It's called tmpfs these days.

Re:

[HomelessInLaJolla]

Googlefight agrees [googlefight.com]

Use a database

[TheLink]

For the IP part, postgresql has network operators and functions that can come in very useful.

http://www.postgresql.org/docs/current/static/func tions-net.html [postgresql.org]

So in theory you could have a script for "A" and "B" to automatically free up and find blocks.
And a script for "C" to actually allocate a manually decided block and set up the delegation etc.

Doesn't actually seem too hard if you start with a decent database schema, and are using sane DNS software ;).

Of course there are super expensive off the shelf sol

Re:

[IAN]

While I'm not managing more than a couple of /22s, that's still a lot of subnets, as we're mainly doling out /29 and /28 blocks. I've had all of parent's issues (minus router memory, so far), and I'm still doing fine with a spreadsheet.

What's the trick? Visualisation. [imageshack.us] Look at the image:

• Each row is a single allocation.
• Unallocated subnets have a light yellow background.
• The leftmost column (dark gray boxes) tracks /28s, and the second column (light gray) tracks /27s.

So, if a box occupies a single ro

Re:

[shabble]

And no, I never did find a good system to do this.

What you describe doesn't sound terribly unlike how some implementations of malloc() work...

Re:

[bar-agent]

What you describe doesn't sound terribly unlike how some implementations of malloc() work...

Yeah, I was thinking that. Garbage collection, dude! It's a solved problem that just needs a GUI.

DHCP, FTW!!!!

[ELiTeUI]

DHCP, FTW!!!!

Re:

[dfoulger]

I see maybe a dozen DHCP answers already, so I'll just pick on this one. If he's asking for that large a block, DHCP almost certainly isn't an answer. Fixed IP addresses on a per server basis is important in some environments, especially managed server environments in which security is tied to specific addresses.

Re:

[flyingfsck]

So tie the IP to the MAC address and use DHCP to dish out fixed addresses - fixed till you decide to change it that is. This way, all IP addresses are in the DHCP configuration file.

Re:

[Miniluv]

So what, exactly, is more scalable about a flat text file than a sortable multi-field spreadsheet?

He's not saying its hard to ASSIGN the addresses to the actual boxes, he's saying its hard to keep records straight of which server has which IPs, what their gateways are, etc. Especially if you're dealing with supernets or other more complicated real world setups.

DHCP with reservations is indeed a good way to hand out the IPs, though I've yet to see a convincing argument of why its more efficient than properly

Re:

[dhasenan]

With a spreadsheet, I need to load a hefty graphical application to manage it. That means I am subject to its size limitations. They probably aren't that bad, and won't matter much in this case.

The submitter had about a thousand IPs to hand out. That's either a reasonably significant server farm or client machines. In either case, I don't want to have to pull a config file from a central server every time I reimage or replace a machine; instead, I just register the MAC address with the DHCP server and put t

Re:

[drsmithy]

I see maybe a dozen DHCP answers already, so I'll just pick on this one. If he's asking for that large a block, DHCP almost certainly isn't an answer. Fixed IP addresses on a per server basis is important in some environments, especially managed server environments in which security is tied to specific addresses.

Using DHCP does not preclude tying certain IPs to certain machines. You simply create a MAC <-> IP mapping and your DHCP client will always get the same IP.

I make this point because a hell

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Fastolfe]

Just because your home network works fine with DHCP does not mean this approach will scale to an enterprise level. By requiring that DHCP services be available when mission-critical servers boot up, you add a point of failure. If the DHCP server goes down, or the network between the host and the DHCP server is down when the server boots up, the server never gets an IP address and you potentially suffer an outage.

The cost of managing static IP address allocations for 1,000 hosts, and keeping those hosts co

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Fastolfe]

I didn't skip your last paragraph, but I did only read the first sentence, sorry.

If I move DNS to a new server, or the IP gateway somewhere else, or want to change the entire IP topology of the network, DHCP makes the entire process a hell of a lot simpler. I don't have to remember which machines are using which services, and which ones are providing them.

This seems backward to me too. If you don't know which systems are running which services, how did you get the services going on those machines to beg

Re:

[jesboat]

dhcp supports redundant modes of operation; furthermore, you could have a few servers (or pairs of servers) for different segments of the network, and they could easily share the database and only differ in which subnet they're on.

Re:

[Fastolfe]

Except all of this costs a lot of money, and you're still never going to get to a 0.000% chance of failure. So you've cost the enterprise tens if not hundreds of thousands of dollars building this redundant, distributed DHCP infrastructure, and reduced the availability of your systems by some small (but non-zero) amount. What has that bought you? A slight reduction in the amount of hours worked by your administrators? Oops, we forgot about the administrators that we'd have to hire to maintain the dozens

Re:

[jesboat]

The maximum you'd need would be two servers per segment, where a "server" could be as simple as a WRT54G running OpenWRT. (Those work very well, in fact.)

Maintenance is pretty darn trivial. Write a quick Perl script to generate and push the config files from a central database, and there basically isn't maintenance. (There is some, but nowhere near one administrator's work for a moderate- to medium-sized place.)

Furthermore, there are presumably routers somewhere holding the network together. You could use t

Re:

[Fastolfe]

Clearly you have no concept of "enterprise scale", so I don't think any of my arguments are going to mean anything to you. Come back when you've actually spent time in an IT shop with a billion dollars worth of high-end servers spread across a hundred subnets generating thousands of dollars of revenue a minute.

Re:

[jesboat]

I'm going to try to bring this discussion back to what we were actually saying at the beginning, if you don't mind [1]. I'm not going trying to argue that DHCP is God and solves every administration problem in existence. The only thing I am going to argue for right now is what I've actually asserted in my comments in this discussion. (Like the ancestor to this post, I think it's beneficial. Beneficial != solves all problems; beneficial == net gain. That's just full disclosure on my position.)

You said:

With e

Re:

[B'Trey]

DHCP is, in fact, irrelevant for this scenario as I understand it. He isn't assigning IPs to machines, which is what DHCP does. He's assigning blocks of IPs to other people for use as they see fit. The host using the IP might be sitting on the other side of two or three routers over which he has no control. It might not be assigned to a host or even a server. It might be assigned to a router interface. It might be assigned to a switches management VLAN. It might be one of a pool of IPs used in NATtin

Uhhh...

[Talez]

Shouldn't your DHCP server have a list of its leases?

Re:

[Princeofcups]

> Shouldn't your DHCP server have a list of its leases?

The poster did not state that the nodes are end user PC's. Ever try using DHCP to assign addresses to your load balanced application servers? Oracle servers? er, DHCP servers? :-)

jfs

Re:

[tlhIngan]

The poster did not state that the nodes are end user PC's. Ever try using DHCP to assign addresses to your load balanced application servers? Oracle servers? er, DHCP servers? :-)

Don't most DHCP servers these days support assigning "static" IPs to hosts based on their MAC address? Hence if you do reconfigure the networ, all it takes is going to each server and releasing/renewing the DHCP lease on each of them, rather than trying to reconfigure the myriad of machines and IP addresses. (Plus, most OSes let yo

nmap & dhcp?

[khasim]

First off, just looking at your router configs should tell you what addresses are where.

Then, make sure you're using dhcp to assign the addresses.

Use nmap to check for weirdness.

Re:

[Stephen Samuel]

The purpose of this tracking is to be able to specify the router configs, and having to talk to dozens of routers every time someone wants a block of IPs assigned is going to get onerous. That's why this person (and any sane person in a similar situation) would like a reasonably straightforward and central way of knowing what networks are (and can be) assigned where, and what the router configs should be.

Of course, after that I'd probably write a script to call up each router, compare their routing table

Re:

[necrogram]

that sounds all well and good, except when your network starts to get large and/or complicated. Take my campus. ~30 /24's (not all contiguously address) and and the rest of my network is pread over 4 VRF's (multipule routing instances). We took the route of delevoping an inhouse app to track it all.

When we put in the app we had 16 /24's on the campus and about 20 or so remote site's, it was a two month process getting everything documented and verified. I wouldnt want to try that today, and my net isnt

It's a joke!!! save your mod points, really

[drachenstern]

Exactly, 4*250 = 1000 and 250254 thus you should only have to count each finger 250 times to remember where you left off /sarcasm

IPplan

[yawble]

Hello 30 seconds on google:

http://iptrack.sourceforge.net/ [sourceforge.net]

Re:

[Anonymous Coward]

I've used IPplan in several instances to manage many thousands of addresses. Works well, will generate swips, DNS and DHCP config files, as well as running on most any platform.

Re:

[Builder]

I love it when someone asks for personal experience and advice, and someone else just points to some tool they found on google. No explanation of how good it is, no personal experience, but hey, I found it on Google so it must be good enough, right ?

justf'ingoogleit

[alienmole]

Part of the point is that these days, if the person asking a question like this does absolutely no research via a search engine, then they're really wasting everyone's time, and all they deserve is a link to www.justfuckinggoogleit.com [justfuckinggoogleit.com]. If you want to ask the question more seriously, then you look around for what you can find, and post a question that indicates that you've done some minimal amount of research before throwing yourself on the mercy of a random group of strangers.

Re:

[djlowe]

No, the REAL question is: Why was the article posted in the first place? It's pretty much "remedial TCP/IP network administration", in this day and age, and isn't "News for Nerds", nor "Stuff that Matters".

Which is basically what you said, but with much less tact :)

Regards,

dj

Dynamic Host Configuration Protocol

[Colin Smith]

Imagine using spreadsheets these days.

On top of DHCP, add Dynamic DNS and you're almost all set. Just make sure to use a DHCP and DNS server from the same producer, they're generally not 100% compatible with one-another if you don't. They might be 99% but that 1% creates a whole world of trouble.

 

Re:

[TheRealMindChild]

Or, you can simply use DNSMasq [thekelleys.org.uk]

Re:

[mikael]

What's wrong with DHCP and dynamically updated DNS?

You don't want users connecting their own systems onto the network whenever they feel like it. All PC's in our university have static IP's. And an alarm goes off whenever anyone as much as removes a single computer from the network. Even the cables from the router to the wall sockets are manually connected and disconnected. There are however, Wi-Fi areas for anyone who wishes to connect their laptops to the network, and users are free to use USB memory keys

Re:

[Anonymous Coward]

A decent DHCP server can easily be configured not to hand out addresses to anything. It can be configured to only hand out an address (dynamic or static, take your pick) to only a specific MAC address (or addresses).

>And an alarm goes off whenever anyone as much as removes a single computer from the network.

That'd be quite a bit of overhead, what with pinging every single machine constantly to check it's state. No DHCP server I've seen would do that, but with the open source DHCP servers, it wouldn't b

Re:

[zeugma-amp]

That works fine if you only have small systems where every box has one IP. What about the webservers where you are running 20-30 websites on a single box, or application servers with a similar number of unique IPs?

We've been dealing with spreadsheet hell at the company where I work for years now, and it is only getting worse. We've got huge multi-page spreadsheets with hundreds of nonroutable network subnets in them. Worst thing about this is that ultimately, the spreadsheets cannot really be trusted bec

Re:

[alienmole]

Just a tangential point, if you have 20-30 websites on a single box, you don't need more than 1 IP address unless you're either trying to pretend they're different machines for anyone who investigates, or are hosting for multiple customers and have agreed to give them each their own IP.

Re:

[mikael]

I should have added more detail - in the case of our room, we have medium sized locked cabinet mounted about 12 foor above the floor. Inside are there are couple of Nortel Network Baystack switches. Whenever a machine is added or removed from the room, the technicians come in, unlock the cabinet and connect a cable from the switches to the distributor box. We don't have the alarm system in our room, but the public computer rooms do... people get confused between the fire alarm and the 'someone's unplugged a

Re:

[mysidia]

User may just turn the computer off before unplugging it. Assign its former Ip address and MAC address to their personal computer's network interface, and plug it back into the network. It doesn't matter whether you run DHCP service or not, you are just as vulnerable to attack. (Presumably if you DO run DHCP service on all your systems, you use static assignments, and if the MAC address is not registered, and assigned an address, the system does not get an IP.)

Your choice of network protocols CAN'T s

Re:

[Anonymous Coward]

And an alarm goes off whenever anyone as much as removes a single computer from the network.

So, if a computer crashes hard or is turned off, you get paged? That's got to be very annoying when the number of systems is greater than 100.

Even the cables from the router to the wall sockets are manually connected and disconnected.

I've never seen an automatic cat5 cable connecting/disconnecting machine. Where can I buy one?

Re:

[flyingfsck]

Assign fixed addresses based on the MACs. Don't have a free pool.

Re:

[allaryin]

Precisely. Suddenly your dhcp server config == your ip list, and you get an audit of all mac addresses on the system for free out of the deal ;) That same list allows you to firewall out clients who've not yet registered for a "dynamic" ip. It also allows you to actually use dhcp for dynamic assignment of ip's for classes of clients who don't actually need "static" addresses.

Just like the average ask slashdot..

[WhatAmIDoingHere]

"Hey, Slashdot, I don't know how to do my job.. please help me. I could PROBABLY google around for 30-40 seconds and find a solution, and earning my paycheck by doing so.. but I figure I'll waste everyone's time."

Re:Just like the average ask slashdot..

[sk8king]

What an annoying comment....perhaps a troll.

Asking slashdot is informative for everyone. Sure, google may turn up a few thousand hits, but there may still be some gems hidden in there that slashdot can provide links to.

Maybe people will find a new version/product that they didn't know they wanted/needed.

Re:

[Anonymous Coward]

You're kidding, right?

Anyone who's had an IT position at a level slightly above Geeksquad tech would know to use DHCP/DNS. Anyone who's administered a home network I would assume knows how DHCP works.

Its questions like these that make me understand the perception on /. that the tech market is in the shitter. There's a boatload of morons who have no business working in IT, and the OP is a perfect example.

Re:

[Targon]

When you are looking at 1000 machines, it goes a bit beyond just using DHCP and DNS because of the routing that SHOULD be involved in that large of an environment. If you use a straight DHCP, you STILL need to set up a system to identify WHERE a given IP address might be as well, just in case something illegal or just against company policy is going on.

Dynamic is nice if you plan to be hands-off, but it CAN be a royal pain if you need to be responsible for the environment.

Re:Just like the average ask slashdot..

[Matt Perry]

"Hey, Slashdot, I don't know how to do my job.. please help me. I could PROBABLY google around for 30-40 seconds and find a solution, and earning my paycheck by doing so.. but I figure I'll waste everyone's time."

"Hey Slashdot, I'm good at my job but I don't know everything.. please help me. I've already googled around for at least an hour to see what solutions exist. Being a social and intelligent human being who doesn't live in a vacuum, I'd love to have a conversation with other administrators about what solutions they have found valuable. I'm hoping that I can learn something those who have already investigated these solutions. I want to learn from your experience and leave a public record on Slashdot for other people who might have the same need in the future."

Re:

[cepler]

You're new here aren't you?

Managing IPs / DNS

[bernywork]

This question has come up once [slashdot.org] or twice [slashdot.org] before.

The usual suspects for answers to this question are as follows:

NorthStar [brownkid.net], which is quite feature rich. "NorthStar is a system to help track and allocate blocks in an IP Network"

IPplan [sourceforge.net] which is another open source product.

And PHPip [freshmeat.net]

If you want to go commercial VitalQIP Enterprise [alcatel-lucent.com] could suit your needs quite well.

Berny

Re:

[Guido von Guido]

DNS doesn't keep track of subnets and assignments for you, and other miscellaneous information you might need. Yeah, you can kind of backload into it into DNS, but it ain't pretty. "Just ssh to wwww1-bigcustomer-25..." Also, individual departments or customers might have their own needs or desires for DNS. After a while, enough exceptions build up to make DNS much less valuable as a tracking/management system.

We rolled our own IP address management system. Postgres apparently has some IP-specific data typ

Re:

[anticypher]

These are some of the best tools out there, but none of them really are suited to managing large IP space allocations efficiently, or have the ability to produce clear reports for network managers configuring routers. None of them support IPv6 addresses (the QIP sales weasels kept making hollow promises, but now admit since the lucent/alcatel mutual ass-reaming, that the sun will go nova before it happens).

Northstar works for what it does, but it's abandonware. I guess the author graduated and no longer wor

Network management

[Colin Smith]

Is there a simple way to list and view the IP addresses used on my network?"

man fping. Though with 1000 nodes I'd be heading up to a network management system, something with autodiscovery. jffnms, opennms, zenoss or similar.

 

Re:

[flyingfsck]

Neat. I wasn't aware of fping and I like quick and dirty solutions.

One Word...

[consumer_whore]

NAT! Oh wait, never mind :(

Ubersmith Datacetner Edition

[casualsax3]

My company has been using Ubersmith Datacenter Edition (Uber DE, for those in the know) for a few months now - the IP management stuff they've integrated into the device manager is pretty slick to say the least. We've done the spreadsheet before, as well as North*, but neither of those options mesh well with any external systems. If you've got hardware/network stuff to manage as well (which I assume you do) give the Ubersmith guys a call. I don't think there's an online demo of DE yet (lame) but when we were interested in the system we called up and one of the developers gave us a walkthrough of a live build, explaining what was going on. http://www.ubersmith.com/ [ubersmith.com]

ummmm.... DNS...

[Fallen Kell]

It is pretty much what it was designed to do (i.e. manage all your IP addresses to Names). As a result, a good DNS application will manage ALL your subnets, virtual lans, static addresses, and DHCP addresses.

Personally I like Lucent's VitalQIP.

nmap and traceroute

[muftak]

You only need 2 tools for managing your address space.

Nmap - To see which addresses are in use and what the servers are doing.
Traceroute - To see where in your network the IP address is.

Also make sure your reverse DNS is updated when you assign an address to something important.

Cheops-NG

[ET_Fleshy]

I like Cheops-ng [sourceforge.net], though I'm not sure if that's exactly what you're looking for. Also, I wouldn't run it during peak business hours -- don't wanna clog those tubes ;)

Previous Ask Slashdot discussion

[josath]

Maybe you can find some useful info here, this topic came up about a year ago:
http://ask.slashdot.org/article.pl?sid=06/04/26/22 51224 [slashdot.org]

What's your environment like?

[jonabbey]

We designed some software that we use to manage our IP network, called Ganymede [utexas.edu]. It's designed to track data in a transactional object store, then turn around and re-build BIND files, NIS maps, and whatever other directory services data you care to manage with it. It's a bit unconventional, but if you need to be able to have full scripting control over your environment, it's really very powerful.

Drop me an email if you're interested in talking about it.

Using the right tool for the job

[Sloppy]

Previously, an Excel Spreadsheet has been sufficient enough for my needs

Awesome. By using a spreadsheet, you can "what if?" and see what would happen if you were to change a certain node's address, as the change instantly propogates through various calculations, ultimately altering that final cell either subtly, or drastically. You can even make a pie chart that shows the addresses!

But best of all, since it's not just a spreadsheet -- it's an Excel(TM) spreadsheet! -- you have the advantage of Microsoft's advanced proprietary technology. Pity the fool who has to settle for Lotus 1-2-3 to .. um .. record a list.

Stick with a spreadsheet. It's only 1000 nodes.

[amper]

Seriously. You have "just over 1000 nodes" to manage. Odds are, the vast majority of those are dynamically assigned (or they should be, so if they aren't, that's your first job). Of the ones that are left, I would venture to guess that the number is much smaller than 1000, and could probably be even smaller than you think given the availability of modern protocols like Zeroconf. After that, you need to consider how often those statically assigned devices are going to change, which is probably not very often

Re:

[amper]

I of course forgot to mention the most important point.

The first thing you want to nail down is a consistent convention for naming and numbering. Everything will fall right into place after that.

Depends on your needs...

[rivendahl]

I work for a large IT company managing well over 50,000 IP addresses. We looked at several off the shelf products, including VitalIP, but as we have a dynamic mix of DNS, DHCP, and hosts files, we could not reliably manage that many IPs in Access, Excel, or any off the shelf product (that we reviewed at the time; 2003). We already had an in-house developed app doing the job, so we just decided to modify it. Honestly, a few hours of Oracle development to create the tables, a week of VB.NET programming, an

Carnegie Mellon's NetReg

[vitroth]

Carnegie Mellon's NetReg [cmu.edu] is an open source system that provides a pretty complete IP Address Management toolset, including management of DNS & DHCP configurations for ISC bind/dhcpd.

Rather then just repeating what I said the last time the subject of IP Address Management came up on slashdot, I'll just link to it [slashdot.org].

Browse the NANOG archives

[Magic5Ball]

The subject is slightly below the charter, but many great links get posted.
http://www.nanog.org/mailinglist.html [nanog.org]

We use IPPlan

[amorsen]

IPPlan [sourceforge.net] is what we use. It is by far not perfect, and we have basically switched to doing most modifications directly into the (Postgres) database. IPPlan was developed for MySQL, so it doesn't use the IP address features of Postgres. We have added a few stored procedures which keep an extra column in ip4r format, for easier manipulation by other tools.

Why IPPlan? Because the other free alternatives are even worse.

Access Database

[sjipca]

I think a good solution to be is make one database with many queries and if you keep updating the main table the queries will change with it. You can use Between This Number and That Number so that only those IP Address would show up if this was me i'd set it up either by network node or Workstation Name.

Home Grown Sometimes Best

[pyite]

At Rutgers University [rutgers.edu], we have a home grown tool called NetDB that we use to manage IP allocations, assignment of networks to individual departments, corresponding DNS, and custom Access Control Lists. It works rather well. Network Operations allocates a network for a department and assigns it to the appropriate Network Contact Group (NCG). From that point, the people who have certain privileges on that NCG have the ability to add/remove DNS for it and create custom access lists. The tool knows what OSPF ar

Big Blue Tool

[mutterc]

I used to work at a certain large business machine company with their own class A. There was an internal website one could go to, "iptools". You entered info on who you were, your dept, type of machine, physical location, etc. and it would assign you an IP. It had tools for when you moved a machine from one subnet to another (like when moving buildings) as well.

There were monitoring machines that could tell when IPs were being used. If you didn't use a machine for a while (months?) you'd get an email from

IP Address Management

[ingerc]

To view and manage the IP addresses/subnets and IP space, I would recommend looking into an IP Address Management solution that would eliminate spreadsheet data entry. Address Commander by Incognito is one solution. It tracks organization-wide IP address space; links all IP addresses with business units and, regional offices, subscribers or other entities; centralizes address allocation policies; and automates the reporting and receipt of IP address space from RIR (ARIN/RIPE). Would that serve your purpose?

1000 nodes?

[nurb432]

Geesh.. that is nothing. try more like 100000 nodes like some of us..

You could manage 1000 on the back of a napkin almost.

Alternative to excel spread sheets

[bigredradio]

You could always try OpenOffice Calc.