A hands–on resource for rigorous, state–of–the–art management of today′s IP networks
Effective IP address management (IPAM) is a key ingredient in an enterprise or service provider IP network management strategy. The practice entails the application of network management disciplines to Internet Protocol (IP) address space and associated network services, namely Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS).
As a natural follow–up to the author′s previous book, Introduction to IP Address Management, this resource uniquely unifies all three foundational IP address management technologies, fully addressing their interrelationships and their cohesive management. It also describes the relevant protocols, configuration examples for the market–leading reference implementations from the Internet Systems Consortium (ISC), and techniques that can be employed to structure, monitor, secure, and manage them.
The first part of the book provides a detailed overview of IPv4, IPv6, and IP allocation and subnetting techniques. In the second, DHCP for IPv4 and IPv6 is reviewed, with explanations of applications that rely on DHCP (such as VoIP device provisioning, broadband access provisioning, and PXE client initialization), DHCP server deployment strategies, and DHCP and relevant network access security. The third part reviews the DNS protocol, DNS applications (such as name resolution, services location, ENUM, anti–spam techniques via black/white listing, and Sender ID), deployment strategies and associated configurations, and security.
Finally, the text brings together the preceding parts, discussing techniques for cohesively managing IP address space, including impacts to DHCP and DNS. Everyday IP address management functions are described including IP address allocation and assignment, renumbering, inventory assurance, fault management, performance monitoring, and disaster recovery as are coexistence strategies.
IP Address Management Principles and Practice utilizes realistic scenarios throughout to further enhance the learning process. It will educate readers responsible for managing IP address space and DHCP and DNS server configurations, such as IP network planners, engineers, and managers, including those who need to deploy IPv6 networks. It is also ideal for those responsible for managing an IP network with over 5,000 IP nodes, several DNS or DHCP servers, mixed DHCP and DNS vendor deployments, or IPv4 and IPv6.
PART I IP ADDRESSING.
1 THE INTERNET PROTOCOL.
1.1 Highlights of Internet Protocol History.
1.2 IP Addressing.
1.3 Classless Addressing.
1.4 Special Use Addresses.
2 INTERNET PROTOCOL VERSION 6 (IPv6).
2.2 IPv6 Address Allocations.
2.3 IPv6 Address Autoconfiguration.
2.4 Neighbor Discovery.
2.5 Reserved Subnet Anycast Addresses.
2.6 Required Host IPv6 Addresses.
3 IP ADDRESS ALLOCATION.
3.1 Address Allocation Logic.
3.2 IPv6 Address Allocation.
3.3 IPAM Worldwide′s IPv6 Allocations.
3.4 Internet Registries.
3.5 Multihoming and IP Address Space.
3.6 Block Allocation and IP Address Management.
PART II DHCP.
4 DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP).
4.2 DHCP Overview.
4.3 DHCP Servers and Address Assignmen.
4.4 DHCP Options.
4.5 Other Means of Dynamic Address Assignment.
5 DHCP FOR IPv6 (DHCPv6).
5.1 DHCP Comparison: IPv4 Versus IPv6.
5.2 DHCPv6 Address Assignment.
5.3 DHCPv6 Prefix Delegation.
5.4 DHCPv6 Support of Address Autoconfiguration.
5.5 Device Unique Identifiers.
5.6 Identity Associations.
5.7 DHCPv6 Options.
6 DHCP APPLICATIONS.
6.1 Multimedia Device Type Specific Configuration.
6.2 Broadband Subscriber Provisioning.
6.3 Related Lease Assignment or Limitation Applications.
6.4 Preboot Execution Environment Clients.
7 DHCP SERVER DEPLOYMENT STRATEGIES.
7.1 DHCP Server Platforms.
7.2 Centralized DHCP Server Deployment.
7.3 Distributed DHCP Server Deployment.
7.4 Server Deployment Design Considerations.
7.5 DHCP Deployment on Edge Devices.
8 DHCP AND NETWORK ACCESS SECURITY.
8.1 Network Access Control.
8.2 Alternative Access Control Approaches.
8.3 Securing DHCP.
PART III DNS.
9 THE DOMAIN NAME SYSTEM (DNS) PROTOCOL.
9.1 DNS Overview Domains and Resolution.
9.2 Name Resolution.
9.3 Zones and Domains.
9.4 Resolver Configuration.
9.5 DNS Message Format.
10 DNS APPLICATIONS AND RESOURCE RECORDS.
10.2 Name Address Lookup Applications.
10.3 Email and Antispam Management.
10.4 Security Applications.
10.5 Experimental Name Address Lookup Records.
10.6 Resource Record Summary.
11 DNS SERVER DEPLOYMENT STRATEGIES.
11.1 General Deployment Guidelines.
11.2 General Deployment Building Blocks.
11.3 External External Category.
11.4 External Internal Category.
11.5 Internal Internal Category.
11.6 Internal External Category.
11.7 Cross–Role Category.
11.8 Putting it All Together.
12 SECURING DNS (PART I).
12.1 DNS Vulnerabilities.
12.2 Mitigation Approaches.
12.3 Non–DNSSEC Security Records.
13 SECURING DNS (PART II): DNSSEC.
13.1 Digital Signatures.
13.2 DNSSEC Overview.
13.3 Configuring DNSSEC.
13.4 The DNSSEC Resolution Process.
13.5 Key Rollover.
PART IV IPAM INTEGRATION.
14 IP ADDRESS MANAGEMENT PRACTICES.
14.1 FCAPS Summary.
14.2 Common IP Management Tasks.
14.3 Configuration Management.
14.4 Fault Management.
14.5 Accounting Management.
14.6 Performance Management.
14.7 Security Management.
14.8 Disaster Recovery/Business Continuity.
14.9 ITIL Process Mappings.
15 IPv6 DEPLOYMENT AND IPv4 COEXISTENCE.
15.2 Dual–Stack Approach.
15.3 Tunneling Approaches.
15.4 Translation Approaches.
15.5 Application Migration.
15.6 Planning the IPv6 Deployment Process.
"This guide to Internet Protocol address management (IPAM) presents a practical, technical overview of each part of the IP environment and provides advice on best practices for creating an effective, integrated management plan . . . the work includes numerous illustrations and code examples and would be appropriate for advanced computer science students as well as network administrators and designers. Rooney is an IPAM expert and senior director for an IPAM consulting firm." (Booknews, 1 April 2011)
"Today, there is no single book that covers the management of these linkages and services they provide; IP Address Management Principles and Practice will fill that gap. While several books are available for leading vendors′ DHCP and DNS services implementations, few exist for IP address planning, and none exist that unifies these three topics." (Security @ ITBusiness Net.com, 28 February 2011)