Standard Private IP Range Allocation Best Practices for Virtualization and Storage Networks


2 views

When designing network infrastructure for virtualization and storage systems, proper IP address allocation is crucial. The IETF has defined three main private IP ranges in RFC 1918:

10.0.0.0/8 (10.0.0.0 - 10.255.255.255)
172.16.0.0/12 (172.16.0.0 - 172.31.255.255) 
192.168.0.0/16 (192.168.0.0 - 192.168.255.255)

Most organizations follow these conventions for consistency:

// Typical segmentation example
10.0.0.0/16 - Management interfaces (iDRAC, iLO, IPMI)
10.1.0.0/16 - Virtualization hosts (vSphere, Hyper-V, KVM)
10.2.0.0/16 - Storage networks (iSCSI, NFS, Ceph)
172.16.0.0/24 - DMZ/internal services
192.168.0.0/24 - User workstations

For systems with public/private NICs:

# Example network interface configuration
auto eth0
iface eth0 inet static  # Public interface
    address 203.0.113.10
    netmask 255.255.255.0
    gateway 203.0.113.1

auto eth1
iface eth1 inet static  # Private management interface
    address 10.0.1.10
    netmask 255.255.255.0
    dns-nameservers 10.0.1.1

Allocate separate subnets for different virtualization components:

10.10.0.0/24 - vMotion/VM migration traffic
10.10.1.0/24 - Virtual machine networks
10.10.2.0/24 - Storage area network (SAN)
10.10.3.0/24 - Management interfaces

Proper subnet sizing is critical for scalability:

# Python subnet calculator example
import ipaddress

def calculate_subnets(base_network, new_prefix):
    network = ipaddress.ip_network(base_network)
    return list(network.subnets(new_prefix=new_prefix))

# Calculate /24 subnets from 10.0.0.0/16
subnets = calculate_subnets("10.0.0.0/16", 24)
print(f"Available subnets: {len(subnets)}")  # Output: 256

Always maintain IP address documentation:

# Sample IPAM database schema
CREATE TABLE ip_allocations (
    id SERIAL PRIMARY KEY,
    network CIDR NOT NULL,
    description TEXT,
    department VARCHAR(50),
    contact VARCHAR(100),
    date_allocated TIMESTAMP,
    last_modified TIMESTAMP
);

When designing network infrastructure for virtualization and storage systems, the three RFC 1918 private address ranges are fundamental:

  • 10.0.0.0/8 (16,777,216 hosts)
  • 172.16.0.0/12 (1,048,576 hosts)
  • 192.168.0.0/16 (65,536 hosts)

While there's no single mandated standard, these patterns have emerged as common practice:

# Common segmentation example
10.0.0.0/16    - Infrastructure management (iDRAC/iLO, switches, routers)
10.1.0.0/16    - Virtualization hosts (ESXi, Hyper-V, KVM)
10.2.0.0/16    - VM networks (production workloads)
10.3.0.0/16    - Storage networks (iSCSI, NFS, vSAN)
172.16.0.0/16  - Development/Test environments
192.168.0.0/24 - Guest wireless networks

For dual-NIC systems with public/private interfaces:

# Example network config for a hypervisor host
# Public interface (eth0)
auto eth0
iface eth0 inet static
    address 203.0.113.45
    netmask 255.255.255.0
    gateway 203.0.113.1

# Private interface (eth1) for storage
auto eth1
iface eth1 inet static
    address 10.3.1.101
    netmask 255.255.255.0
    mtu 9000  # Jumbo frames for storage
  • Allocate /24 subnets for most use cases - balances size and broadcast domains
  • Reserve the first 20-30 addresses for infrastructure (.1-.30)
  • Document all allocations in IPAM tools or spreadsheets
  • Leave room for expansion between subnets (e.g., 10.1.0.0/16, 10.2.0.0/16)

Typical medium enterprise implementation:

# Cisco switch configuration example
vlan 100
 name MGMT-NETWORK
vlan 200
 name VM-PRODUCTION
vlan 300
 name VM-DEVELOPMENT
vlan 400
 name STORAGE-ISCSI

interface Vlan100
 description Management Network
 ip address 10.0.1.1 255.255.255.0
!
interface Vlan200
 description Production VMs
 ip address 10.2.1.1 255.255.255.0

Implement these tools to maintain network hygiene:

  • IPAM solutions like phpIPAM or NetBox
  • Network documentation in Confluence or similar
  • Regular IP space audits (quarterly recommended)

Major cloud providers often require specific ranges:

# AWS VPC example with subnets
resource "aws_vpc" "main" {
  cidr_block = "10.0.0.0/16"
  
  tags = {
    Name = "Production VPC"
  }
}

resource "aws_subnet" "public" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.1.0/24"
  availability_zone = "us-east-1a"
}

resource "aws_subnet" "private" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.2.0/24"
  availability_zone = "us-east-1a"
}