Standard Private IP Range Allocation Best Practices for Virtualization and Storage Networks


10 views

When designing network infrastructure for virtualization and storage systems, proper IP address allocation is crucial. The IETF has defined three main private IP ranges in RFC 1918:

10.0.0.0/8 (10.0.0.0 - 10.255.255.255)
172.16.0.0/12 (172.16.0.0 - 172.31.255.255) 
192.168.0.0/16 (192.168.0.0 - 192.168.255.255)

Most organizations follow these conventions for consistency:

// Typical segmentation example
10.0.0.0/16 - Management interfaces (iDRAC, iLO, IPMI)
10.1.0.0/16 - Virtualization hosts (vSphere, Hyper-V, KVM)
10.2.0.0/16 - Storage networks (iSCSI, NFS, Ceph)
172.16.0.0/24 - DMZ/internal services
192.168.0.0/24 - User workstations

For systems with public/private NICs:

# Example network interface configuration
auto eth0
iface eth0 inet static  # Public interface
    address 203.0.113.10
    netmask 255.255.255.0
    gateway 203.0.113.1

auto eth1
iface eth1 inet static  # Private management interface
    address 10.0.1.10
    netmask 255.255.255.0
    dns-nameservers 10.0.1.1

Allocate separate subnets for different virtualization components:

10.10.0.0/24 - vMotion/VM migration traffic
10.10.1.0/24 - Virtual machine networks
10.10.2.0/24 - Storage area network (SAN)
10.10.3.0/24 - Management interfaces

Proper subnet sizing is critical for scalability:

# Python subnet calculator example
import ipaddress

def calculate_subnets(base_network, new_prefix):
    network = ipaddress.ip_network(base_network)
    return list(network.subnets(new_prefix=new_prefix))

# Calculate /24 subnets from 10.0.0.0/16
subnets = calculate_subnets("10.0.0.0/16", 24)
print(f"Available subnets: {len(subnets)}")  # Output: 256

Always maintain IP address documentation:

# Sample IPAM database schema
CREATE TABLE ip_allocations (
    id SERIAL PRIMARY KEY,
    network CIDR NOT NULL,
    description TEXT,
    department VARCHAR(50),
    contact VARCHAR(100),
    date_allocated TIMESTAMP,
    last_modified TIMESTAMP
);

When designing network infrastructure for virtualization and storage systems, the three RFC 1918 private address ranges are fundamental:

  • 10.0.0.0/8 (16,777,216 hosts)
  • 172.16.0.0/12 (1,048,576 hosts)
  • 192.168.0.0/16 (65,536 hosts)

While there's no single mandated standard, these patterns have emerged as common practice:

# Common segmentation example
10.0.0.0/16    - Infrastructure management (iDRAC/iLO, switches, routers)
10.1.0.0/16    - Virtualization hosts (ESXi, Hyper-V, KVM)
10.2.0.0/16    - VM networks (production workloads)
10.3.0.0/16    - Storage networks (iSCSI, NFS, vSAN)
172.16.0.0/16  - Development/Test environments
192.168.0.0/24 - Guest wireless networks

For dual-NIC systems with public/private interfaces:

# Example network config for a hypervisor host
# Public interface (eth0)
auto eth0
iface eth0 inet static
    address 203.0.113.45
    netmask 255.255.255.0
    gateway 203.0.113.1

# Private interface (eth1) for storage
auto eth1
iface eth1 inet static
    address 10.3.1.101
    netmask 255.255.255.0
    mtu 9000  # Jumbo frames for storage
  • Allocate /24 subnets for most use cases - balances size and broadcast domains
  • Reserve the first 20-30 addresses for infrastructure (.1-.30)
  • Document all allocations in IPAM tools or spreadsheets
  • Leave room for expansion between subnets (e.g., 10.1.0.0/16, 10.2.0.0/16)

Typical medium enterprise implementation:

# Cisco switch configuration example
vlan 100
 name MGMT-NETWORK
vlan 200
 name VM-PRODUCTION
vlan 300
 name VM-DEVELOPMENT
vlan 400
 name STORAGE-ISCSI

interface Vlan100
 description Management Network
 ip address 10.0.1.1 255.255.255.0
!
interface Vlan200
 description Production VMs
 ip address 10.2.1.1 255.255.255.0

Implement these tools to maintain network hygiene:

  • IPAM solutions like phpIPAM or NetBox
  • Network documentation in Confluence or similar
  • Regular IP space audits (quarterly recommended)

Major cloud providers often require specific ranges:

# AWS VPC example with subnets
resource "aws_vpc" "main" {
  cidr_block = "10.0.0.0/16"
  
  tags = {
    Name = "Production VPC"
  }
}

resource "aws_subnet" "public" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.1.0/24"
  availability_zone = "us-east-1a"
}

resource "aws_subnet" "private" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.2.0/24"
  availability_zone = "us-east-1a"
}