Network Address Management for CompTIA Network+ N10-009

IPAM: centralized tracking and management of IP address space. Records which addresses are assigned (to what device, when, by whom), which are available, and which are reserved. Without IPAM, organizations rely on spreadsheets that quickly become inaccurate — leading to IP conflicts, duplicate assignments, and inability to scale.

IPAM features: subnet discovery (automatically finds used addresses via scanning or DHCP/DNS integration), allocation (assigns addresses from defined pools), tracking (records device, MAC, hostname, assignment date), utilization reporting (shows pool exhaustion approaching), integration with DHCP and DNS for automatic updates.

Static vs dynamic addressing: static IP = manually configured — used for servers, network infrastructure (routers, switches, printers) where a consistent address is required. Dynamic IP (DHCP) = automatically assigned — used for workstations, laptops, mobile devices. Best practice: reserve static IPs in the DHCP server to prevent dynamic assignment of statically-configured addresses; document all static assignments in IPAM.

DHCP reservations: within a DHCP scope, a specific MAC address is always assigned the same IP address. Combines the benefits of static (consistent IP) with dynamic (centrally managed). Used for printers, servers, and access points where the IP must be predictable but administration is centralized.

RFC 1918 private address space: 10.0.0.0/8 (16,777,214 hosts), 172.16.0.0/12 (1,048,574 hosts), 192.168.0.0/16 (65,534 hosts). Routable within your network; NAT translates to public addresses for internet access. APIPA: 169.254.0.0/16 — link-local, automatically assigned when DHCP fails.

Subnetting strategy: allocate subnets by function, location, and security zone. /24 subnets (254 hosts) are common for floor or department segments. /28 (14 hosts) or /30 (2 hosts) for point-to-point links and small segments. /32 for loopback and host routes. /64 is the standard IPv6 subnet for all LAN segments.

VLSM (Variable Length Subnet Masking): using different subnet mask sizes within the same address space to allocate exactly the right size for each segment — prevents wasting address space. A WAN link needing 2 hosts gets a /30; a server farm needing 50 hosts gets a /26.

Supernetting (CIDR aggregation): combining multiple contiguous subnets into a single summarized route. Reduces routing table size. Example: 192.168.0.0/24 through 192.168.3.0/24 summarized as 192.168.0.0/22.

NAT (Network Address Translation): translates private IP addresses to public IP addresses for internet access. Conserves public IPv4 address space. Types: SNAT (Source NAT / PAT — Port Address Translation): many internal hosts share one public IP, distinguished by source port — most common. DNAT (Destination NAT): maps an incoming public IP+port to an internal private IP+port — used for publishing internal servers. Static NAT: one-to-one mapping between a private and public IP.

NAT traversal issues: NAT breaks end-to-end connectivity (designed for TCP/UDP, not ICMP or protocols that embed IP addresses in the payload). IPsec in transport mode with NAT requires NAT-T (NAT Traversal) — encapsulates IPsec in UDP 4500 to survive NAT. SIP (VoIP) often has NAT traversal issues — SIP ALG on the router or STUN/TURN servers on the client side resolve this.

IPv6 and NAT: IPv6 was designed to eliminate NAT — every device gets a globally routable IPv6 address. IPv6 NAT (NPTv6) exists but is controversial and rarely used. During IPv6 transition, dual-stack (running both IPv4 with NAT and IPv6 without NAT) is the most common approach.