IP Address Management (IPAM) is one of those mundane tasks that most IT pros probably don’t like to think about. Even so, it’s an important part of infrastructure management. You can easily run out of addresses without proper IP address management, making it impossible to deploy new devices. Virtualized environments only compound these problems.
In this article, I’ll show you some best practices to manage IP addresses in a virtualized environment. Although this article focuses on Microsoft virtualization, the basic principles apply to any virtualized environment.
Key Focus Areas
In any virtualized environment, you’re likely to use both static and dynamic IP addresses. Infrastructure servers like domain controllers and DNS servers often need static IP addresses. A static IP gives you benefits like better DNS support, reliable communication, reliable geo-location servers, and convenient remote access.
Conversely, dynamic IP addresses are better suited to more transient virtual machines though. The main benefits of dynamic IP addresses include easy automatic configuration, lower fees, unlimited IP addressing, and better physical security.
Having said all that, let’s go over some key best practices for both.
1. Dynamic IPAM
Dynamic IP Address Management is a relatively simple task. It would initially seem that if a company is already using DHCP servers to allocate IP addresses dynamically, nothing more can be done. That said, in a virtualized environment, it’s important to examine your IP address lease period.
I’ll explain below how you can adjust the DHCP lease period.
How to Adjust the DHCP Lease Period
The DHCP lease period refers to the time length a host may use an IP address before you must renew the address. Adjusting the lease period in a virtualized environment is important since virtual machines are often transitory.
Suppose that you have a virtual machine, and then you delete it an hour later. Even though that virtual machine no longer exists, it’s still consuming an IP address for the duration of the IP address lease period (the Windows Server default is usually 8 days).
Follow these steps to adjust the lease period for a DHCP server:
1. Open the DHCP console, expand the IPV4 container, and click on the scope, as shown in the image below.
![Screenshot of the DHCP console where Scope [10.0.0.0] Lab is selected under IPv4 container. The contents of the scope appear: Address Pool, Address Leases, Reservations, Scope Options, and Policies.](https://techgenix.com/tgwordpress/wp-content/uploads/2022/04/2-5.png)
2. Right-click the scope and choose the Properties command from the shortcut menu.
3. Configure the desired Lease Duration on the General tab when the Properties Sheet opens, as shown in the image below.
4. Click OK.
2. Static IPAM
When it comes to static IP Address Management, you might consider doing 2 things:
- Add a static address pool to Virtual Machine Manager (VMM), so you can allocate those addresses from within the VMM console.
- Make your IPAM server part of the VMM fabric instead of creating static pools within VMM if your organization uses Microsoft IPAM.
I’ll now guide you through the process of adding address pools to VMM.
How to Add Address Pools to Virtual Machine Manager
A VMM allows you to add a static address pool directly to a logical network. To do so, just follow these steps:
1. Open the VMM Console and select the Fabric workspace.
2. Select the Logical Networks container.
3. Click the Create IP Pool button, found in the taskbar.
4. Provide a name for your IP pool when the Create Static IP Address Pool Wizard opens and choose your logical network.
5. Click Next.
6. Follow the prompts to create a network site and choose the host groups that can use the IP addresses from the pool, as shown in the image below.
7. Click Next.
8. Specify the pool’s starting and ending IP address.
9. Click Next.
10. Enter the default Gateway address.
11. Click Next.
12. Enter your DNS Server address.
13. Click Next.
14. Enter a WINS server address (if you have a WINS server on your network).
15. Click Next.
16. Click Finish. The IP address pool will be created, as shown in the image below.
I’ll now take you through the process of integrating IPAM into VMM.
How to Integrate IPAM into Virtual Machine Manager
Microsoft IPAM is a native Windows Server tool that can help organizations manage IP addresses in a more automated way. Previously, you’d have to use a spreadsheet to track addresses. You can add an IPAM server to VMM in a roundabout way; complete the following steps to do so:
1. Open the Computer Management console on the IPAM server.
2. Create a new group called VMM Users.
3. Add the VMM User account to this group. You’ll need to create the VMM user account if it doesn’t already exist. This is commonly a Domain Account named VMMUser.
4. Open the IPAM console, click Access Control, then right-click Access Policies.
5. Click Add Access Policy.
6. Add the VMM User you created.
7. Click OK.
8. Click Access Settings, then click New.
9. Select the IPAM ASM Administrator Role from the drop-down list.
10. Ensure the Global Access Scope has been selected. Click Add Setting, then click OK.
11. Go back to the Users and Groups console and add the VMM user to the Remote Management Users group, as shown in the image below.
12. Open the VMM Console and select the Fabric workspace.
13. Click the Add Resources button and then choose Network Service.
14. Enter IPAM as the service name when the Add Network Service wizard begins.
15. Click Next.
16. Set Microsoft as the manufacturer on the Manufacturer and Model screen and choose the Microsoft Windows Server IP Address Management option from the Model drop-down, as shown in the image below.
17. Click Next.
18. Specify your RunAs account. Ensure the RunAs account matches the user account name you selected earlier.
19. Click Next.
20. Enter your IPAM server’s FQDN when prompted for a connection string.
21. Click Next until you reach the Gather Information screen.
22. Click Scan Provider and then click Next.
23. Select the Host Group you want to use.
24. Click Next, then Finish to complete the process.
Final Thoughts
IP addresses can quickly get out of hand, especially in a virtualized environment. Tracking IP addresses with a spreadsheet is no longer enough. Companies that use VMM should either create static IP address pools within the VMM console or link their IPAM server to VMM. Companies that use dynamic IP addresses should adjust their lease period to account for the frequent creation and destruction of virtual machines.
Got more questions about IPAM or VMM? Check the FAQs and Resources sections below.
FAQs
Does Microsoft IPAM automatically configure a server’s NIC with an IP address?
No, not by itself. IP address management (IPAM), however, makes it possible for you to enter and edit IP address data manually. You can also use a script to automate the process.
How can I get Microsoft IPAM?
IPAM is available in Windows Server 2016 and above. You can install it through Server Manager as a Windows Server feature using the Add Roles and Features wizard. You can also use Windows PowerShell to install Microsoft IPAM.
What is an optimal IP address lease period?
The optimal lease period will be different for every company. The lease period states the time period a device can use a specific IP address. That said, if you create and delete VMs frequently, you might consider setting the lease period to a few hours instead of days.
What is a WINS server?
WINS is the Windows Internet Naming Service. It’s a legacy Windows component that enables Windows to identify NetBIOS systems on a TCP/IP network. In any case, people rarely use it today.
Resources
Microsoft’s Static IP address Set Up Guide
Learn how to set up static IP address pools in VMM here.
Microsoft’s IPAM Server in VMM Article
Read more on how to set up an IPAM server in the VMM fabric here.
Microsoft’s PowerShell Examination Article
Find out how to use PowerShell to examine a VMM static IP address pool here.
TechGenix’s IP Address Security Article
Discover why an IP address might be tied to security issues here.
TechGenix’s IP Address Conflicts Article
Learn how to fix IP address conflicts in Windows here.
TechGenix’s Determine VMs IP Addresses With PowerShell Article
Discover how to use PowerShell to determine which IP addresses your VMs are using here.
