Best Practice: Getting Your Addresses Right
By Peter Aylett, Archimedia Middle East.
192.168.0.1 – Does that look familiar? It should do, as that is probably the most common IP a...
By Peter Aylett, Archimedia Middle East.
192.168.0.1 – Does that look familiar? It should do, as that is probably the most common IP address on private networks globally. How many of you regularly use the 192.168.0.0/24 address range? As most home routers use this out of the box, there is a high likelihood that most people simply accept the standard settings. There is a case, however, for giving IP addressing much more consideration.
VPNs (Virtual Private Networks) are the most secure way to access a private network from the Internet. They will only work, however, if the IP address range of the home network (where the system is) is different from the network where the remote device is connecting from.
[caption id="attachment_4540" align="aligncenter" width="400"] VPNs (Virtual Private Networks) are the most secure way to access a private network from the Internet.[/caption]
Because the 192.168.0.0/24 range is so popular, try not to use this for your customer’s networks. Using something like 192.168.175.0/24 (this example changes the third octet from 0 to 175 although you can choose any number between 0 and 254) as that will minimise the chances of an IP address range conflict when using a VPN. The /24 after the addresses is the subnet mask. In these cases, the 24 refers to a 24-bit mask – you might recognise this as 255.255.255.0.
Decide upon your DHCP Range
On most systems that we install, we want to give some of the devices fixed (sometimes called static or manual addressing) IP addresses. This is so we can more easily communicate with them on a network. When doing this, it is critical that the DHCP (Dynamic Host Configuration Protocol) addresses given out by the DHCP server (usually part of the broadband router) do not conflict with any address given out manually. Don’t forget, the golden rule of IP networking is that EVERY device on a network must have a UNIQUE IP address. The router does not know that you have given a device a static address so you need to ensure that the router does not then give out this same address as a DHCP address.
[caption id="attachment_4539" align="aligncenter" width="498"] The DHCP addresses given out by the DHCP server should not conflict with any address given out manually.[/caption]
Set up the DHCP range of the router before you plug it into the network. I usually set up the DHCP range to be from 192.168.x.1 to 192.168.x.99 (replace the x with whatever you choose for the third octet) – this gives you 99 addresses for DHCP and leaves you with 153 addresses for static devices. Don’t forget, you cannot use 255 in the last octet for an address, as this is the broadcast address for the subnet. I usually put routers on 192.168.x.254, but that’s just me and is not a fixed rule.
Also, make sure that if you are using a wireless router as a wireless access point (WAP), the DHCP server on these devices is switched off. You need, and can only have, one DHCP server on a network. Please always ensure that network devices are configured BEFORE they are plugged into the network.
I consider designing an IP addressing scheme to be part of the design process for a system. As more control and streaming is done over IP, it is necessary to know fixed IP addresses in advance of installation so that equipment can be pre-configured and tested, as well as control system programs written. Never leave this until you are on site to consider, as this is where errors and IP address conflicts will happen.
Once designed, document everything and ensure that you leave this documentation permanently on site. Documentation should also include user names, passwords where appropriate, and any other essential configuration information.
Create a Company Addressing Policy
Consider creating a company policy where you reserve ranges of IP addresses for certain devices. The following is an example (but not necessarily a recommendation):
[caption id="attachment_4538" align="aligncenter" width="600"] Suggestion for a company policy on IP addresses to reserve for various devices.[/caption]
Having a structure such as this is useful for the following reason:
• When using a network scanner, groups of similar devices appear next to each other on the list. If there is a gap in the IP addresses that the scanner sees, you can quickly identify that a device might be offline.
• Your IP address documentation is far neater as it will group similar devices together.
• Troubleshooting becomes more fluent because addresses are more logical.
Note: there are some excellent free or inexpensive network scanners available. These are an essential part of your tool kit and make problem solving and diagnostics much easier. See
The Next Steps
Let’s face it, we do not install many systems that have more than 254 IP addressable devices. For those of you that do, you already probably employ a Cisco-certified individual to handle all of your network design, configuration and commissioning.
[caption id="attachment_4541" align="aligncenter" width="300"] Logo used by Cisco Certified Network Associates.[/caption]
IP is no longer the future, it’s the present. There are many excellent sources of ongoing education for IP such as CEDIA http://www.cediaeducation.com/networking-school,
and CompTIA http://certification.comptia.org/getCertified/certifications/network.aspx.
Although thinking about IP addressing might seem mundane, doing so is an essential part of every system design.
Peter Aylett is a world-renowned speaker and lecturer in residential technology, and the Technical Director at Archimedia, a multinational high-end residential integrator in The Middle East. He is also currently Chair of CEDIA’s International Technology Council Applied Content Action Team, and a regular contributor to HiddenWires.
Comments on this article are welcome. See below.