Overview

Managing IP Addresses entails being able to create assignable ranges within the available address space and determining which users and groups have usage rights to that space. The IP ranges can be created with specific properties that also determine the properties of the IP Addresses contained within them. 

In order to use the IP Address Management features in the Men & Mice Management Console, you must have entered the license key for the IPAM module.

Address (A) Records in DNS Zone Windows

When the IP Address management component is enabled, you may notice some differences when working with Address (A) records in DNS zone windows, such as:

Range Access

You can manage access to ranges just as you can for other object types in the Men & Mice Suite, but there is one important distinction – You can set Inherited Access for ranges.
When you open the Acess dialog box for a range, the dialog box has an extra section for inherited access:

Regarding other access settings, refer to  Administration Functions—Global Access .

Containers

A Container is a section of the address space that has been reserved but not yet allocated. Containers can contain address ranges and scopes and you can set address privileges for containers that can be applied to the enclosed ranges and scopes through access inheritance. You cannot allocate IP addresses from within a container unless you have enabled that functionality in System Settings.

When the user double clicks on a normal IP address range, the IP addresses within the range are shown. But when the user double clicks a container the properties for the container are shown.

Creating a Container

To create a Container, do the following:

  1. Select File, New, Container. The Container dialog box displays.
  2. Subnet. For IPv4 ranges you can enter the address range in a network/subnet notation, for example 192.168.1/24. For IPv6 ranges you must enter the range in a network/subnet.
  3. Title. Type the name you want to use for this Container. This name is for your convenience, so feel free to use whatever name you feel is appropriate.
  4. Description. Enter a comment for this Container.

Converting Ranges and Containers

A range that exists on network boundaries (a subnet) can be converted to a Container. Likewise, a Container can be converted to a range.
To convert a range to a Container:

  1. Right-click the range that you want to convert.
  2. From the shortcut menu, select Convert to Container.
  3. Click OK in the confirmation dialog box that appears.

To convert a Container to a range:

  1. Right-click the Container that you want to convert.
  2. From the shortcut menu, select Convert to IP Address Range.
  3. Click OK in the confirmation dialog box that appears.

Access

You can manage access to Containers just as you can for other object types in the Men & Mice Suite, but there is one important distinction – You can set Inherited Access for Containers.
When you open the Acess dialog box for a Container, the dialog box has an extra section for inherited access:

Regarding other access settings, refer to  Administration Functions—Global Access .

Container Utilization

 

When you open the properties dialog for a Container you can see how much of the Container has been allocated to subranges. This way, it is easy to see how much of the container is being utilized.

 

Rogue addresses

Since Containers should only directly contain other IP Address Ranges (or Containers), IP addresses that are directly under a Container are considered to be "rogue". This should be an indication that an IP address range definition is missing within the Container for these addresses. 

When a Container has rogue IP addresses, the Container icon will get a warning sign on it, and there will be a button in the Container properties to show the rogue IP addresses. Clicking that button opens up the container and lists out the rogue IP addresses in a similar way as when the user opens up a normal range.

Viewing IP Address Ranges

The IP Address Range view shows the section of the IP Address space that is accessible to the current user of the system. The Men & Mice Suite allows administrators to manage the IP Address space by dividing it into any number of named sub ranges that can be assigned to specific groups for use by its members.


As indicated by the icons there are two types of ranges listed:

You can choose between a flat and a hierarchical view for the Address Ranges scopes by selecting an appropriate button from the toolbar.  

You can also toggle between the views by selecting Toggle Hierarchical View from the Range menu.

If an Address range has no subranges, the utilization for the range is shown in the range list.

The IP Address Range view can display an indicator to show which gaps between IP Address ranges. This view is useful if you are looking for free segments in a fragmented IP Address space. When active, the view will display a thin blue line below a range if there is unallocated space between that range and the next range in the address space. To display the indicator, choose Show Trailing Gaps from the Range menu.

While viewing the IP Address ranges, the Quick Filter is available. When using the tree view while a filter is active, any parent ranges that don't fulfill the search criteria are displayed in gray to distinguish them from the found ranges. For example, in the image below, we searched for the string '0/26' and the only range found was '10.1.0.0./26'. However, to maintain the tree view, the parent ranges are shown even if they don't fulfill the search criteria.

 

New Ranges

To create a new IP Address range, do the following:

  1. Make sure that IP Address Ranges is selected in the left hand side of the Manager window.
  2. Click the Add button. The Properties dialog box displays.
  3. Enter the appropriate values in the Properties dialog box and click OK.

Once a non-reserved IP Address range has been created, it is considered to be managed. A managed IP Address range is being managed by the IP Address component of the Men & Mice Suite. When the range is managed, the Men & Mice Suite will allow users with appropriate privileges to work with IP Addresses from the range.
It is possible to create subranges of existing ranges and DHCP scopes.  NOTE:  When you create a new IP Address range, the Men & Mice Suite checks to see if the new range can be logically grouped with other address ranges, and adds the new range in the appropriate address range group.

Range Configuration

When configuring a new IP Address range, you must complete the Properties dialog box.

  1. In the Object list, right-click and, from the shortcut menu, select New IP Address Range. The New Range Properties dialog box displays. 
  2. Subnet. For IPv4 ranges you can enter the address range in a network/subnet notation, for example 192.168.1/24. You can also enter the address range using a from-to notation, for example 192.168.1.23-192.168.1.77. A range does not have to be defined on network boundaries. For IPv6 ranges you must enter the range in a network/subnet notation and the smallest network you can create is a /64. The actual range displays in the Usable IP Addresses field below. The network address and the broadcast address for the range are displayed below the Usable IP Addresses if the Range is a subnet checkbox is selected.  NOTE:  The boundaries of IP existing address ranges may not overlap.
  3. Title. Type the name you want to use for this IP Address range. This name is for your convenience, so feel free to use whatever name you feel is appropriate.
  4. Description. Enter a comment for this IP Address range.
  5. Reserve Network and Broadcast Address. This checkbox determines whether the user can use the first and last IP Address of the range when creating address records. If the address range is defined on actual network boundaries, you should leave this checkbox checked. If the address range you are defining is used for Administration boundaries rather than network boundaries, you should clear this checkbox.  NOTE:  This checkbox is disabled for IPv6 ranges.
  6. Locked. Select this checkbox if you want to lock this IP Address range. When an IP Address range is locked, Men & Mice Suite will not allow using IP Addresses from that range. This is useful if you want to lock a certain section of your IP Address block.
  7. Allow auto-assignment of IP Addresses. Select this checkbox if you want to allow automatically assigned IP Addresses from this IP Address range. If the checkbox is selected, and a user that has access to this address range creates an address record without entering an IP Address, Men & Mice Suite automatically assigns a free IP Address to the address record.  NOTE:  This checkbox is disabled for IPv6 ranges.

Range Modifications

Once you have created an IP Address Range, it is easy for you to make changes to that IP Address Range. You can do the following:

To modify an IP Address range, do the following:

  1. Right-click on the IP Address ranges.
  2. From the shortcut menu, select Properties.
  3. Make the desired changes.
  4. Click OK.

Range Deletions

You can always delete an IP Address Range definition. If you delete an IP Address Range, the IP Addresses that belonged to that range will get the attributes of the parent IP Address Range. If the range you are deleting has subranges, the subranges will become children of the unassigned ranges' parent.
Use the following procedure to delete an IP Address Range definition:

  1. Locate the IP Address Range you want to remove and right-click on it.
  2. From the shortcut menu, select Delete. A dialog prompts you to confirm your decision to delete this range
  3. Click OK to delete the range, or Cancel to leave it.

IP Address List

To view a list of host entries in a particular range, double-click on the IP Address Range. This opens the IP Address List Window where you can view and edit the properties of individual IP Address entries.

 

 

When the PTR Status for a host entry shows Verify, you can open the IP Address dialog box for the host to see more detailed information on which DNS host entry is generating this status message.  NOTE:  When working with large IP Address ranges (ranges that contain more than 4096 IP Addresses) the Show unassigned addresses will no longer be available and the IP Address List window will only display assigned IP Addresses.

IP Address Dialog Box

When you add or modify an existing entry, the IP Address dialog box displays. The entries in this dialog box can vary, depending on the license keys in use, whether the dialog box is accessed from a DHCP scope or an IP Address range, and if any custom properties have been defined (e.g., "Owner" is a custom property in the example shown below). 


DNS Hosts
. If a DNS license key is active, the IP Address dialog box will contain a DNS Hosts section where you can enter Address (A) records and related CNAME and TXT records. You can also add, edit, and remove hosts/related hosts from this screen. Refer to  IP Address Dialog Box . The PTR column in the list of DNS hosts shows the PTR status for each A or AAAA record. For more information on PTR status see the IP Address List section, above.
If a discovery schedule has been set for the subnet, the dialog box will show information on when the IP Address was last seen on the network:

If the IP Address is linked to a device, the name of the device is shown and a Show button displays. Click the Show button to open the Device Properties window for the device the IP Address is linked to.

Adding a DNS Host

As a shortcut, you can select a valid host name in any field, right-click and select Add Host.  The host is automatically added

  1. While viewing the IP Address dialog box, move to the DNS Hosts section, and click the Add button. The Add Host dialog box displays.

     
     

    If the number of available zones does not exceed 100, the Zone area of the window will be a drop-down list instead of the Browse button.

  2. In the Zone field, verify the zone selected is the zone to which you want to add a host. If not, click the Browse button. The Select zone dialog box displays, reflecting a list of available zones. 
  3. If desired, use the Quick filter to search for the desired item.
  4. Highlight the desired item, and click Select.
  5. When you return to the Add Host dialog box, the selected item is shown under the Zone heading.
  6. In the Name field, type the host name.
  7. Click OK. The dialog box closes and the Address record displays in the IP Address dialog box.

Editing a DNS Host

  1. Select the host details you want to edit.
  2. Double click the host entry you want to edit. A dialog box displays.
  3. Make the desired changes and click OK. The dialog box closes and the details are updated.

Removing a DNS Host

  1. Select the host you want to remove.
  2. Click Remove. The host details are deleted and removed from the list in the IP Address dialog box.

Adding a Related Host

  1. Click Add Related button. The Add Related Record dialog box displays.
     
  2. For the Name and Zone fields, refer to the steps found for  Adding a DNS Host .
  3. In the Type field, click the drop-down list and select the record type.
  1. Click OK. The dialog box closes and the related record displays in the IP Address dialog box.

Editing a Related Host

  1. Double click the related host you want to edit. The Modify Host dialog box displays.  NOTE:  It is not possible to edit all record types.
     
  2. Make the desired changes and click OK. The dialog box closes and the record is updated.

Removing a Related Host

  1. Select the related record you want to remove.
  2. Click Remove. The related record is deleted from the zone and removed from the list in the IP Address dialog box.

Moving IP Address Information

IP Address information can be moved to a new IP Address. When the IP Address information is moved, all information about the IP Address is retained, and the associated DNS records are updated.
To move a IP Address information, do the following:

  1. Locate the IP Address Range containing the IP Address.
  2. Double-click on it to display the list window.
  3. Find the applicable IP Address.
  4. Right-click and, from the shortcut menu, select Move.

     
  5. In the Move IP Address Information dialog box, type the new IP Address.

     
  6. Click OK. The IP Address information is moved to the new IP Address.

Split Range Wizard

This wizard allows you to create multiple subranges of an existing range. The wizard can only be used on ranges that exist on subnet boundaries and have no subranges already in place.

  1. From the object list, click on IP Address Ranges.
  2. From the list of ranges displayed right-click and, from the shortcut menu, select Split into Subranges. The Split range wizard displays.
  3. For each of the resulting screens, make a selection/entry and move through the wizard.

 

Update Reverse Records Wizard

This wizard allows you to create reverse DNS zones for selected ranges. The wizard can only be used on ranges that exist on subnet boundaries and contain 254 or more IP Addresses (/24 or larger)

  1. From the object list, click on IP Address Ranges.
  2. From the list of ranges displayed, select the ranges, right-click and, from the shortcut menu, select Update Reverse Records. The Reverse zone generation wizard displays.
  3. For each of the resulting screens, make a selection/entry and move through the wizard.

Allocate Ranges Wizard

This wizard allows you to create allocate a user-defined number of subranges from an existing range. The wizard can only be used on ranges that exist on subnet.

  1. From the object list, click on IP Address Ranges.
  2. From the list of ranges displayed right-click and, from the shortcut menu, select Allocate Ranges. The Allocate ranges wizard displays.
  3. Follow the instructions provided by the wizard to create the number of subranges that you need.

Join Ranges

This function allows you to select and join a number of ranges. The Join Ranges command is available if the selected ranges can be joined.

  1. Display the list of address ranges that you want to join.
  2. Select each of the desired ranges.
  3. Right-click and, from the shortcut menu, select Join Ranges.
      
    The Join Ranges dialog box displays.
  4. Use Access. Click the drop-down list and specify from which range you will gain access.
  5. Use Properties. Click the drop-down list and specify from which range you will use the properties.
  6. Title. Enter a title for this range.
  7. Description. Type a description.
     
  8. Click Join.

Select Parent

 
This function allows you to view the hierarchy for subnets when filtering is active.

  1. Locate the subrange for which you want to view the hierarchy.
  2. Right-click on the subrange and, from the shortcut menu, selects Parent. All available parent(s) are shown.
  3. Click on the parent and the system automatically moves you to that parent range.

Host Discovery

With this feature, you can see when hosts were last seen on your network. There are two methods you can use for host discovery – using ping or querying routers for host information.

Configuring Host Discovery Using Ping

  1. Select one or more IP Address Ranges.
  2. Right-click and, from the shortcut menu, select Set Discovery Schedule. The Schedule dialog box displays.
     
  3. Select the Enable discovery schedule option.
  4. Schedule ____ every ___ day(s)/week(s)/month(s). Click the drop-down list and select the frequency (e.g., Daily, Weekly, etc.) and the occurrences (e.g., 1 day, 2 weeks, etc.).
  5. At ____. Enter the time at which discovery should take place.
  6. Starting ____. Click the drop-down list and select the start date.
  7. Click OK.

Once the schedule options have been set and saved, a new column called, Last seen, identifies when a host last was last seen on the network.

 

The list of ranges contains a column that shows if a discovery schedule has been set for a range. The name of this column is Schedule. To quickly see all ranges that have a schedule set, you can use the Quick Filter and filter by this column by entering Schedule:Yes in the Quick Filter search field.
At any time if you wish to  disable  host discovery, do the following:

  1. Select the object(s) for which you want to disable discovery.
  2. Right-click and, from the shortcut menu, select Set Discovery Schedule. The Schedule dialog box displays.
  3. Uncheck the Enable discovery schedule option.
  4. Click OK.

Configuring Host Discovery by Querying Routers

It is possible to perform host discovery by performing SNMP queries on specified routers. SNMP v1, v2c and v3 is supported.

Before a router can be queried it must be placed in an SNMP profile. An SNMP profile contains the information necessary to access the SNMP information on the router. Note that multiple routers can share the same SNMP profile.

To create an SNMP profile:

  1. Select Tools, SNMP Profiles and click Add in the dialog box that appears. The SNMP Profile dialog box is displayed.

  2. Enter a profile name and choose the SNMP version to use. You can also specify a non-standard port to use for SNMP
  3. Enter the necessary information to access the router using SNMP. The information is different depending on the SNMP version selected.

    For SNMP v1 and v2c:

    CommunityEnter the SNMP community string (password) to use to access the routers using the profile.

    For SNMP v3:

    UsernameEnter a user name for accessing the routers using the profile.
    Authentication ProtocolChoose the authentication protocol to use. The available protocols are MD5 and SHA.
    Authentication Password

    Enter the authentication password for the routers using the profile.

    Encryption ProtocolChoose the encryption protocol to use. The available protocols are DES and AES.
    Encryption PasswordEnter the authentication password for the routers using the profile.
  4. Enter the IPv4 address of one or more routers that you want to query using this profile. Note that each router's IP address needs to be on a separate line in the text area. 
  5. Click OK to save the settings and close the dialog box.

You can edit an SNMP profile, for example if you want to add or remove routers from a profile.

To edit an SNMP profile:

  1. Select Tools, SNMP Profiles, select the SNMP profile you want do edit and click Edit in the dialog box that appears. The SNMP Profile dialog box is displayed for the selected entry.
  2. Make the required changes and click OK to save the changes and close the dialog box.

Subnet Discovery

The subnet discovery feature enables the Men & Mice Suite to obtain information about the subnets on the network through SNMP on the routers. The process is the same as when configuring host discovery, but to enable this feature, make sure the 'Synchronize subnets ...'  is checked. 

When this functionality is enabled, additional columns appear in the list of IP Address Ranges, which are updated automatically every time the subnet discovery is performed (by default every 15 minutes). When a subnet is no longer found on a router, it is not removed from Men & Mice, but the additional fields are cleared.

The fields/properties which are retrieved and synchronized are:

 

Remove from Folder

Removes the currently selected IP Address Range from the current folder. Once you remove a range, there is no "undo" option available.

  1. Highlight the range you want to remove.
  2. Right-click and, from the shortcut menu, select Remove from Folder. The range is removed.

Subnet Monitoring and Utilization History

The Subnet Monitoring is used to monitor the free addresses in subnets and DHCP address pools and perform an action if the number of free addresses goes below a user-definable threshold. In addition, the utilization history for the monitored subnets and scopes is collected and you can view and export the historical utilization data.
When Subnet Monitoring is enabled a global monitoring setting is applied to all subnets in the system. You can change the subnet monitoring settings for individual subnets and scopes, for example if you want to disable monitoring for a certain subnet or if you want to use a different threshold for the free addresses in a DHCP scope.  NOTE:  Only DHCP scopes that are enabled are monitored. Disabled scopes are ignored.

 

The Subnet Monitoring needs to be enabled in the System Settings before continuing. See the 'Monitoring' tab in System Settings.

Set Subnet Monitoring

To change the monitoring settings for a subnet:

  1. Select the subnet(s) for which you want to change the monitoring setting.

     
  2. Right-click and, from the shortcut menu, select Set Subnet Monitoring. The Subnet Monitoring dialog box displays.
  3. Enabled. When checked, the subnet will be monitored.
  4. Script to invoke. Enter the path of the script to run when the number of free addresses goes below the set threshold. Refer to External Scripts , for information on the script interface and the format for calling the script.
  5. E-mail addresses. Enter one or more e-mail addresses (separated by comma, e.g. email@example.com,email@example.net). An e-mail will be sent to the specified addresses when the number of free addresses goes below the set threshold.
  6. Dynamic Threshold. Enter the threshold for the free addresses in a DHCP scope address pool.  NOTE:  For split scopes and scopes in a superscope (on MS DHCP servers) and address pools using the shared-network feature on ISC DHCP servers, the total number of free addresses in all of the scope instances is used when calculating the number of free addresses.
  7. Static Threshold. Enter the threshold for the free addresses in a subnet.
  8. Only perform action once (until fixed). When checked, the action is performed only once when the number of free addresses goes below the threshold.
  9. Perform action when fixed. When checked, the action is performed when the number of free addresses is no longer below the threshold.
  10. Click OK to confirm your settings.

Removing Subnet Monitoring

You can clear the monitor setting for individual subnets if you want to use the global subnet monitoring setting. To clear a monitoring setting for a subnet:

  1. Select the subnet(s) for which you want to clear the monitoring setting.
  2. Right-click and, from the shortcut menu, select Remove Subnet Monitoring. The custom subnet monitoring setting is removed and the global monitoring setting is used instead.

View Utilization History

You can view the utilization history for a subnet or scope that is being monitored.
To view the utilization history:

  1. Select the subnet for which you want to view the utilization history.
  2. Right-click and, from the shortcut menu, select View Address Utilization. The Address Utilization window displays. 

Export Utilization History

You can export the utilization history for one or more subnets to the Clipboard or into a CSV file.

Multiple Address Spaces

The Men & Mice Suite supports multiple address spaces. Each address space instance contains its own set of DNS servers, DNS zones, DHCP servers, DHCP scopes, IP Address ranges (including the IPv4 and IPv6 root ranges), IP Address entries and object folders. Changes to data in one address space do not affect data in any other address space.
Items shared between address spaces are the user and group lists and custom property definitions.

Address Space Management

The Address Space Management dialog box allows you to create, modify or delete address spaces as well as set access privileges for existing address spaces. To access the Address Space Management dialog box, you must be logged in as the administrator user.

Switching to a Different Address Space

You can only work in one address space at a time. You can see the current address space in the Manager window, above the object list.
To switch to a different address space:

  1. Select the IP Address Ranges object in the object list in the Manager window.
  2. Select Ranges -> Switch Current Address Space. A dialog box listing all available address spaces displays.
  3. Select the address space you want to switch to and click the OK button.

Moving Objects to a Different Address Space

DNS servers, DHCP servers, IP Address ranges and individual IP Address entries can be moved between address spaces. When an object is moved between address spaces, all properties for the object are retained, including its access settings and change history. You must have the relevant administrator privileges to move objects do a different address space.
NOTE:  You cannot move folders between address spaces. Individua l DHCP scopes cannot be moved between address spaces, but when you move a DHCP server to a different address space, all of its DHCP scopes are moved as well. Likewise, you cannot move individual DNS zones to a different address space, but moving a DNS server to a different address space will move all of its zones as well.