{"product_id":"ip-address-management-isbn-9781119692270","title":"IP Address Management","description":"\u003cp\u003e\u003cb\u003eRediscover fundamental and advanced topics in IPAM, DNS, DHCP and other core networking technologies with this updated one-stop reference\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe thoroughly revised second edition of \u003ci\u003eIP Address Management\u003c\/i\u003e is the definitive reference for working with core IP management technologies, like address allocation, assignment, and network navigation via DNS. Accomplished professionals and authors Timothy Rooney and Michael Dooley offer readers coverage of recent IPAM developments in the world of cloud computing, Internet of Things (IoT), and security, as well as a comprehensive treatment of foundational concepts in IPAM.\u003c\/p\u003e \u003cp\u003eThe new edition addresses the way that IPAM needs and methods have evolved since the publication of the first edition. The book covers the impact of mainstream use of private and public cloud services, the maturation of IPv6 implementations, new DNS security approaches, and the proliferation of IoT devices. The authors have also reorganized the flow of the book, with much of the technical reference material appearing at the end and making for a smoother and simpler reading experience.\u003c\/p\u003e \u003cp\u003eThe 2nd edition of \u003ci\u003eIP Address Management\u003c\/i\u003e also covers topics like such as:\u003c\/p\u003e \u003cul\u003e \u003cli\u003eDiscussions about the fundamentals of Internet Protocol Address Management (IPAM), including IP addressing, address allocation and assignment, DHCP, and DNS\u003c\/li\u003e \u003cli\u003eAn examination of IPAM practices, including core processes and tasks, deployment strategies, IPAM security best-practices, and DNS security approaches\u003c\/li\u003e \u003cli\u003eA treatment of IPAM in the modern context, including how to adapt to cloud computing, the Internet of Things, IPv6, and new trends in IPAM\u003c\/li\u003e \u003cli\u003eA one-stop reference for IPAM topics, including IP addressing, DHCP, DNS, IPv6, and DNS security\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003ePerfect for IP network engineers and managers, network planners, network architects, and security engineers, the second edition of \u003ci\u003eIP Address Management\u003c\/i\u003e also belongs on the bookshelves of senior undergraduate and graduate students studying in networking, information technology, and computer security-related courses and programs.\u003c\/p\u003e \u003cp\u003ePreface xix\u003c\/p\u003e \u003cp\u003eAcknowledgments xxiii\u003c\/p\u003e \u003cp\u003eAbout the Authors xxv\u003c\/p\u003e \u003cp\u003ePart I IPAM Introduction 1\u003c\/p\u003e \u003cp\u003e\u003cb\u003e1 Introduction \u003c\/b\u003e\u003cb\u003e3\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIP Networking Overview 3\u003c\/p\u003e \u003cp\u003eIP Routing 6\u003c\/p\u003e \u003cp\u003eIP Addresses 7\u003c\/p\u003e \u003cp\u003eProtocol Layering 12\u003c\/p\u003e \u003cp\u003eOSI and TCP\/IP Layers 14\u003c\/p\u003e \u003cp\u003eTCP\/UDP Ports 15\u003c\/p\u003e \u003cp\u003eIntra-Link Communications 15\u003c\/p\u003e \u003cp\u003eAre We on the Same Link? 17\u003c\/p\u003e \u003cp\u003eLimiting Broadcast Domains 18\u003c\/p\u003e \u003cp\u003eInterlink Communications 19\u003c\/p\u003e \u003cp\u003eWorldwide IP Communications 20\u003c\/p\u003e \u003cp\u003eDynamic Routing 22\u003c\/p\u003e \u003cp\u003eRouters and Subnets 24\u003c\/p\u003e \u003cp\u003eAssigning IP addresses 25\u003c\/p\u003e \u003cp\u003eThe Human Element 26\u003c\/p\u003e \u003cp\u003eWhy Manage IP Space? 26\u003c\/p\u003e \u003cp\u003eBasic IPAM Approaches 27\u003c\/p\u003e \u003cp\u003eEarly History 27\u003c\/p\u003e \u003cp\u003eToday’s IP Networks and IP Management Challenges 28\u003c\/p\u003e \u003cp\u003e\u003cb\u003e2 IP Addressing \u003c\/b\u003e\u003cb\u003e31\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eInternet Protocol History 31\u003c\/p\u003e \u003cp\u003eThe Internet Protocol, Take 1 32\u003c\/p\u003e \u003cp\u003eClass-Based Addressing 32\u003c\/p\u003e \u003cp\u003eInternet Growing Pains 35\u003c\/p\u003e \u003cp\u003ePrivate Address Space 38\u003c\/p\u003e \u003cp\u003eClassless Addressing 40\u003c\/p\u003e \u003cp\u003eSpecial Use IPv4 Addresses 40\u003c\/p\u003e \u003cp\u003eThe Internet Protocol, Take 2 41\u003c\/p\u003e \u003cp\u003eIPv6 Address Types and Structure 42\u003c\/p\u003e \u003cp\u003eIPv6 Address Notation 43\u003c\/p\u003e \u003cp\u003eAddress Structure 45\u003c\/p\u003e \u003cp\u003eIPv6 Address Allocations 46\u003c\/p\u003e \u003cp\u003e2000::\/3 – Global Unicast Address Space 47\u003c\/p\u003e \u003cp\u003efc00::\/7 – Unique Local Address Space 47\u003c\/p\u003e \u003cp\u003efe80::\/10 – Link Local Address Space 47\u003c\/p\u003e \u003cp\u003eff00::\/8 – Multicast Address Space 48\u003c\/p\u003e \u003cp\u003eSpecial Use IPv6 Addresses 48\u003c\/p\u003e \u003cp\u003eIPv4–IPv6 Coexistence 49\u003c\/p\u003e \u003cp\u003e\u003cb\u003e3 IP Address Assignment \u003c\/b\u003e\u003cb\u003e51\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAddress Planning 51\u003c\/p\u003e \u003cp\u003eRegional Internet Registries 51\u003c\/p\u003e \u003cp\u003eRIR Address Allocation 53\u003c\/p\u003e \u003cp\u003eAddress Allocation Efficiency 54\u003c\/p\u003e \u003cp\u003eMulti-Homing and IP Address Space 55\u003c\/p\u003e \u003cp\u003eEndpoint Address Allocation 58\u003c\/p\u003e \u003cp\u003eServer-based Address Allocation Using DHCP 58\u003c\/p\u003e \u003cp\u003eDHCP Servers and Address Assignment 61\u003c\/p\u003e \u003cp\u003eDevice Identification by Class 62\u003c\/p\u003e \u003cp\u003eDHCP Options 62\u003c\/p\u003e \u003cp\u003eDHCP for IPv6 (DHCPv6) 62\u003c\/p\u003e \u003cp\u003eDHCP Comparison IPv4 vs. IPv6 63\u003c\/p\u003e \u003cp\u003eDHCPv6 Address Assignment 64\u003c\/p\u003e \u003cp\u003eDHCPv6 Prefix Delegation 65\u003c\/p\u003e \u003cp\u003eDevice Unique Identifiers (DUIDs) 66\u003c\/p\u003e \u003cp\u003eIdentity Associations (IAs) 66\u003c\/p\u003e \u003cp\u003eDHCPv6 Options 67\u003c\/p\u003e \u003cp\u003eIPv6 Address Autoconfiguration 67\u003c\/p\u003e \u003cp\u003eNeighbor Discovery 68\u003c\/p\u003e \u003cp\u003eModified EUI-64 Interface Identifiers 69\u003c\/p\u003e \u003cp\u003eOpaque Interface IDs 69\u003c\/p\u003e \u003cp\u003eReserved Interface IDs 72\u003c\/p\u003e \u003cp\u003eDuplicate Address Detection (DAD) 72\u003c\/p\u003e \u003cp\u003e\u003cb\u003e4 Navigating the Internet with DNS \u003c\/b\u003e\u003cb\u003e75\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDomain Hierarchy 75\u003c\/p\u003e \u003cp\u003eName Resolution 76\u003c\/p\u003e \u003cp\u003eResource Records 80\u003c\/p\u003e \u003cp\u003eZones and Domains 81\u003c\/p\u003e \u003cp\u003eDissemination of Zone Information 83\u003c\/p\u003e \u003cp\u003eReverse Domains 84\u003c\/p\u003e \u003cp\u003eIPv6 Reverse Domains 89\u003c\/p\u003e \u003cp\u003eAdditional Zones 91\u003c\/p\u003e \u003cp\u003eRoot Hints 91\u003c\/p\u003e \u003cp\u003eLocalhost Zones 92\u003c\/p\u003e \u003cp\u003eDNS Update 92\u003c\/p\u003e \u003cp\u003e\u003cb\u003e5 IPAM Technology Applications \u003c\/b\u003e\u003cb\u003e93\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDHCP Applications 93\u003c\/p\u003e \u003cp\u003eDevice Type Specific Configuration 94\u003c\/p\u003e \u003cp\u003eBroadband Subscriber Provisioning 95\u003c\/p\u003e \u003cp\u003eRelated Lease Assignment or Limitation Applications 101\u003c\/p\u003e \u003cp\u003ePre-Boot Execution Environment (PXE) clients 102\u003c\/p\u003e \u003cp\u003ePPP\/RADIUS Environments 103\u003c\/p\u003e \u003cp\u003eMobile IP 104\u003c\/p\u003e \u003cp\u003ePopular DNS Applications 105\u003c\/p\u003e \u003cp\u003eHost Name and IP Address Resolution 106\u003c\/p\u003e \u003cp\u003eA – IPv4 Address Record 107\u003c\/p\u003e \u003cp\u003eAAAA – IPv6 address record 107\u003c\/p\u003e \u003cp\u003ePTR – Pointer Record 107\u003c\/p\u003e \u003cp\u003eAlias Host Name Resolutions 108\u003c\/p\u003e \u003cp\u003eCNAME – Canonical Name Record 108\u003c\/p\u003e \u003cp\u003eNetwork Services Location 108\u003c\/p\u003e \u003cp\u003eSRV – Services Location Record 109\u003c\/p\u003e \u003cp\u003eTextual Information Lookup 110\u003c\/p\u003e \u003cp\u003eTXT – Text Record 110\u003c\/p\u003e \u003cp\u003eMany More Applications 110\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart II IPAM Mechanics \u003c\/b\u003e\u003cb\u003e111\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003e6 IP Management Core Tasks \u003c\/b\u003e\u003cb\u003e113\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIPAM Is Foundational 113\u003c\/p\u003e \u003cp\u003eImpacts of Inadequate IPAM Practice 114\u003c\/p\u003e \u003cp\u003eIPAM Is Core to Network Management 115\u003c\/p\u003e \u003cp\u003eFCAPS Summary 116\u003c\/p\u003e \u003cp\u003eConfiguration Management 117\u003c\/p\u003e \u003cp\u003eAddress Allocation Considerations 118\u003c\/p\u003e \u003cp\u003eAddress Allocation Tasks 120\u003c\/p\u003e \u003cp\u003eIP Address Assignment 133\u003c\/p\u003e \u003cp\u003eAddress Deletion Tasks 135\u003c\/p\u003e \u003cp\u003eAddress Renumbering or Movement Tasks 136\u003c\/p\u003e \u003cp\u003eNetwork Services Configuration 140\u003c\/p\u003e \u003cp\u003eFault Management 143\u003c\/p\u003e \u003cp\u003eMonitoring and Fault Detection 143\u003c\/p\u003e \u003cp\u003eTroubleshooting and Fault Resolution 144\u003c\/p\u003e \u003cp\u003eAccounting Management 147\u003c\/p\u003e \u003cp\u003eInventory Assurance 147\u003c\/p\u003e \u003cp\u003ePerformance Management 151\u003c\/p\u003e \u003cp\u003eServices Monitoring 151\u003c\/p\u003e \u003cp\u003eAddress Capacity Management 152\u003c\/p\u003e \u003cp\u003eAuditing and Reporting 152\u003c\/p\u003e \u003cp\u003eSecurity Management 153\u003c\/p\u003e \u003cp\u003eITIL® Process Mappings 153\u003c\/p\u003e \u003cp\u003eITIL Practice Areas 154\u003c\/p\u003e \u003cp\u003eConclusion 162\u003c\/p\u003e \u003cp\u003e\u003cb\u003e7 IPv6 Deployment \u003c\/b\u003e\u003cb\u003e163\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIPv6 Deployment Process Overview 164\u003c\/p\u003e \u003cp\u003eIPv6\u003c\/p\u003e \u003cp\u003eAddress Plan Objectives 165\u003c\/p\u003e \u003cp\u003eIPv6 Address Plan Examples 166\u003c\/p\u003e \u003cp\u003eCase 1 166\u003c\/p\u003e \u003cp\u003eObservations 168\u003c\/p\u003e \u003cp\u003eCase 2 169\u003c\/p\u003e \u003cp\u003eObservations 169\u003c\/p\u003e \u003cp\u003eGeneral IPv6 Address Plan Guidelines 170\u003c\/p\u003e \u003cp\u003eULA Considerations 171\u003c\/p\u003e \u003cp\u003eRenumbering Impacts 172\u003c\/p\u003e \u003cp\u003eIPv4–IPv6 Coexistence Technologies 173\u003c\/p\u003e \u003cp\u003eDual Stack Approach 173\u003c\/p\u003e \u003cp\u003eDual Stack Deployment 174\u003c\/p\u003e \u003cp\u003eDNS Considerations 174\u003c\/p\u003e \u003cp\u003eDHCP Considerations 175\u003c\/p\u003e \u003cp\u003eTunneling Approaches 176\u003c\/p\u003e \u003cp\u003eTunneling Scenarios for IPv6 Packets over IPv4 Networks 176\u003c\/p\u003e \u003cp\u003eDual-Stack Lite 177\u003c\/p\u003e \u003cp\u003eLightweight 4over6 181\u003c\/p\u003e \u003cp\u003eMapping of Address and Port with Encapsulation (MAP-E) 181\u003c\/p\u003e \u003cp\u003eAdditional Tunneling Approaches 183\u003c\/p\u003e \u003cp\u003eTranslation Approaches 184\u003c\/p\u003e \u003cp\u003eIP\/ICMP Translation 185\u003c\/p\u003e \u003cp\u003eAddress Translation 186\u003c\/p\u003e \u003cp\u003ePacket Fragmentation Considerations 187\u003c\/p\u003e \u003cp\u003eIP Header Translation Algorithm 188\u003c\/p\u003e \u003cp\u003eBump in the Host (BIH) 189\u003c\/p\u003e \u003cp\u003eNetwork Address Translation for IPv6–IPv4 (NAT64) 192\u003c\/p\u003e \u003cp\u003eNAT64 and DNS64 193\u003c\/p\u003e \u003cp\u003e464XLAT 195\u003c\/p\u003e \u003cp\u003eMapping of Address and Port with Translation (MAP-T) 195\u003c\/p\u003e \u003cp\u003eOther Translation Techniques 196\u003c\/p\u003e \u003cp\u003ePlanning Your IPv6 Deployment Process 197\u003c\/p\u003e \u003cp\u003e\u003cb\u003e8 IPAM for the Internet of Things 201\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIoT Architectures 201\u003c\/p\u003e \u003cp\u003e6LoWPAN 203\u003c\/p\u003e \u003cp\u003eSummary 209\u003c\/p\u003e \u003cp\u003e\u003cb\u003e9 IPAM in the Cloud \u003c\/b\u003e\u003cb\u003e211\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIPAM VNFs 212\u003c\/p\u003e \u003cp\u003eCloud IPAM Concepts 212\u003c\/p\u003e \u003cp\u003eIP Initialization Process 212\u003c\/p\u003e \u003cp\u003eIP Initialization Implementation 213\u003c\/p\u003e \u003cp\u003eDHCP Method 214\u003c\/p\u003e \u003cp\u003ePrivate Cloud Static Method 216\u003c\/p\u003e \u003cp\u003ePublic Cloud Static Method 218\u003c\/p\u003e \u003cp\u003eCloud Automation with APIs 218\u003c\/p\u003e \u003cp\u003eMulti-Cloud IPAM 220\u003c\/p\u003e \u003cp\u003ePrivate Cloud Automation 221\u003c\/p\u003e \u003cp\u003ePublic Cloud Automation 223\u003c\/p\u003e \u003cp\u003eIPAM Automation Benefits 223\u003c\/p\u003e \u003cp\u003eUnifying IPAM Automation 224\u003c\/p\u003e \u003cp\u003eStreamlined Subnet Allocation Workflow 226\u003c\/p\u003e \u003cp\u003eWorkflow Realization 230\u003c\/p\u003e \u003cp\u003eTips for Defining Workflows 233\u003c\/p\u003e \u003cp\u003eAutomation Scenarios 234\u003c\/p\u003e \u003cp\u003eIntra-IPAM Automation 234\u003c\/p\u003e \u003cp\u003eDHCP Server Configuration 235\u003c\/p\u003e \u003cp\u003eDNS Server Configuration 236\u003c\/p\u003e \u003cp\u003eSubnet Assignment 236\u003c\/p\u003e \u003cp\u003eIP Address Assignment Request 236\u003c\/p\u003e \u003cp\u003eExtra-IPAM Workflow Examples 237\u003c\/p\u003e \u003cp\u003eRegional Internet Registry Reporting 237\u003c\/p\u003e \u003cp\u003eRouter Configuration Provisioning 238\u003c\/p\u003e \u003cp\u003eCustomer Provisioning 238\u003c\/p\u003e \u003cp\u003eAsset Inventory Integration 238\u003c\/p\u003e \u003cp\u003eTrouble Ticket Creation 239\u003c\/p\u003e \u003cp\u003eSummary 239\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart III IPAM and Security \u003c\/b\u003e\u003cb\u003e241\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003e10 IPAM Services Security \u003c\/b\u003e\u003cb\u003e243\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSecuring DHCP 244\u003c\/p\u003e \u003cp\u003eDHCP Service Availability 244\u003c\/p\u003e \u003cp\u003eDHCP Server\/OS Attacks 244\u003c\/p\u003e \u003cp\u003eDHCP Server\/OS Attack Mitigation 245\u003c\/p\u003e \u003cp\u003eDHCP Service Threats 245\u003c\/p\u003e \u003cp\u003eDHCP Threat Mitigation 246\u003c\/p\u003e \u003cp\u003eDHCP Authentication and Encryption 247\u003c\/p\u003e \u003cp\u003eDNS Infrastructure Risks and Attacks 248\u003c\/p\u003e \u003cp\u003eDNS Service Availability 249\u003c\/p\u003e \u003cp\u003eDNS Server\/OS Attacks 249\u003c\/p\u003e \u003cp\u003eDNS Server\/OS Attack Mitigation 250\u003c\/p\u003e \u003cp\u003eDNS Service Denial 250\u003c\/p\u003e \u003cp\u003eDistributed Denial of Service 251\u003c\/p\u003e \u003cp\u003eBogus Domain Queries 251\u003c\/p\u003e \u003cp\u003ePseudorandom Subdomain Attacks 252\u003c\/p\u003e \u003cp\u003eDenial of Service Mitigation 253\u003c\/p\u003e \u003cp\u003eReflector Style Attacks 253\u003c\/p\u003e \u003cp\u003eReflector Attack Mitigation 254\u003c\/p\u003e \u003cp\u003eAuthoritative Poisoning 254\u003c\/p\u003e \u003cp\u003eAuthoritative Poisoning Mitigation 255\u003c\/p\u003e \u003cp\u003eResolver Redirection Attacks 256\u003c\/p\u003e \u003cp\u003eResolver Attack Defenses 256\u003c\/p\u003e \u003cp\u003eSecuring DNS Transactions 257\u003c\/p\u003e \u003cp\u003eCache Poisoning Style Attacks 257\u003c\/p\u003e \u003cp\u003eCache Poisoning Mitigation 259\u003c\/p\u003e \u003cp\u003eDNSSEC Overview 259\u003c\/p\u003e \u003cp\u003eThe DNSSEC Resolution Process 260\u003c\/p\u003e \u003cp\u003eNegative Trust Anchors 262\u003c\/p\u003e \u003cp\u003eDNSSEC Deployment 263\u003c\/p\u003e \u003cp\u003eLast Mile Protection 264\u003c\/p\u003e \u003cp\u003eDNS Cookies 264\u003c\/p\u003e \u003cp\u003eDNS Encryption 264\u003c\/p\u003e \u003cp\u003eDNS Over TLS (DoT) 264\u003c\/p\u003e \u003cp\u003eDNS Over HTTPS (DoH) 265\u003c\/p\u003e \u003cp\u003eEncryption Beyond the Last Mile 267\u003c\/p\u003e \u003cp\u003e\u003cb\u003e11 IPAM and Network Security \u003c\/b\u003e\u003cb\u003e269\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSecuring Network Access 269\u003c\/p\u003e \u003cp\u003eDiscriminatory Address Assignment with DHCP 269\u003c\/p\u003e \u003cp\u003eDHCP Lease Query 274\u003c\/p\u003e \u003cp\u003eAlternative Access Control Approaches 275\u003c\/p\u003e \u003cp\u003eLayer 2 Switch Alerting 275\u003c\/p\u003e \u003cp\u003e802.1X 276\u003c\/p\u003e \u003cp\u003eSecuring the Network Using IPAM 277\u003c\/p\u003e \u003cp\u003eIP-Based Security Policies (ACLs, etc.) 277\u003c\/p\u003e \u003cp\u003eMalware Detection Using DNS 277\u003c\/p\u003e \u003cp\u003eMalware Proliferation Techniques 278\u003c\/p\u003e \u003cp\u003ePhishing 279\u003c\/p\u003e \u003cp\u003eSpear Phishing 279\u003c\/p\u003e \u003cp\u003eSoftware Downloads 279\u003c\/p\u003e \u003cp\u003eFile Sharing 279\u003c\/p\u003e \u003cp\u003eEmail Attachments 280\u003c\/p\u003e \u003cp\u003eWatering Hole Attack 280\u003c\/p\u003e \u003cp\u003eReplication 280\u003c\/p\u003e \u003cp\u003eBrute Force 280\u003c\/p\u003e \u003cp\u003eMalware Examples 280\u003c\/p\u003e \u003cp\u003eMalware Mitigation 281\u003c\/p\u003e \u003cp\u003eDNS Firewall 282\u003c\/p\u003e \u003cp\u003eDNS Firewall Policy Precedence 284\u003c\/p\u003e \u003cp\u003eLogging Configuration 285\u003c\/p\u003e \u003cp\u003eOther Attacks that Leverage DNS 285\u003c\/p\u003e \u003cp\u003eNetwork Reconnaissance 285\u003c\/p\u003e \u003cp\u003eNetwork Reconnaissance Defenses 286\u003c\/p\u003e \u003cp\u003eDNS Rebinding Attack 287\u003c\/p\u003e \u003cp\u003eData Exfiltration 287\u003c\/p\u003e \u003cp\u003eData Exfiltration Mitigation 287\u003c\/p\u003e \u003cp\u003eDNS as Data Transport (Tunneling) 288\u003c\/p\u003e \u003cp\u003eAdvanced Persistent Threats 289\u003c\/p\u003e \u003cp\u003eAdvanced Persistent Threats Mitigation 290\u003c\/p\u003e \u003cp\u003e\u003cb\u003e12 IPAM and Your Internet Presence \u003c\/b\u003e\u003cb\u003e291\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIP Address Space Integrity 291\u003c\/p\u003e \u003cp\u003ePublicizing\u003c\/p\u003e \u003cp\u003eYour Public Namespace 292\u003c\/p\u003e \u003cp\u003eDomain Registries and Registrars 292\u003c\/p\u003e \u003cp\u003eDNS Hosting Providers 294\u003c\/p\u003e \u003cp\u003eSigning Your Public Namespace 295\u003c\/p\u003e \u003cp\u003eDNSSEC Zone Signing 295\u003c\/p\u003e \u003cp\u003eKey Rollover 296\u003c\/p\u003e \u003cp\u003ePrepublish Rollover 297\u003c\/p\u003e \u003cp\u003eDual Signature Rollover 298\u003c\/p\u003e \u003cp\u003eAlgorithm Rollover 299\u003c\/p\u003e \u003cp\u003eKey Security 301\u003c\/p\u003e \u003cp\u003eEnhancing Internet Application Encryption Integrity 302\u003c\/p\u003e \u003cp\u003eDNS-Based Authentication of Named Entities (DANE) 303\u003c\/p\u003e \u003cp\u003eSecuring Email with DNS 305\u003c\/p\u003e \u003cp\u003eEmail and DNS 305\u003c\/p\u003e \u003cp\u003eDNS Block Listing 306\u003c\/p\u003e \u003cp\u003eSender Policy Framework (SPF) 307\u003c\/p\u003e \u003cp\u003eDomain Keys Identified Mail (DKIM) 307\u003c\/p\u003e \u003cp\u003eDomain-Based Message Authentication, Reporting, and Conformance (DMARC) 308\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart IV IPAM in Practice \u003c\/b\u003e\u003cb\u003e311\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003e13 IPAM Use Case \u003c\/b\u003e\u003cb\u003e313\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIntroduction 313\u003c\/p\u003e \u003cp\u003eIPv4 Address Allocation 316\u003c\/p\u003e \u003cp\u003eFirst-Level Allocation 317\u003c\/p\u003e \u003cp\u003eSecond-Layer Allocation 318\u003c\/p\u003e \u003cp\u003eAddress Allocation Layer 3 320\u003c\/p\u003e \u003cp\u003eCore Address Space 323\u003c\/p\u003e \u003cp\u003eExternal Extensions of Address Space 323\u003c\/p\u003e \u003cp\u003eAllocation Trade-Offs and Tracking 324\u003c\/p\u003e \u003cp\u003eIPAM Worldwide’s Public IPv4 Address Space 325\u003c\/p\u003e \u003cp\u003eIPAM Worldwide’s IPv6 Allocations 326\u003c\/p\u003e \u003cp\u003eExternal Extensions Address Space 329\u003c\/p\u003e \u003cp\u003eIP Address Tracking 332\u003c\/p\u003e \u003cp\u003eDNS and IP Address Management 334\u003c\/p\u003e \u003cp\u003e\u003cb\u003e14 IPAM Deployment Strategies \u003c\/b\u003e\u003cb\u003e337\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eGeneral Deployment Principles for DHCP\/DNS 337\u003c\/p\u003e \u003cp\u003eDisaster Recovery\/Business Continuity 338\u003c\/p\u003e \u003cp\u003eDHCP Deployment 339\u003c\/p\u003e \u003cp\u003eDHCP Server Platforms 339\u003c\/p\u003e \u003cp\u003eDHCP Servers 339\u003c\/p\u003e \u003cp\u003eVirtualized DHCP Deployment 339\u003c\/p\u003e \u003cp\u003eDHCP Appliances 339\u003c\/p\u003e \u003cp\u003eDHCP Deployment Approaches 340\u003c\/p\u003e \u003cp\u003eCentralized DHCP Server Deployment 340\u003c\/p\u003e \u003cp\u003eDistributed DHCP Server Deployment 342\u003c\/p\u003e \u003cp\u003eDHCP Services Deployment Design Considerations 344\u003c\/p\u003e \u003cp\u003eDHCP Deployment on Edge Devices 347\u003c\/p\u003e \u003cp\u003eDNS Deployment 348\u003c\/p\u003e \u003cp\u003eDNS Trust Sectors 349\u003c\/p\u003e \u003cp\u003eExternal DNS Trust Sector 350\u003c\/p\u003e \u003cp\u003eExtranet DNS Trust Sector 355\u003c\/p\u003e \u003cp\u003eRecursive DNS Trust Sector 357\u003c\/p\u003e \u003cp\u003eInternal DNS Trust Sector 361\u003c\/p\u003e \u003cp\u003eDeploying DNS Servers with Anycast Addresses 362\u003c\/p\u003e \u003cp\u003eAnycast Addressing Benefits 362\u003c\/p\u003e \u003cp\u003eAnycast Caveats 364\u003c\/p\u003e \u003cp\u003eConfiguring Anycast Addressing 365\u003c\/p\u003e \u003cp\u003eIPAM Deployment Summary 366\u003c\/p\u003e \u003cp\u003eHigh Availability 366\u003c\/p\u003e \u003cp\u003eMultiple Vendors 366\u003c\/p\u003e \u003cp\u003eSizing and Scalability 367\u003c\/p\u003e \u003cp\u003eLoad Balancers 367\u003c\/p\u003e \u003cp\u003eLab Deployment 367\u003c\/p\u003e \u003cp\u003e\u003cb\u003e15 The Business Case for IPAM \u003c\/b\u003e\u003cb\u003e369\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIPAM Business Benefits 369\u003c\/p\u003e \u003cp\u003eAutomation 370\u003c\/p\u003e \u003cp\u003eOutage Reduction 370\u003c\/p\u003e \u003cp\u003eRapid Trouble Resolution 370\u003c\/p\u003e \u003cp\u003eAccurate IPAM Inventory and Reporting 371\u003c\/p\u003e \u003cp\u003eExpanded IP Services 371\u003c\/p\u003e \u003cp\u003eDistributed Administration 371\u003c\/p\u003e \u003cp\u003eEnhanced Security 371\u003c\/p\u003e \u003cp\u003eBusiness Case Overview 372\u003c\/p\u003e \u003cp\u003eBusiness Case Cost Basis 373\u003c\/p\u003e \u003cp\u003eAddress Block Management 374\u003c\/p\u003e \u003cp\u003eSubnet Management 381\u003c\/p\u003e \u003cp\u003eIP Address Assignment – Moves, Adds, and Changes 383\u003c\/p\u003e \u003cp\u003eInventory Assurance 386\u003c\/p\u003e \u003cp\u003eAddress Capacity Management 387\u003c\/p\u003e \u003cp\u003eAuditing and Reporting 392\u003c\/p\u003e \u003cp\u003eServer Upgrade Management 392\u003c\/p\u003e \u003cp\u003eOutage and Security Recovery Costs 393\u003c\/p\u003e \u003cp\u003eIPAM System Administration Costs 396\u003c\/p\u003e \u003cp\u003eCost Basis Summary 399\u003c\/p\u003e \u003cp\u003eSavings with IPAM Deployment 399\u003c\/p\u003e \u003cp\u003eBusiness Case Expenses 403\u003c\/p\u003e \u003cp\u003eNetting it Out: Business Case Results 403\u003c\/p\u003e \u003cp\u003eConclusion 405\u003c\/p\u003e \u003cp\u003e\u003cb\u003e16 IPAM Evolution\/Trends \u003c\/b\u003e\u003cb\u003e407\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSecurity Advancements 407\u003c\/p\u003e \u003cp\u003eIntent-Based Networking 409\u003c\/p\u003e \u003cp\u003eArtificial Intelligence Applied to IPAM 410\u003c\/p\u003e \u003cp\u003eIP Address Capacity Management 412\u003c\/p\u003e \u003cp\u003eDNS Query and Response Analytics 412\u003c\/p\u003e \u003cp\u003eDNS Malware Detection 413\u003c\/p\u003e \u003cp\u003eNetwork Address Intrusions 413\u003c\/p\u003e \u003cp\u003eIPAM Administration Activity Analysis 414\u003c\/p\u003e \u003cp\u003eAI Summary 414\u003c\/p\u003e \u003cp\u003eEdge Computing 414\u003c\/p\u003e \u003cp\u003eIdentifier\/Locator Networking 415\u003c\/p\u003e \u003cp\u003eInformation\u003c\/p\u003e \u003cp\u003eCentric Networking 416\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart V IPAM Reference \u003c\/b\u003e\u003cb\u003e419\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003e17 IP Addressing Reference \u003c\/b\u003e\u003cb\u003e421\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIP Version 4 421\u003c\/p\u003e \u003cp\u003eThe IPv4 Header 421\u003c\/p\u003e \u003cp\u003eIP Version 6 423\u003c\/p\u003e \u003cp\u003eThe IPv6 Header 423\u003c\/p\u003e \u003cp\u003eIPv6 Multicast Addressing 424\u003c\/p\u003e \u003cp\u003eFlags 425\u003c\/p\u003e \u003cp\u003eSpecial Case Multicast Addresses 429\u003c\/p\u003e \u003cp\u003eSolicited Node Multicast Address 429\u003c\/p\u003e \u003cp\u003eNode Information Query Address 429\u003c\/p\u003e \u003cp\u003eIPv6 Addresses with Embedded IPv4 Addresses 430\u003c\/p\u003e \u003cp\u003eReserved Subnet Anycast Addresses 430\u003c\/p\u003e \u003cp\u003e\u003cb\u003e18 DHCP Reference \u003c\/b\u003e\u003cb\u003e433\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDHCPv6 Protocol 433\u003c\/p\u003e \u003cp\u003eDHCPv6 Packet Format 433\u003c\/p\u003e \u003cp\u003eDHCPv6 Message Types 433\u003c\/p\u003e \u003cp\u003eDHCPv6 Failover Overview 437\u003c\/p\u003e \u003cp\u003eDHCPv6 Options 439\u003c\/p\u003e \u003cp\u003eDHCP for IPv4 454\u003c\/p\u003e \u003cp\u003eDHCP Packet Format 454\u003c\/p\u003e \u003cp\u003eDHCPv4 Message Types 456\u003c\/p\u003e \u003cp\u003eDHCP Options 474\u003c\/p\u003e \u003cp\u003e\u003cb\u003e19 DNS Reference \u003c\/b\u003e\u003cb\u003e475\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDNS Message Format 475\u003c\/p\u003e \u003cp\u003eEncoding of Domain Names 475\u003c\/p\u003e \u003cp\u003eName Compression 476\u003c\/p\u003e \u003cp\u003eInternationalized\u003c\/p\u003e \u003cp\u003eDomain Names 478\u003c\/p\u003e \u003cp\u003eDNS Message Format 479\u003c\/p\u003e \u003cp\u003eMessage Header 480\u003c\/p\u003e \u003cp\u003eQuestion Section 482\u003c\/p\u003e \u003cp\u003eAnswer Section 485\u003c\/p\u003e \u003cp\u003eAuthority Section 487\u003c\/p\u003e \u003cp\u003eAdditional Section 487\u003c\/p\u003e \u003cp\u003eDNS Update Messages 487\u003c\/p\u003e \u003cp\u003eDNS Extensions (EDNS0) 489\u003c\/p\u003e \u003cp\u003eThe DNS Resolution Process Revisited 494\u003c\/p\u003e \u003cp\u003eDNS Resolution Privacy Extension 501\u003c\/p\u003e \u003cp\u003eDNS Resolver Configuration 502\u003c\/p\u003e \u003cp\u003eDNS Applications and Resource Records 504\u003c\/p\u003e \u003cp\u003eResource Record Format 504\u003c\/p\u003e \u003cp\u003eHost Name and IP Address Resolution 506\u003c\/p\u003e \u003cp\u003eA – IPv4 Address Record 506\u003c\/p\u003e \u003cp\u003eAAAA – IPv6 Address Record 506\u003c\/p\u003e \u003cp\u003ePTR – Pointer Record 507\u003c\/p\u003e \u003cp\u003eAlias Host and Domain Name Resolutions 507\u003c\/p\u003e \u003cp\u003eCNAME – Canonical Name Record 507\u003c\/p\u003e \u003cp\u003eDNAME – Domain Alias Record 508\u003c\/p\u003e \u003cp\u003eNetwork Services Location 508\u003c\/p\u003e \u003cp\u003eSRV – Services Location Record 508\u003c\/p\u003e \u003cp\u003eAFSDB – DCE or AFS Server Record (Experimental) 509\u003c\/p\u003e \u003cp\u003eWKS – Well Known Service Record (Historic) 510\u003c\/p\u003e \u003cp\u003eHost and Textual Information Lookup 510\u003c\/p\u003e \u003cp\u003eTXT – Text Record 510\u003c\/p\u003e \u003cp\u003eHINFO – Host Information Record 510\u003c\/p\u003e \u003cp\u003eDNS Protocol Operational Record Types 512\u003c\/p\u003e \u003cp\u003eSOA – Start of Authority Record 512\u003c\/p\u003e \u003cp\u003eNS – Name Server Record 513\u003c\/p\u003e \u003cp\u003eDynamic DNS Update Uniqueness Validation 514\u003c\/p\u003e \u003cp\u003eDHCID – Dynamic Host Configuration Identifier Record 514\u003c\/p\u003e \u003cp\u003eTelephone Number Resolution 515\u003c\/p\u003e \u003cp\u003eNAPTR – Naming Authority Pointer Record 517\u003c\/p\u003e \u003cp\u003eEmail and Anti-spam Management 518\u003c\/p\u003e \u003cp\u003eEmail and DNS 519\u003c\/p\u003e \u003cp\u003eMX – Mail Exchanger Record 519\u003c\/p\u003e \u003cp\u003eAllow or Block Listing 523\u003c\/p\u003e \u003cp\u003eSender Policy Framework (SPF) 523\u003c\/p\u003e \u003cp\u003eSPF – Sender Policy Framework Formatting for a TXT Record 524\u003c\/p\u003e \u003cp\u003eMechanisms 524\u003c\/p\u003e \u003cp\u003eModifiers 526\u003c\/p\u003e \u003cp\u003eMacros 527\u003c\/p\u003e \u003cp\u003eMacro Examples 528\u003c\/p\u003e \u003cp\u003eSender ID (Historical) 528\u003c\/p\u003e \u003cp\u003eDomain Keys Identified Mail (DKIM) 529\u003c\/p\u003e \u003cp\u003eDKIM Signature Email Header Field 530\u003c\/p\u003e \u003cp\u003eDKIM TXT Record 531\u003c\/p\u003e \u003cp\u003eDMARC TXT Record 532\u003c\/p\u003e \u003cp\u003eHistoric Email Resource Record Types 533\u003c\/p\u003e \u003cp\u003eMR – Mail Rename Record 533\u003c\/p\u003e \u003cp\u003eMB – Mailbox Record 533\u003c\/p\u003e \u003cp\u003eMG – Mail Group Member Record 534\u003c\/p\u003e \u003cp\u003eMINFO – Mailbox\/Mailing List Information 534\u003c\/p\u003e \u003cp\u003eSecurity Applications 534\u003c\/p\u003e \u003cp\u003eSecuring Name Resolution – DNSSEC Resource Record Types 534\u003c\/p\u003e \u003cp\u003eDNSKEY – DNS Key Record 534\u003c\/p\u003e \u003cp\u003eDS – Delegation Signer Record 536\u003c\/p\u003e \u003cp\u003eNSEC – Next Secure Record 536\u003c\/p\u003e \u003cp\u003eNSEC3 – NSEC3 Record 537\u003c\/p\u003e \u003cp\u003eNSEC3PARAM – NSEC3 Parameters Record 538\u003c\/p\u003e \u003cp\u003eRRSIG – Resource Record Set Signature Record 539\u003c\/p\u003e \u003cp\u003eOther Security-oriented DNS Resource Record Types 540\u003c\/p\u003e \u003cp\u003eTA – Trust Authority Record 540\u003c\/p\u003e \u003cp\u003eCERT – Certificate Record 540\u003c\/p\u003e \u003cp\u003eIPSECKEY – Public Key for IPSec Record 541\u003c\/p\u003e \u003cp\u003eKEY – Key Record 542\u003c\/p\u003e \u003cp\u003eKX – Key Exchanger Record 543\u003c\/p\u003e \u003cp\u003eSIG – Signature Record 543\u003c\/p\u003e \u003cp\u003eSSHFP – Secure Shell Fingerprint Record 544\u003c\/p\u003e \u003cp\u003eGeographical Location Lookup 544\u003c\/p\u003e \u003cp\u003eGPOS – Geographical Position Record 544\u003c\/p\u003e \u003cp\u003eLOC – Location Resource Record 545\u003c\/p\u003e \u003cp\u003eNon-IP Host-Address Lookups 545\u003c\/p\u003e \u003cp\u003eISDN – Integrated Services Digital Network Record (Experimental) 545\u003c\/p\u003e \u003cp\u003eNSAP – Network Service Access Point Record 545\u003c\/p\u003e \u003cp\u003eNSAP-PTR – Network Service Access Point Reverse Record 546\u003c\/p\u003e \u003cp\u003ePX – Pointer for X.400 546\u003c\/p\u003e \u003cp\u003eX25 – X.25 PSDN Address Record (Experimental) 546\u003c\/p\u003e \u003cp\u003eRT – Route Through 547\u003c\/p\u003e \u003cp\u003eThe Null Record Type 547\u003c\/p\u003e \u003cp\u003eNULL 547\u003c\/p\u003e \u003cp\u003eExperimental Name-Address Lookup Records 547\u003c\/p\u003e \u003cp\u003eIPv6 Address Chaining – The A6 Record (Experimental) 547\u003c\/p\u003e \u003cp\u003eAPL – Address Prefix List Record (Experimental) 548\u003c\/p\u003e \u003cp\u003eDNS Resource Record Summary 549\u003c\/p\u003e \u003cp\u003e\u003cb\u003e20 RFC Reference \u003c\/b\u003e\u003cb\u003e555\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eGlossary 583\u003c\/p\u003e \u003cp\u003eBibliography 585\u003c\/p\u003e \u003cp\u003eIndex 601\u003c\/p\u003e  \u003cp\u003e\u003cb\u003eMichael Dooley\u003c\/b\u003e is Vice President of Operations for BT Diamond IP division. He has over 20 years of experience managing and developing enterprise-scale software products. His professional expertise includes IP addressing, DHCP, and DNS. He is co-author of \u003ci\u003eIPv6 Deployment and Management\u003c\/i\u003e and \u003ci\u003eDNS Security Management\u003c\/i\u003e. \u003c\/p\u003e\u003cp\u003e\u003cb\u003eTimothy Rooney\u003c\/b\u003e is the Product Manager for BT Diamond IP product development and has led the market introduction of NetControl, IPControl, Sapphire Appliances, and ImageControl, four next-gen IP management systems. He is co-author of \u003ci\u003eIntroduction to IP Address Management, IP Address Management Principles and Practice, IPv6 Deployment and Management,\u003c\/i\u003e and \u003ci\u003eDNS Security Management.\u003c\/i\u003e   \u003c\/p\u003e\u003cp\u003e\u003cb\u003eRediscover fundamental and advanced topics in IPAM, DNS, DHCP and other core networking technologies with this updated one-stop reference\u003c\/b\u003e \u003c\/p\u003e\u003cp\u003eThe thoroughly revised second edition of \u003ci\u003eIP Address Management\u003c\/i\u003e is the definitive reference for working with core IP management technologies, like address allocation, assignment, and network navigation via DNS. Accomplished professionals and authors Timothy Rooney and Michael Dooley offer readers coverage of recent IPAM developments in the world of cloud computing, Internet of Things (IoT), and security, as well as a comprehensive treatment of foundational concepts in IPAM. \u003c\/p\u003e\u003cp\u003eThe new edition addresses the way that IPAM needs and methods have evolved since the publication of the first edition. The book covers the impact of mainstream use of private and public cloud services, the maturation of IPv6 implementations, new DNS security approaches, and the proliferation of IoT devices. The authors have also reorganized the flow of the book, with much of the technical reference material appearing at the end and making for a smoother and simpler reading experience. \u003c\/p\u003e\u003cp\u003eThe 2nd edition of \u003ci\u003eIP Address Management\u003c\/i\u003e also covers topics like such as: \u003c\/p\u003e\u003cul\u003e \u003cli\u003eDiscussions about the fundamentals of Internet Protocol Address Management (IPAM), including IP addressing, address allocation and assignment, DHCP, and DNS\u003c\/li\u003e \u003cli\u003eAn examination of IPAM practices, including core processes and tasks, deployment strategies, IPAM security best-practices, and DNS security approaches\u003c\/li\u003e \u003cli\u003eA treatment of IPAM in the modern context, including how to adapt to cloud computing, the Internet of Things, IPv6, and new trends in IPAM\u003c\/li\u003e \u003cli\u003eA one-stop reference for IPAM topics, including IP addressing, DHCP, DNS, IPv6, and DNS security\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003ePerfect for IP network engineers and managers, network planners, network architects, and security engineers, the second edition of \u003ci\u003eIP Address Management\u003c\/i\u003e also belongs on the bookshelves of senior undergraduate and graduate students studying in networking, information technology, and computer security-related courses and programs.\u003c\/p\u003e","brand":"Wiley-IEEE Press","offers":[{"title":"Default Title","offer_id":47989477441765,"sku":"NP9781119692270","price":139.95,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9781119692270.jpg?v=1761784258","url":"https:\/\/k12savings.com\/es\/products\/ip-address-management-isbn-9781119692270","provider":"K12savings","version":"1.0","type":"link"}