Mathematical Problems of Computer Science 53, 67--71, 2020. 

 
 

 
UDC 004 
 
 

The Concept of Internal IP Addresses System for NRENs 
 

Robert N. Tadevosyan, Arthur S. Petrosyan and Gurgen S. Petrosyan  
 

Institute for Informatics and Automation Problems of   NASRA 
e-mail: robert@sci.am, arthur@sci.am, gurgen@sci.am 

 
Abstract 

 
This paper presents the concept of a new system of internal IP addresses 

proposed for use by National Research and Education Networks (NREN). 
Recently, various systems and services, have been actively developing, such 
as Wi-Fi, IP telephony, etc., for which it is necessary to ensure the security of 
streams, reducing the area of collisions, etc. The allocation of additional IP 
addresses in local networks makes it possible to realize all the above-
mentioned tasks and have the necessary reserve for future development. The 
concept is deployed in Academic Scientific Research Computer Network of 
Armenia (ASNET-AM). 

Keywords: VLAN, Networking, eduroam, Wi-Fi, VoIP 
 

 
 

1. Introduction 
 

In general, the Virtual Local Area Network (VLAN) technology is used to logically divide the 
network into different and independent parts. The proposed concept of IP addressing distribution 
system to subnets and methods of implementation with appropriate VLANs technology for 
managing and controlling them, suggest a completely new vision to this technology. It takes into 
account many factors of the current development of National Research and Education Networks 
(NRENs) (the detailing is outside the scope of this work, since it may vary for different 
NRENS), network infrastructure, installed devices and the specifics of the connected institutions. 
In addition, the presented concept allows flexible future growth of NREN infrastructure. The 
proposed concept of IP addressing distribution promotes the development of virtually unlimited 
additional services in NREN in the future without any big changes and reorganization of the 
network structure. 

As a rule of thumb, Local Area Network (LAN) internal IP addressing system has the 
following simple scheme without any logical division and VLANs implementations. For each 

 
67 
 

mailto:robert@sci.am
mailto:arthur@sci.am
mailto:gurgen@sci.am


 The Concept of Internal IP Addresses System for NRENs 
  

68 

connected institute, one “C” class of internal IP addresses is allocated. Addresses are distributed 
from the pool of addresses reserved for private use [1], such as prefixes 192.168/16, 172.16/12 
and 10/8. As an example several LAN addresses may be used according to the following system: 
“10.1.X.Y”, where “X” is the allocated organization number in the IP space (in the third byte), 
and “Y” is the space of 256 addresses, for use in the internal local networks.  

 
 

2. Concept Architecture 
 

For each organization connected to NREN, a new IP address space can be allocated for “B” class 
network and will be built according to the following scheme: “10.X.Y.Y”, where “X” is the 
allocated Institution number in IP space, and “Y.Y” are spaces of 256 “C” class addresses 
(65536 IP addresses) for use in the internal local networks. To save the current IP numbering 
system of organizations, the organization numbers will be moved from the third byte to the 
second one: “10.1.X.Y” - “10.X.Y.Y”. Networks started from 10.200.Y.Y will be used for 
addressing the globally controlled communication devices. 

Each Institution of “B” class network will be divided into logical and physical subspaces 
according to the following principle. 

1. Workstations 
2. Local servers 
3. Managed communication equipment within the organization, etc. 
4. Wi-Fi devices 
5. Voice over Internet Protocol (VoIP) phones 
6. … for future use 

 At the moment, it is proposed to use the first 128 networks of institutions address spaces. 
The remaining 128 networks will be reserved for further expansion of network systems and 
services. The distribution of IP addressing will be carried out according to the following scheme: 

• 10.X.0-A.Y - Desktops 
• 10.X.A+1-B.Y - Local Servers 
• 10.X.B+1-C.Y - Local Managed Communication Equipment 
• 10.X.C+1-G.Y - Wi-Fi devices 
• 10.X.G+1-H.Y - VoIP phones 
Additionally, the subnet “10.X.C+1-G.Y - Wi-Fi devices” is proposed to be divided  into 

subparts according to the type and area of use of the connected devices as follows: 
• 10.X.C+1-D.Y - The general academic Wi-Fi network devices (SSID: eduroam) 
• 10.X.D+1-E.Y - Wi-Fi network of current organization (for example, SSID: IIAP) 
• 10.X.E+1-F.Y - Guest Wi-Fi access by the organization (for example, SSID: IIAP-

FreeWiFi) 
• 10.X.F+1-G.Y - Will be implemented if necessary (for example: SSID: CSIT2019) 
The implementation of this new IP addressing system will be efficient through the creation 

of appropriate VLANs for each of the subnets [2]. The following systems of standards are 
proposed for internal names and numbering of VLANs: 

 10.X.0-A.Y  - VLAN name: VLANZ00, VLAN id: Z00 
 10.X.A+1-B.Y - VLAN name: VLANZA+1, VLAN id: ZA+1 
 10.X.B+1-C.Y - VLAN name: VLAN ZB+1, VLAN id: ZB+1 
 10.X.C+1-D.Y - VLAN name: VLAN ZC+1, VLAN id: ZC+1 
 10.X.D+1-E.Y - VLAN name: VLAN ZD+1, VLAN id: ZD+1 
 10.X.E+1-F.Y - VLAN name: VLAN ZE+1, VLAN id: ZE+1 



R. Tadevosyan, A. Petrosyan and G. Petrosyan 69 

 10.X.F+1-G.Y - VLAN name: VLAN ZF+1, VLAN id: ZF+1 
 10.X.G+1-H.Y - VLAN name: VLANZG+1, VLAN id: ZG+1 

where X is the network number allocated to organizations in the IP subspace for the local 
network addresses of NREN. 

 

 
 

Fig. 1. Internal IP address distribution system. 
 
For example, the VLAN number for workstations will be Z00, the VLAN number for 

general academic Wi-Fi network devices will be ZC+1, and the VLAN number for the subnet of 
VoIP devices will be ZG+1. 

Additionally, if it is necessary to divide the subnets to subparts and subVLANs, the 
numeration should be created according to the following scheme. An additional number from 0 
to 9 should be added to the base VLAN number. For example, when it is necessary to create 
additional subnets and VLANs in “Workstations” zone, the numbers will be Z001, Z002, Z003, 
or ZA0, ZA1, etc.  

The first number of VLANs for subnets started from 100, will be - Z+1, and for subnets 
started from 200, will be - Z+2. 

This is a general and theoretical vision of the new IP addressing system. Practical 
implementation includes the creation of a real numeration standard and distribution, as default, 
which will be implemented for all connected institutions. Implementation of this system as 
standard will facilitate easy configuring and managing the border routers of all connected 
institutions. Since the proposed IP addressing system does not conflict with the standard 
addressing space, it can be implemented   without any interruption of the network work. To start 
this process in the connected institution, it is necessary to configure new address spaces and 
VLANs on the border router, and then, after starting to the step-by-step transition of all 
equipment and devices to the new addressing system.  

In the pan-European data network for the research and education community (GÉANT) [3], 
which interconnects the NRENs across Europe, there are some proposals for internetworking 
VLANs implementations [4], but this work covers another area of work scope. 

Currently, the proposed numbering and distribution system with the appropriate VLANs has 
already been created as a standard and enacted in production mode. This document with the 
default numbering system, is an internal document of the ASNET-AM network. 



 The Concept of Internal IP Addresses System for NRENs 
  

70 

The implementation of this new internal IP addressing system on the border routers of 
NREN-connected institutes will now allow the unimpeded expansion of network services and 
systems and create the basis for future growth. 

 
 

3. Conclusion 
The proposed concept can be used by any NREN to make the internal infrastructure more 

efficient. Currently, this new IP addressing system has already been implemented in the local 
networks of several Academic Scientific Research Computer Network of Armenia (ASNET-
AM)-connected organizations. In the mentioned Institutions, the production of Wi-Fi network 
structure is already divided into subnets with the corresponding Service Set Identifier (SSID) 
access. Each subnet operates in its own dedicated VLAN and receives, via the Dynamic Host 
Configuration Protocol (DHCP), IP addresses corresponding to its own VLAN, which allows the 
general control and regulation of flows, as well as access control to resources of both ASNET-
AM and the Internet [5]. 

In the future, this new addressing system will be expanded to all organizations connected to 
ASNET-AM. 
 
 
 
References 
 
[1] Y. Rekhter, B. Moskowitz, D. Karrenberg, G. J. de Groot and E. Lear,  “Address allocation 

for private internets”,  Silicon Graphics, Inc, February 1996, [Online]. Available: 

https://tools.ietf.org/html/rfc1918 

[2] P. Congdon, M. Sanchez, B. Aboba, “RACIUS attibutes for virtual LAN and priority 

support”, [Online]. Available: https://www.ietf.org/rfc/rfc4675.txt 

[3] [Online]. Available: https://www.geant.org/ 

[4] V. Capone and M. Usman , “The GÉANT network: addressing current and future needs of 

the HEP community”, Journal of Physics: Conference Series 664 052005, DOI: 

10.1088/1742-6596/664/5/052005,  2015, [Online]. Available: 

https://iopscience.iop.org/article/10.1088/1742-6596/664/5/052005/pdf 

[5] B. Hartpence, Routing and Switching, O’Reilly Media, Inc., ISBN: 9781449306557, 2011, 

[Online]. Available: https://www.oreilly.com/library/view/packet-guide-to/9781449311315/ 

 

 

Submitted  04.03.2020, accepted 18.06.2020. 
 

 

 

https://tools.ietf.org/html/rfc1918
https://www.ietf.org/rfc/rfc4675.txt
https://www.geant.org/
https://iopscience.iop.org/article/10.1088/1742-6596/664/5/052005/pdf
https://www.oreilly.com/library/view/packet-guide-to/9781449311315/


R. Tadevosyan, A. Petrosyan and G. Petrosyan 71 

Հետազոտական  և կրթության ազգային ցանցերի ներքին  
հասցեավորման համակարգի կոնցեպցիա 

 
Ռոբերտ Ն․ Թադևոսյան, Արթուր Ս․ Պետրոսյան և Գուրգեն Ս․ Պետրոսյան 

 
ՀՀ ԳԱԱ Ինֆորմատիկայի և ավտոմատացման պրոբլեմների ինստիտուտ 

Էլ․ հասցե: robert@sci.am, arthur@sci.am, gurgen@sci.am 
 

Ամփոփում 
Այս հոդվածը ներկայացնում է ներքին IP հասցեների նոր համակարգի 

կոնցեպցիա, որն առաջարկվում է օգտագործել Ազգային հետազոտական և կրթական 
ցանցերի (NREN) կողմից: Վերջերս տարբեր համակարգերի և ծառայությունների 
զարգացումը, ինչպիսիք են` Wi-Fi, IP հեռախոսակապ և այլն, անհրաժեշտություն են 
առաջացնում ապահովել հոսքերի անվտանգությունը, բախումների տարածքի 
կրճատում և այլն։ Հաշվի առնելով դա, անհրաժեշտ են դառնում լոկալ ցանցերում 
լրացուցիչ IP հասցեների օգտագործումը և բաշխումը, ինչը հնարավորություն կտա 
լուծել վերոնշված խնդիրները և ունենալ անհրաժեշտ ռեզերվ ցանցի հետագա 
զարգացման համար: Այս համակարգը ներդրված է Հայաստանի ակադեմիական 
գիտահետազոտական կոմպյուտերային ցանցում (ASNET-AM)։ 

Բանալի բառեր` VLAN, Networking, eduroam, Wi-Fi, VoIP 
 
 

 
Концепция системы внутренних IP адресов в локальных 

сетях для национальных научно-образовательных сетей 
 

Роберт. Н. Тадевосян, Артур С. Петросян и Гурген С. Петросян 
 

Институт проблем информатики и автоматизации НАН РА 
e-mail: robert@sci.am, arthur@sci.am, gurgen@sci.am 

 
Аннотация 

 
В этом документе представлена концепция новой системы внутренних IP-адресов 

для использования национальными исследовательскими и образовательными сетями 
(NREN). В последнее время развитие различных систем и сервисов, таких как Wi-Fi, IP 
телефония и др., требуют обеспечения безопасности потоков в выделенных каналах, 
уменьшения коллизий, что создает потребность в дополнительных IP адресах.  Эти IP 
адреса помогут устранить вышеперечисленные недостатки и обеспечат необходимый 
задел для будущего развития сети. Данная концепция уже внедрена в Академической 
научно-исследовательской компьютерной сети Армении (ASNET-AM). 

Ключевые слова: VLAN, Networking, eduroam, Wi-Fi, VoIP. 
 

mailto:robert@sci.am
mailto:arthur@sci.am
mailto:gurgen@sci.am
mailto:robert@sci.am
mailto:arthur@sci.am
mailto:gurgen@sci.am