Kirill Kedrinski - Fotolia


Don't let VDI drain the IP address pool

IP addresses can get gobbled up in VDI deployments because each virtual desktop and each endpoint takes up an address. Admins can fight back with IP address management tools.

Even though virtual desktops consume IP addresses in exactly the same way physical desktops do, VDI deployments tend to deplete the IP address pool more quickly than physical desktops do. As a result, IP address management is one of the hidden pitfalls of the transition to virtual desktops.

VDI deployments empty the IP address pool because of the VDI clients, not the virtual desktops themselves. Suppose, for example, an organization has 500 desktop computers and each of the physical computers consumes a single IP address. Now, suppose the organization replaces the 500 physical desktops with 500 virtual desktops. Because each virtual desktop typically consumes a single IP address, there is no net change in the number of IP addresses the desktop level consumes. The infrastructure components such as the connection brokers or VDI hosts might use a few new addresses, but the desktops themselves consume 500 IP addresses, just like they would if they were physical desktops.

The problem arises because users access virtual desktops through VDI clients. The client might be a thin client, a repurposed PC or a mobile device. Whatever the device type, it consumes an IP address. As a result, each user is now consuming two IP addresses -- one for the client and one for the virtual desktop.

In the previous example, IP address consumption effectively doubled from 500 to 1,000 addresses. This example is a bit over simplified, however. In the real world, the transition to VDI can actually lead to a much higher rate of IP address consumption because of how IP addresses are assigned. As a result it's critical to understand how to manage IP address shortages.

Why VDI IP address consumption is even more complex

Another step admins can take to cope with excessive IP address consumption is to make creative use of subnetting.

When a device connects to a network, a Dynamic Host Configuration Protocol server leases an IP address to the device. The lease has a specific duration, meaning the device effectively owns the IP address until the lease expires. Even if a user only connects to a desktop for 30 seconds, the lease period might be a couple of days so the connection ties up that address through the full lease time.

With that in mind, consider that one of the primary benefits to VDI is that users can access their desktops from anywhere, on any device. As such, users most likely access their virtual desktops from thin clients at the office, but they may connect from other devices away from work. A user might, for example, work from a home PC on the weekend or connect from a mobile device during a commute. Each connection consumes an IP address, and that IP address is not usually returned to the IP address pool until long after the user's session ends. The end result is that the user could potentially consume five or more IP addresses, depending on the number of devices she works from.

How to address the problem

Admins cannot completely avoid the increased address consumption that comes with VDI, but they do have a few methods available to them to curb some of the effects.

First, admins should deploy an IP address management (IPAM) product. IPAM functionality is built into Windows Server and third-party products are available. IPAM capabilities vary depending on which product admins choose, but at the very least IPAM can help them monitor IP address consumption so they can avoid completely depleting their IP address pools.

Another step admins can take to cope with excessive IP address consumption is to make creative use of subnetting, which allows admins to compartmentalize different aspects of the VDI deployment. For example, admins might place the virtual desktops into one subnet, thin client devices into another subnet, Wi-Fi connectivity into yet another subnet and use a fourth subnet for VPN connectivity.

Configure Windows server 2012 as an
IP address Management server.

Subnetting allows them to establish separate IP address pools for each subnet. Not only does this potentially increase the number of IP addresses available for assignment, it also isolates any IP depletion problems. Suppose for instance, the VPN clients ran out of IP addresses. If admins dedicated an IP address pool specifically to VPN traffic, then only that pool would be affected, and the remaining IP address pools would continue to provide addresses.

Admins can also shorten the IP address lease duration. The default IP address lease duration is usually measured in days, but admins can shorten it to hours so IP addresses return to the pool of available addresses more quickly. Shortening the lease duration does not limit the session duration because leases can automatically renew themselves on an as needed basis.

Next Steps

How to manage IP addresses with virtual servers

The issues with running an IPAM server

How virtualization increases IP address consumption

Dig Deeper on Virtual and remote desktop strategies

Enterprise Desktop
Cloud Computing