All information on this site is reviewed quarterly
Privacy  |  Help  |  About this site
 

N3 IP Network Addressing

N3 is a Wide Area Network (WAN) for the NHS in England and Scotland. It is an Internet Protocol (IP) Network.

Each node (user/computer) on an IP network has a unique IP address. IP networks divide data into packets to send and receive. Each packet includes addressing, the source IP address where the packet came from and the destination IP address where it is going to.

A message or transaction, known as a session, would normally be made up from a string of data packets. IP networks are packet switched; the data packets can travel by more than one route, if available, to their destination. If they arrive out-of-order they are reassembled in the right order, using unique serial numbers also sent in the individual packets.

N3 is an IP version 4 (IPv4) network. IPv4 networks have IP addresses that are normally shown in an x.x.x.x format, where x is between 0 and 255. For example 192.168.0.1.

Policy

IP addressing policy for N3 is ultimately controlled by Connecting For Health, although day-to-day assignment of IP addresses is devolved to N3SP, the Service Provider for the N3 network. N3SP has devised an IP addressing scheme based on NHS Connecting for Health's IP addressing policy to ensure the IP addresses allocated are usable (routable) on the N3 network.

N3 IP Address Ranges

The bodies that control the Internet and addressing standards on IP networks have agreed certain ranges of IP addresses to use in private networks. This means they're not recognised and switched (routed) across the Internet, so they can be used on any number of times on private networks, even when a private network is connected to the Internet.

N3 uses the following private IP address ranges (space):

  • All of Class A: 10.0.0.0 -10.255.255.255
  • Part of Class B: 172.17.0.0 - 172.31.255.255 (used by GP connections in N3's predecessor network NHSnet and retained for N3)

The Class C address space for private networks, 192.168.0.0 - 192.168.255.255, is not even routed across the N3 network. It‘s reserved and recommended for individual NHS organisations to address their own Local Area Networks (LANs). Network Address Translation (NAT) is used to convert these internal IP addresses to the external IP address(es) assigned to individual NHS organisations connecting to N3.

Note: Similarly to the above, many N3 IP addresses are summarised and translated using NAT so that all Internet traffic from N3 comes from a small range of registered IP addresses.

Voice over IP (VoIP) addresses for Voice Solutions

Where NHS organisations are deploying voice solutions, it is standard/good practice to use separate Virtual Local Area Networks (VLANs) for voice and data traffic. This reduces the voice system's vulnerability to attack from personal computers (PCs), for example to eavesdrop or to deny service to the voice applications.

To support NHS organisations N3SP allocates separate IP addresses for sending/receiving VoIP traffic across N3, for use with the Voice VLAN. They are allocated from specific ranges from the Private Class A address space (10.0.0.0 -10.255.255.255), reserved for voice use only

Any NHS organisations wishing to use the N3 network to carry voice traffic must submit their VoIP addressing requirements to N3SP using the N3 IP addressing request form, based on the number of VoIP telephone handsets to be used.

Legacy IP addresses

Early on in the history of the Internet and IP networks the NHS was assigned a range of Internet registered IP address from the European IP address registry - RIPE. These were deployed within NHSnet, the predecessor NHS private network to N3. This was before private addressing ranges were agreed and Network Address Translation was widespread.

It is NHS policy to develop a compliant private addressing scheme for N3 and its other networks, as described above. For N3 users this means:

  • NHS organisations using registered RIPE IP addresses within N3 are expected to migrate to the Class A private address range IP addresses assigned by N3SP. NAT should be used wherever possible together with Class C private addressing internally (on Local Area Networks).
  • Connecting for Health will contact organisations that continue to use registered RIPE addresses on N3, to ensure that migration to a compliant addresses scheme is achieved.
  • Any new or existing Community Of Interest Networks (COINs) recognised by the Connecting for Health will have their IP address allocation managed by N3SP.
  • Organisations who were allocated IP addresses from the Class A private address range for NHSnet (by BT HealthNet or Cable & Wireless) will retain these for use on N3.
  • Independent implementations of the Class A private addressing are not permitted on N3.

Registered RIPE addresses that are released will be returned to Reseaux IP Europeens (RIPE).

IP Address Request Process

Click here for the new or additional IP Addresses request form.

All completed forms should be emailed to n3deliverytechteam@bt.com

All requests must be made on a site by site basis.

The lead time for an IP address allocation is normally five business days. This will depends on all required information being provided on the forms and the size of address range/space requested. Organisations that need large address space(s) for a major system deployment should ensure their plans allow enough time for the allocation process.

A request for Class A private addresses can be rejected due to one or all of the following reasons:

  • It is too large based upon the organisation size
  • It is not an efficient use of address space
  • Insufficient supporting documentation for a large allocation request

If a request has been rejected the allocation request will be jointly reviewed by the N3SP Technical team and NHS Connecting for Health. A response will then be issued to the requester based on this review.