How do you choose your IP addressing?

In the life of a system administrator, always will come a moment when an IP subnet needs to be defined. Be it your small home LAN or the endless company WAN where madness lurks in the depths of unknown routes, IP addresses will always need to be choosen, divided and assigned to some device, deserving it or not. And, while in the "real world" of the public Internet you'll have to just obey your ISP's orders, you're free to choose your path and your ultimate destiny when it comes to your own private network.

As everyone knows (or should know), the mighty RFC 1918 states that private network IP addresses can only fall in three great blocks:

192.168.0.0/16
172.16.0.0/12
10.0.0.0/8

Which is your favorite one?
How big do you usually choose to make a subnet, regardless of course of how many devices you really need to connect to it?
Do you think it should be kept to a minimum, or should it be as great and glorious as possible?
Do you believe in the law and order of "round" subnets (/8,/16,/24), or do you prefer the anarchy and crawling chaos of "unround" ones?
Do you follow the Sacred School of Our Gateway Should Be .1, the Unholy Temple of No It Should Be .254, or the blasphemous teachings of the Order Of It Shall End With Whatever We Want It To End With?
Do you feel in your heart that Servers should have "low" addresses and Clients should use "high" ones? Or will only Fate define how the Server and the Client are to be called?
Do you always use (or try to use) the same ending numbers in all the subnets you manage, so that you may find your gateway and your DNS in the hour of your great need?
Do you believe in DHCP or in Static Addressing? And do you have faith in their hybrid child, DHCP With Reservations, even for not-client machines like network printers or, may all the Gods forgive you, Servers?

"Take this and divide it; this is my 2^32 address space,
 which shall be endlessly fragmented for all your addressing needs,
 until IPv6 may finally come."

Solution 1:

I worship at the alter of 00001010/11111111. The gods would be angry if you didn't not yearn for the largest of the networks. It allows for the most flexibility, and least conflicts with the pleb's networks.

I find that a nice /24 is the perfect size for most networks, you have room to stretch out, let you servers have some breathing room, you need to remember that they have personal space issues like we all do.

The only time I spend the brain cells that have been granted to me by the gods of networking and servers to subnet much farther is for those pieces of equipment that think they are better than everyone else - routers, switches, firewalls I'm looking at YOU! Those I try to confine to a /25 or smaller, otherwise their hubris would start to spread to the servers, and you just can't let servers get out of line. Bad, bad things happen if you let that go on, files start disappearing, services crash, not good I tell ya, no good at all! To keep the networking gear in line though, we let the routers/firewalls use the first usable addresses in a subnet (could be .1 ... could be .33 - depends on your netmask) that normally keeps them in line.

"Thou shalt never mix clients and server, for if thy do there shall be a great battle, and bring ruin to those that believe they can control them" -BOFH 20:15

"For if thy let the unwashed unfettered access to your most precious resources, ye shall be thrown from the temple of our Gods, and branded - User" -BOFH 16:2

There is no good reason to have a DHCP server on a production network - server build yes, production NO. Client networks, always have DHCP, reservations where you need them (or are required by your auditor!)

"Ye who controls the network allocation makes damn sure it is convientent to him and no one else" -BOFH 1:1

... translated yes use the same host addresses where you can ... everything will be easier.

Solution 2:

Besides all the wise suggestions given here, one that I found useful: for sake of comfort, avoid having the same network as your office or other LANs you might have to connect to (remotely).

This hint greatly improved my VPN life: for example having the same subnet might be annoying when 192.168.0.1 might be your home router and remote server you're trying to fix. Then you'd have to add a manual route through the VPN interface, etc.

For everything else there's Mastercard.