[EvanAnderson]

Neither network is very big, to be sure, but there's no earthly reason why such a small school district needs a /21 (or, really, a /23). Nobody is going to deploy an IPv4 network w/o NAT, and their self-hosting needs today are minimal. I support a geographically-adjacent school district w/ about half the enrollment. At the height of self-hosting everything we had fit comfortably in a /28. A /24, to facilitate BGP announcement, would be plenty.

(My judgement is, no doubt, clouded by the fact that, for the size of companies I work with, a /24 would be an embarrassment of riches.)

[zamadatix]

/24 is hardly an "embarassment of riches" as it's the absolute minimum size you can be assigned by a RIR (or advertise on the internet).

You can only use /28s and whatnot when you are using someone else's (usually a carrier's) addresses as part of a larger group in a single route advertisement. In such setups reviewing your DMZ logs probably requires looking at NAT logs, your entire outbound NAT pool being shared amongst all types of traffic, fun with peer ranges causing the block to get blacklisted, and similar friction as a result.

[EvanAnderson]

I am aware that you can't announce anything smaller than a /24. I said, "A /24, to facilitate BGP announcement, would be plenty." I also know that RIR's don't handle allocations that small.

I deal primarily with small businesses who might host a VPN to facilitate access to on-prem systems, perhaps a web server for on-prem web apps, and in the past perhaps an email server. A /24 would be an embarrassment of riches for them.