Hi everyone,
I'm quite confusing on the actual usage of IP Subnetting.
For e.g. my company has around 100 users who come from different departments.
The IP that we are using now, let say is 192.168.1.x/24 throughout the entire company.
If I want to do subnetting for easier management of LAN IP, how does it work actually?
Does the following achieve the IP Subnetting?
192.168.1.x/24 - Account Dept
192.168.2.x/24 - HR Dept
192.168.3.x/24 - Marketing Dept
:
:
etc.
Please advise.
Thank you.
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
Hi altric
The post above is confusing.
The answer to your original post is YES, but isn't normally done just for ease of management.
If you split into different subnets, you'll have to stick more than 1 network card in a computer (normally a server) that can interconnect those subnets.
What is it that you need the ease of management for? Perhaps we can offer a better solution than splitting up your network?
Steve :)
When you say 'easier management of LAN IP' I would say use DHCP.
If you for some reason want to control asignment of IP's you can set up your DHCP-server to reserve IP's to MAC's.
If you have your LAN divided into several networks you will need some sort of routing between these.
One way is as Steve stated to put multiple NIC's in a server, you can use a router or let a layer 3 switch do the routing.
Your subnet of 192.168.1.x/24, for 100 computers, is quite acceptable, and changing to multiple subnets would definitely not make it simpler to manage the network. As suggested by others, you then have to add routers to route packets between the subnets, or add network adapters and routing tables to the server. Then there are also additions and changes to be made to your existing DHCP structure. You need to create and manage multiple scopes, and depending on the configuration, possibly add DHCP servers/routers. Dividing your network into multiple subnets is usually done to isolate network traffic and improve performance on larger networks. Just my 2¢ worth.
Cheers!
IP subnetting's real use is to split up IP address chunks into different sizes before you sell them to a company. This wastes fewer ip addresses because a company with 300 computers would buy a class b address and waste about 60k addresses. with subnetting you divide up the ip into maybe 120 500 ip chunks that can each be sold to a company
it was devised just like NAT to prevent the running out of public IP addresses.
on a relatively small private network (<200) it is pretty much pointless, in my opinion because all it does is create confusion and break up your network.
on your lan what subnetting would do is divide the network into groups that cannot communicate with each other.
This is great from a security standpoint, but good luck managing the network from your laptop in a cozy office you would have to walk to the area of the building to help the users, or do some fancy routing stuff that is a waste of time, or run more cable.
there would have to be one big server or router that has multiple nics and has to be plugged into each subnet.
It is almost equivalent to having one switch for each department that are not conected together, with one server that plugs into each switch.
Will the various depts still able to communicate with each other if I break the LAN network of my company as following without using add in routers instead they all are actually connected back to LAN Switches (Home Run manner)?
192.168.1.x/24 - Account Dept
192.168.2.x/24 - HR Dept
192.168.3.x/24 - Marketing Dept
Please advise.
Thank you.
No afraid not. They will be on different subnets, have different network ID's, and be isolated from one another, unless some form of routing is added to allow them to communicate with one another.
Why do you feel subnetting will make for easier management ? On a small network it will increase management, maintenance, and cost, with little or no performance improvement.
this is what those ppl claims out there...that's why I'm here to find out more.
Anyway, you mentioned that it is not possible for depts to communicate with each other without using router. How about I make some changes as below?
169.10.1.x/16 - Account Dept.
169.10.2.x/16 - HR Dept.
169.10.3.x/16 - Marketing Dept.
Will above breakdown achieve subnetting purpose and will they able to communicate with each other from different dept?
Thank you.
>>"Will above breakdown achieve subnetting purpose and will they able to communicate with each other from different dept?"
No, again afraid these are still different subnets.
A common way of organizing which works well, would be to do something similar to below. However, you need to statically/manually assign IP addresses or create reservations in the DHCP scope.
192.168.123.1 to 19/24 servers
192.168.123.20 to 49/24 printers
192.168.123.50 to 99/24 Account Dept
192.168.123.100 to 149/24 HR Dept
192.168.123.150 to 199/24 Marketing Dept
192.168.123.200 to 254/24 Routers and managed switches
What if VLAN is added into the LAN with IP grouping as below?
169.10.1.x/16 - Account Dept.
169.10.2.x/16 - HR Dept.
169.10.3.x/16 - Marketing Dept.
Is there any performance difference compare to as below?
192.168.123.1 to 19/24 servers
192.168.123.20 to 49/24 printers
192.168.123.50 to 99/24 Account Dept
192.168.123.100 to 149/24 HR Dept
192.168.123.150 to 199/24 Marketing Dept
192.168.123.200 to 254/24 Routers and managed switches
Please advise.
Thank you.
AFAIK it will work if configured correctly, but it really looks like you're complicating the situation. Didn't you start off by saying "subnetting for easier management "?
Is there a reason for splitting up devices into their own subnets? What if one set outgrows it's subnet? What you have here doesn't really cater for future expansion (depending on how many devices you already have).
Steve :)
umm I hope you realise 192.168.123.1 /24 and 192.168.123.254 /24 are on the same subnet. with a 24 bit netmask, it is 255.255.255.0
you would need to have different network addresses to have different subnets, like 192.168.1.1-254, 192.168.2.1-254, 192.168.3.1-254, 192.168.4.1-254... for a 24 bit sumnet mask
or you can use more bits for the netmask, like 25 then you have subnets of 192.168.123.1-126, and 192.168.123.127-254
also that 169 is in the aipa range and those are also all on the same subnet
Thanks sda100, and sorry altric, Wasn't paying attention to the mask....sleep deprived. as discussed yes this will work, but rather large subnet, and this is not putting users in different subnets, it is just allocating them in ranges of IP's in the same subnet as in my above suggestion; "192.168.123.1 to 19/24 servers.....", but using a larger subnet.
Titanium_Sniper, yes of course same subnet. That was my point if there are no routing devices, they have to be. It seems the IP ranges are just wanted for labeling purposes, the same would apply to "
169.10.1.x/16 - Account Dept...."
To add to Titanium_Sniper's comment; "also that 169 is in the aipa range... " in case you didn't get that, you cannot use 169.10.x.x Private networks have a specified set of IP ranges:
192.168.0.0 to 192.168.255.255
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
If you want to use the IP choices described above you can do with a much smaller subnet and still achieve the same goal of different 3rd octets and on the same subnet so you don't need routers, using:
169.10.1.x/22 - Account Dept.
169.10.2.x/22 - HR Dept.
169.10.3.x/22 - Marketing Dept.
Keep in mind though in order put these users in these groups you can only do so by manually assigning IP's or manually creating reservations in DHCP, for each user.
You mention VLAN above, do you have managed switches or routers capable of configuring VLAN's. This would allow you to create segregation within your network, but again a lot more maintenance/configuring for what is really a very small network with no need.
Wow, thanks for all the nice comments. Forgive me that I'm not well-verse in this area.
Yes, I understand that to implement VLAN we must have managed switch.
But does it mean that if we have VLAN, we no longer need the subnetting?
Since VLAN able to group IP Addresses for each dept and segregate network traffic from one dept to each dept. Correct if I'm wrong.
Please advise.
thank you.
>>"Forgive me that I'm not well-verse in this area."
Subnetting, and pros and cons, is a huge topic in itself, don't be concerned.
You might find one of the on-line calculators helpful from time to time.
http://www.subnetmask.info
http://tstools.co.uk/ipcal
The purpose of creating different subnets and thus network segments is to reduce the amount of traffic in a given segment. Believe it or not 100 computers is not a lot and therefore will see little or no improvement in network performance but breaking it up into smaller network segments. However, if you wish to do so you create different subnets to isolate the broadcast traffic, but then allow the appropriate traffic to communicate through routers, or you can connect them using VLANs. Sorry I am not the best one to be explaining VLANs, however you may be able to get the gist of it. So....
>>"But does it mean that if we have VLAN, we no longer need the subnetting?"
to answer your question, as I understand it, you do not need to use different subnets for each VLAN, but it is common practice to do so, for management purposes.
Why do you wish to add the additional cost of VLAN capable switches, and additional management costs? Are you trying to segment for security, performance, or jut labeling purposes?
Business Accounts
Answer for Membership
by: altricPosted on 2006-10-01 at 03:36:55ID: 17637318
Statement derived from other site:
" To subnet a network, extend the natural mask using some of the bits from the host ID portion of the address to create a subnetwork ID. For example, given a Class C network of 204.15.5.0 which has a natural mask of 255.255.255.0, you can create subnets in this manner:
204.15.5.0 - 11001100.00001111.00000101
255.255.255.224 - 11111111.11111111.11111111
--------------------------
204.15.5.0 255.255.255.224 host address range 1 to 30
204.15.5.32 255.255.255.224 host address range 33 to 62
204.15.5.64 255.255.255.224 host address range 65 to 94
204.15.5.96 255.255.255.224 host address range 97 to 126
204.15.5.128 255.255.255.224 host address range 129 to 158
204.15.5.160 255.255.255.224 host address range 161 to 190
204.15.5.192 255.255.255.224 host address range 193 to 222
204.15.5.224 255.255.255.224 host address range 225 to 254
"
What is the difference of subnetting between the original post and the statement above?
Kindly advise.
Thank you.