Solved

remote address space migration for several wan sites without connectivity loss

Posted on 2004-04-08
9
234 Views
Last Modified: 2010-04-17
I'm looking at a customer who needs to migrate from their existing 172.x.x.x space to a 10.x.x.x space. They have several remote locations connected via frame relay. They have admins at the remote sites who can re-ip their servers and desktops but thay want the routers changed over all from the central site. I'm looking for advice on how someone at the central site could reconfig all the remote routers to the new ip space without loosing connectivity back ot the central site in the process. I'm thinking I could use secondary iP addresses on all the wan interfaces to bring up the new ip space then delete the primary ip addresses after all the secondary ip addresses are up and configured. Would appreciate any comments, suggestions, or solutions...

Thanks,
pricemc1
0
Comment
Question by:pricemc1
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 27

Assisted Solution

by:pseudocyber
pseudocyber earned 40 total points
ID: 10785075
Copy the configuration to a file.  Modify the file as needed.  Copy the modified configuration back to the router into the NVRAM.  When you're ready, reload with the new configuration.
0
 
LVL 28

Assisted Solution

by:mikebernhardt
mikebernhardt earned 160 total points
ID: 10785136
Whether you can do that will depend on your routing protocol across the WAN links. If you're using dynamic routing like EIGRP or OSPF, the hello packets are sent from the primary address and routing will break if there's a subnet mismatch.

You could put in the secondary addresses, then install floating static routes on both sides pointing to the secondary addresses. Before you can make the dynamic changes you'll have to convert the interfaces so that the secondary address becomes the primary- at that point you may have a connectivity glitch. Then make all of your dynamic routing changes, then remove the static routes again when you see dynamic routing working.

Do get to the far side you'll need to be on the directly connected "central" router and telnet to the secondar address. You should set up a similar scenario in a lab setting and test it, to make sure that you know about any idiosyncracies and have a detailed plan  ahead of time- you don't want to discover them during the migration.
0
 
LVL 27

Expert Comment

by:pseudocyber
ID: 10785164
Ps.  You SHOULD have Out Of Band management - like to a modem connected to the Aux or Console ports.  You could connect into the router that way and do it by hand.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 10785316
I would agree with pseudocyber on out of band management- it eliminates the possibility of a problem creating an emergency. Having an emergency person on site to follow emergency config instructions if required could substitute for that, but it can be frustrating if they don't listen well.

My solution was to create no down time for the users at the site. If they are OK with downtime, the floating static routes are not needed. In that case I would
1. Telnet to the router and change the IP address of the remote interface to the new one. You'll lost the telnet session.
2. Change the interface on the central router and adjust routing configuration to the remote site.
3. Telnet back to the remote router at the new address (from the central router), clean up the dynamic routing and verify that it works.
4. Done, no reboots required.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 79

Accepted Solution

by:
lrmoore earned 50 total points
ID: 10786342
Assuming you have Cisco routers, why not assign secondary addressing on the router?
You can create a new config that changes the existing LAN ip address from primary to secondary, i.e.

Interface FastEthernet 0/0
 ip address 10.10.10.1 255.255.255.0
 ip address 172.17.18.1 255.255.255.0 secondary

Create it as a new startup config, copy from a tftp server, reboot the router (in the middle of the night if you have to- use command "reload at HH:MM" ), and viola'
Now when your conversion is complete, simply pull out the secondary without losing any connectivity.

0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 10786393
To lrmoore: That will break dynamic routing neighbor relationships, since routers always send hello packets from their primary address. We haven't heard back from the poster yet, but if they are using it, it will be broken until the conversion is completed.
0
 

Author Comment

by:pricemc1
ID: 10786633
At this time I dont know if they're using any routing protocols or just static routes since I havent been able to see the configs of their routers yet. Given the small environment I'm guessing they're probably just using static routes though.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 10786656
I would assume that appropriate changes to the routing protocols would also be set up at the same time...
It does not matter if they are using OSPF, EIGRP or statics as long as appropriate configurations are made at the same time...


0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 10787901
I don't like rebooting stuff at a remote site because if you have a typo in the new config, or some other problem with the reboot, you're hosed. I have had a lot of luck doing what I suggested in my 10:13 AM comment. You actually don't need to change anything but the 2 IP addresses until you telnet back in from the local side of the link.

If you have someone who can be on site during the work, and you blow your config change, you can just have them reboot the router and you're back to where you started. If you change the startup config and reboot, they have to work with you to determine what the problem is and then fix it.

Murphy's law ALWAYS comes into play when you can least afford it :-{)
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

This article is a guide to configure bridging on Cisco Routers.  This is something I never knew was possible until after making a few phone calls to Cisco.  Using bridging saved our company money by not requiring us to purchase a new switch.  Bridgi…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now