remote address space migration for several wan sites without connectivity loss

I'm looking at a customer who needs to migrate from their existing 172.x.x.x space to a 10.x.x.x space. They have several remote locations connected via frame relay. They have admins at the remote sites who can re-ip their servers and desktops but thay want the routers changed over all from the central site. I'm looking for advice on how someone at the central site could reconfig all the remote routers to the new ip space without loosing connectivity back ot the central site in the process. I'm thinking I could use secondary iP addresses on all the wan interfaces to bring up the new ip space then delete the primary ip addresses after all the secondary ip addresses are up and configured. Would appreciate any comments, suggestions, or solutions...

Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

lrmooreConnect With a Mentor Commented:
Assuming you have Cisco routers, why not assign secondary addressing on the router?
You can create a new config that changes the existing LAN ip address from primary to secondary, i.e.

Interface FastEthernet 0/0
 ip address
 ip address secondary

Create it as a new startup config, copy from a tftp server, reboot the router (in the middle of the night if you have to- use command "reload at HH:MM" ), and viola'
Now when your conversion is complete, simply pull out the secondary without losing any connectivity.

pseudocyberConnect With a Mentor Commented:
Copy the configuration to a file.  Modify the file as needed.  Copy the modified configuration back to the router into the NVRAM.  When you're ready, reload with the new configuration.
mikebernhardtConnect With a Mentor Commented:
Whether you can do that will depend on your routing protocol across the WAN links. If you're using dynamic routing like EIGRP or OSPF, the hello packets are sent from the primary address and routing will break if there's a subnet mismatch.

You could put in the secondary addresses, then install floating static routes on both sides pointing to the secondary addresses. Before you can make the dynamic changes you'll have to convert the interfaces so that the secondary address becomes the primary- at that point you may have a connectivity glitch. Then make all of your dynamic routing changes, then remove the static routes again when you see dynamic routing working.

Do get to the far side you'll need to be on the directly connected "central" router and telnet to the secondar address. You should set up a similar scenario in a lab setting and test it, to make sure that you know about any idiosyncracies and have a detailed plan  ahead of time- you don't want to discover them during the migration.
The new generation of project management tools

With’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

Ps.  You SHOULD have Out Of Band management - like to a modem connected to the Aux or Console ports.  You could connect into the router that way and do it by hand.
I would agree with pseudocyber on out of band management- it eliminates the possibility of a problem creating an emergency. Having an emergency person on site to follow emergency config instructions if required could substitute for that, but it can be frustrating if they don't listen well.

My solution was to create no down time for the users at the site. If they are OK with downtime, the floating static routes are not needed. In that case I would
1. Telnet to the router and change the IP address of the remote interface to the new one. You'll lost the telnet session.
2. Change the interface on the central router and adjust routing configuration to the remote site.
3. Telnet back to the remote router at the new address (from the central router), clean up the dynamic routing and verify that it works.
4. Done, no reboots required.
To lrmoore: That will break dynamic routing neighbor relationships, since routers always send hello packets from their primary address. We haven't heard back from the poster yet, but if they are using it, it will be broken until the conversion is completed.
pricemc1Author Commented:
At this time I dont know if they're using any routing protocols or just static routes since I havent been able to see the configs of their routers yet. Given the small environment I'm guessing they're probably just using static routes though.
I would assume that appropriate changes to the routing protocols would also be set up at the same time...
It does not matter if they are using OSPF, EIGRP or statics as long as appropriate configurations are made at the same time...

I don't like rebooting stuff at a remote site because if you have a typo in the new config, or some other problem with the reboot, you're hosed. I have had a lot of luck doing what I suggested in my 10:13 AM comment. You actually don't need to change anything but the 2 IP addresses until you telnet back in from the local side of the link.

If you have someone who can be on site during the work, and you blow your config change, you can just have them reboot the router and you're back to where you started. If you change the startup config and reboot, they have to work with you to determine what the problem is and then fix it.

Murphy's law ALWAYS comes into play when you can least afford it :-{)
All Courses

From novice to tech pro — start learning today.