AD domain running out of IPs  Best way to increase

Posted on 2006-03-20
Last Modified: 2008-01-16
I have a site running W2K SP3 that will soon be upgraded to W2K3 AD.  I am very low on IP address space.  What is the cleanest way to increase the address space.

If I could add one more item into this from another site only because it is aliong the same lines.  That is I have a W2K SP3 AD domain with a subnet of and they are out of address space.  

Actually have other issues as well dealing with the routing side and the firewall which is a bigger mess.  If I change the mask my current VPNs will break and need to be recreated.

Thoughts and the best way to do this.  



Question by:dcohn
    LVL 95

    Accepted Solution

    Add subnets.  You will need a router though.  And I don't mean something like a Linksys Cable/DSL router.

    I worked in a network environment with over 1500 nodes... we were always subnetted, no real problems.
    LVL 2

    Expert Comment

    Hi dcohn,

    Or if you cannot afford the expense of a new router + cabling etc you can give what MS suggests is the best way:
    (exerpt from MS  Q255999)
    Resubnetting is the recommended procedure for increasing a DHCP scope when the current scope has entirely consumed the current subnet mask. However, this method requires you to change all subnet hosts and gateways. If you have an address range that has run out of available host addresses, you may be able to change the subnet mask to include a larger share of host addresses. However, simply changing the subnet mask requires that all routers and other statically assigned computers be reconfigured and all DHCP clients have renewed their lease obtaining the new parameters.

    Additionally, the entire DHCP scope or scopes must first be deleted and then re-created using the new subnet mask. The potential for duplicate addresses exists during this period if you do not take steps to prevent leasing addresses that other clients may use. Despite all of the aforementioned caveats, resubnetting is still the recommended procedure. The resubnetting configuration creates no additional overhead on the subnet routers or gateways, and keeps all hosts on the same broadcast address.

    The following example shows a depleted subnet with the following settings:
    Subnet Address:
    Subnet Mask:
    This yields a network of 254 hosts with addresses from to 1921.68.1.254.

    The following example shows the result if you use the resubnetting option:
    Subnet Address:
    Subnet Mask:
    You now have a network of 510 hosts with addresses from to (for scope, or 256 newly available DHCP addresses.


    There are other ways such as SuperNetting (see link provided for full details) but personally I would just Re-subnet the whole lot.  Just remember to change all router and all other static devices (servers, managed switches, Private vpn connections etc).  Also remember to delete all old DHCP scopes and re-create them with the new info, ending finally with a renew of all DHCP clients.

    LVL 15

    Expert Comment

    LVL 3

    Author Comment

    Subnetting would be simpler.  it seems and I have the routers.  How do I deal with DHCP?  Just add a new scope?

    I must say though that I always hated subnets compared to a flat network as far as sease of administration.

    My question was not the understanding of networking but what I change on my servers and how it affects DNS , DHCP etc.

    Deleting all the scopes is NUTS.  This network has currently has lots of statis IPs and reservations and other slop like that.  I inherited this and I am a remote management consultant.  I have a set budget and do everythinmg from the outside.  I charge by the hour but must stay under X hours per week.  (15 or so).  That includes supporting the end users via a helpdesk we installed etc etc.

    So changing masks is not an option if It requires trashing the DHCP scopes as it is too time consuming.  I have several Cisco's 2620's as we have a T1 and some PTP's to the other offices.

    I wanted to know how it will affect AD if I changed the netmask or added a subnet.  Do I need to add the subnet to AD sites and services?  

    Also this Superscope thing seems really wacky.  What is that about and this is so unclear on Microsoft's site.  How is  related to the rest of this convulted mess.  This is very weird stuff and is certainly NOT what I am doing.  I just want to add IPs.  Damn

    The following example shows the results if you use the superscoping option:
    Subnet Address: and
    Subnet Mask:
    You now have two networks of 254 hosts (508 hosts total) with addresses from to and to, or 254 newly available DHCP addresses.

    ----- and
    LVL 2

    Assisted Solution

    Once the router is configured for the new subnet, add a new DHCP scope for the new subnet and add the new "site" in AD.

    That should be it.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    Great sound, comfort and fit, excellent build quality, versatility, compatibility. These are just some of the many reasons for choosing a headset from Sennheiser.
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now