We help IT Professionals succeed at work.

AD domain running out of IPs  Best way to increase

dcohn asked
Medium Priority
Last Modified: 2008-01-16
I have a site running W2K SP3 that will soon be upgraded to W2K3 AD.  I am very low on IP address space.  What is the cleanest way to increase the address space.

If I could add one more item into this from another site only because it is aliong the same lines.  That is I have a W2K SP3 AD domain with a subnet of and they are out of address space.  

Actually have other issues as well dealing with the routing side and the firewall which is a bigger mess.  If I change the mask my current VPNs will break and need to be recreated.

Thoughts and the best way to do this.  



Watch Question

Technology and Business Process Advisor
Most Valuable Expert 2013
Add subnets.  You will need a router though.  And I don't mean something like a Linksys Cable/DSL router.

I worked in a network environment with over 1500 nodes... we were always subnetted, no real problems.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Hi dcohn,

Or if you cannot afford the expense of a new router + cabling etc you can give what MS suggests is the best way:
(exerpt from MS  Q255999)
Resubnetting is the recommended procedure for increasing a DHCP scope when the current scope has entirely consumed the current subnet mask. However, this method requires you to change all subnet hosts and gateways. If you have an address range that has run out of available host addresses, you may be able to change the subnet mask to include a larger share of host addresses. However, simply changing the subnet mask requires that all routers and other statically assigned computers be reconfigured and all DHCP clients have renewed their lease obtaining the new parameters.

Additionally, the entire DHCP scope or scopes must first be deleted and then re-created using the new subnet mask. The potential for duplicate addresses exists during this period if you do not take steps to prevent leasing addresses that other clients may use. Despite all of the aforementioned caveats, resubnetting is still the recommended procedure. The resubnetting configuration creates no additional overhead on the subnet routers or gateways, and keeps all hosts on the same broadcast address.

The following example shows a depleted subnet with the following settings:
Subnet Address:
Subnet Mask:
This yields a network of 254 hosts with addresses from to 1921.68.1.254.

The following example shows the result if you use the resubnetting option:
Subnet Address:
Subnet Mask:
You now have a network of 510 hosts with addresses from to (for scope, or 256 newly available DHCP addresses.


There are other ways such as SuperNetting (see link provided for full details) but personally I would just Re-subnet the whole lot.  Just remember to change all router and all other static devices (servers, managed switches, Private vpn connections etc).  Also remember to delete all old DHCP scopes and re-create them with the new info, ending finally with a renew of all DHCP clients.





Subnetting would be simpler.  it seems and I have the routers.  How do I deal with DHCP?  Just add a new scope?

I must say though that I always hated subnets compared to a flat network as far as sease of administration.

My question was not the understanding of networking but what I change on my servers and how it affects DNS , DHCP etc.

Deleting all the scopes is NUTS.  This network has currently has lots of statis IPs and reservations and other slop like that.  I inherited this and I am a remote management consultant.  I have a set budget and do everythinmg from the outside.  I charge by the hour but must stay under X hours per week.  (15 or so).  That includes supporting the end users via a helpdesk we installed etc etc.

So changing masks is not an option if It requires trashing the DHCP scopes as it is too time consuming.  I have several Cisco's 2620's as we have a T1 and some PTP's to the other offices.

I wanted to know how it will affect AD if I changed the netmask or added a subnet.  Do I need to add the subnet to AD sites and services?  

Also this Superscope thing seems really wacky.  What is that about and this is so unclear on Microsoft's site.  How is  related to the rest of this convulted mess.  This is very weird stuff and is certainly NOT what I am doing.  I just want to add IPs.  Damn

The following example shows the results if you use the superscoping option:
Subnet Address: and
Subnet Mask:
You now have two networks of 254 hosts (508 hosts total) with addresses from to and to, or 254 newly available DHCP addresses.

----- and
Once the router is configured for the new subnet, add a new DHCP scope for the new subnet and add the new "site" in AD.

That should be it.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.