which ips should i use for local network

Posted on 2006-05-17
Last Modified: 2010-03-19
i am just about to setup a brand new win server 2003 computer and network

the problem is i have a network that runs on the ips 192.168.254.?

this new network is to replace the old one but i was thinknig of changing the ips so that nothing got confused in the crossover.

however i am not sure as to the importance of the ip.  i.e. if for instance i pick 192.168.0.? is that just as valid? or even something completely different.  i know i have once seen something on local ips and others but i cannot remember what.

any insight is appreciated


Question by:Marcusw
    LVL 95

    Expert Comment

    by:Lee W, MVP
    Yes, you can pick any range from 192.168.0.x through 192.168.254.x  

    You can also use 10.x.y.z and you can use 172.16-31.x.y

    Any of those are fine.  These are all considered private, non-internet-routable IP addresses.

    Without a router, the two networks won't be able to talk to each other (I don't mean a router like linksys - I mean an expensive Layer 3 or 4 switch or an expensive router from Cisco).
    LVL 5

    Expert Comment

    IP`s come in classes, usually defined by the number of networks versus hosts needed or to support nice features like VPN. Commonly a class C network is used for "local" networks.

    The classes are defined by the first octet of the addres being


    the classes are :

    Class A : [1 - 126].x.x.x
    Class B : [128 - 191].x.x.x
    Class C : [192 - 254].x.x.x

    now there has been a slight "change" in perseption <"wrong word" when router producers started to hand out routers using a 10.0.0 Address. Now we locally support VPN tunnels. To do so we needed a range that wasnt commonly used. Knowing most use something in the range 10.0.0.x or 192.168.x.x we decided to take the 10.252.252.x\24 for the lan, 10.253.253.x\24 for the dmz and 10.253.253.x\24 for the connecting vpn tunnels / clients.

    Up to now this has been a bless.

    But if you want "cross" connectivity you should keep in mind that the network address remains the same

    Current : 192.168.x.x -

    then the new config should be (supporting both ranges)
    Current : 192.168.254.x -
    New     : 192.168.253.x -

    Resulting in a Class B network and emediatly gets confusing because u use a class C address.

    I hope you understand my little tutorial.

    Regards Chris
    LVL 18

    Expert Comment

    lee's approach would work fine, as long as you make sure that the subnet the replacement system uses does NOT overlap with the old one.

    If you need help with subnetting and what addresses fall into the range, here are two sites you can use:

    The importance of the IP addresses is that they don't overlap with anything else and that your have your network configured properly (namely having a router know of that new subnet created). You could use 192.168.1.x if you wanted to, provided your subnet mask had been

    Feel to ask for more info if you need it.
    LVL 13

    Expert Comment

    by:Joseph Hornsey

    This may be a stupid question, but when you say "replace" the old network... do you mean that you're getting rid of the old physical network (hub/switch, cabling, routers, etc.) and moving everybody to a different physical network?

    If not, then just give your new server a different IP address on the same network ID (192.168.254.x) and point your clients to the new server.  I don't think there's a need to jump through all these hoops.  If you go with a different address range, you're going to have to route between the two network IDs, and that's should be unecessary.

    The complicated part is going to be migrating your users off of the old server onto the new one.  When I say "server", I'm assuming that you're currently running an earlier version of Windows Server (2000 or NT).  If that's the case, then you're looking at Active Directory stuff, and that will be the complex part.  If you're willing to keep your existing domain, then it becomes very easy.

    But, I may be misunderstanding your need - if I'm on the right track, then clarify what you're trying to accomplish and we can elaborate.


    Author Comment

    sorry when i said replace the old network i meant that my one of my old DC servers has just died.

    i a secondary server that was a replicate that is kepping me ticking over.

    but my network was setup a long time ago and was badly secured and really had not logical setup.

    so i was going to take this chance to start again. i.e. new server and reconfigure everything.

    i only have 15 users so it shouldn't be to bad to sort and i will then have some control over the network again

    LVL 13

    Accepted Solution


    That makes more sense.  Here's what I would do:

    1. Don't mess with your IP addressing.  It's not necessary.  If you've got connectivity, you're good.  The only reason why I would change things would be because someone used a public address internally, which isn't the case for you.

    2. Go ahead and install the new server on the existing network.  Set up a new Active Directory domain and then set up some trust relationships between the new domain and the old one (external trusts).

    3. Start migrating your users to the new domain, but point them to the resources on the old domain (this is why you need trusts).

    4. Start migrating resources to the new domain and remove them from the old domain.

    5. Once all of the users and all of the resources are in the new domain, remove Active Directory from the existing server and then join it to the new domain.

    6. Promote the existing server back to a domain controller, but this time for the new domain.

    This is VERY summarized.  Before you do any of that, go to Microsoft's site and check out their Active Directory Migration stuff.  They've got tons of docs that will walk you through step-by-step.

    Hope that helps.

    LVL 3

    Expert Comment

    if u have less # of users then it is good to use classc ip addresses
    there r so many tools available for monitoring network
    for e.g ipscanner
    ideal administration
    admin magic
    desktop authority
    there r so many softwares that could be helpful for you

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Join & Write a Comment

    When posting a question about a Cisco ASA, Cisco Router or Cisco Switch, it can aid diagnosis if a suitably sanitised copy of the config is provided. It is much better to leave as much of the configuration as original as possible, as it could be tha…
    Join Greg Farro and Ethan Banks from Packet Pushers ( and Greg Ross from Paessler ( for a discussion about smart network …
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now