• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 224
  • Last Modified:

Changing from public ip addressing to private (concerns & suggestions)

We have a 30-45 node network with public ip addresses. We plan to change our network over to a private-IP based network. I'm in charge of planning this project and make sure it goes smoothly as well as execute the steps needed to make it happen.

I'm looking for things I should be concerned about, things I should be looking out for and any suggestions.

One of my concerns at this point is making changes in DNS in regards to active directory. When you set up a domain controller, the dns usually gets set up automagically. What will I need to do to reconfigure it?
0
TrinityAssembly
Asked:
TrinityAssembly
1 Solution
 
lavazzzaCommented:
When migrating from a public to private IP addressing scheme there are several things to be aware of.  First, what kind of access, if any, is needed from the public internet into your private network.  Examples here would we Web Servers, Mail Servers, FTP, etc.  Ensure that the nat device you will be utilizing will ensure proper connectivity to whatever servers are necessary for the public to do business with you.

Next, When working with AD, Windows is very weary about the IP addresses of its DC's changing. Follow the instructions here http://technet2.microsoft.com/WindowsServer/en/library/80e432f2-10b6-4768-8a3e-54e357e8fc441033.mspx?mfr=true to change the IP address, then when it looks for DNS, make sure you use the new private IP address of the server hosting DNS (usually itself in a domain of your size).  

As for DNS, I would remove the reverse lookup zone of the current public IP address space and create a new lookup zone for the new private address space.  Allow pointer records to be dynamically created when the host records are and you will have the reverse lookup zone populated almost as fast as DHCP hands out the new information.  

For DHCP, I would remove the current scope and start over,  It's not difficult and that way no mistakes can happen.  

If WINS is involved, delete the exsisting wins lookup zone.  Since WINS is broadcast via NETBIOS, the table will rebuild in notime as well.

That is it in a nutshell,  If you are not currently running DHCP, there are scripts out there that can change via netsh a domain machine from static to dynamic and from there pull down DHCP info.  My guess on the hardest part, or the part that can be a gotcha, is the public to private natting that will occur, please make sure you have gone back and checked all services required by the public.

Good Luck!

Sean
0
 
TrinityAssemblyAuthor Commented:
thanks
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now