Solved

netmaks / subnet

Posted on 2008-09-29
16
442 Views
Last Modified: 2008-09-30
I have a network that was badly designed , the ip is something like '192.168.x.x / 255.255.0.0' , i do not see the necessary for such subnet mask , but this is reality, i would like to change this accommodate around 1000 hots , so i find 192.168.x.x / 255.255.252.0 would be a good choice .

again , what is the advantage / disadvantage for moving the subnet from 255.255.0.0 to 255.255.252.0 ? please advise me / guide for best way to expand the network with 1000 hosts / users and to be very efficient , they need to access exchange , some VM servers, domain controller , network share etc.
0
Comment
Question by:Thushya
  • 7
  • 4
  • 4
  • +1
16 Comments
 
LVL 13

Accepted Solution

by:
kdearing earned 250 total points
Comment Utility
Making that change will work.

However, I'm not a fan of more than 200 hosts on one subnet.
I would divide the network into VLANs; either geographically or by function.

Some advantages are:
  Better network performance; smaller broadcast domains
  Easier troubleshooting and management
  Enhanced security
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 250 total points
Comment Utility
The disadvantage of the way it is ....
192.168.x.x is a Class C block but you are using a Class B mask which makes it supernetted, not subnetted and not every TCP/IP stack can handle supernets.

If everything is working today, then why go through the exercise to change that many hosts without a clear plan for actually using subnets and VLAN's to break up those 1000 or so hosts into managable broadcast domains?

As kdearing stated above, you need to plan for dividing the network into vlans, and to do that you need to make sure all of your network infrastructure supports it on all the switches and then you need some Layer3 routing between the vlans, etc..

Each VLAN is any logical grouping of end hosts that can be anywhere in the network that makes sense for that host.
Each VLAN will have its own IP subnet with /24 mask
Layer 3 switch or router provides for traffic flow between vlans - critical!
0
 

Author Comment

by:Thushya
Comment Utility
thank you guys ,I am new to this VLAN  things , Now i have to have more info about the VLAN , i have few floors , the network has a switch on each floor , they all connect to a server room in 4th floor .all pc/users need to access all the servers , some of them need to access 3rd floor pcs etc....how a VLAN switch from floor1 connect to server room in 4th floor ? do i need a router between floor1 and floor4 ?

on the other hand anyone could suggest me good VLAN capable switches / routers ? not the high end expensive ones .

Note:
if i sue a VLAN , then can i keep the same subnet , i mean 255.255.0.0 or i need to change them too ?
0
 
LVL 3

Expert Comment

by:cnjuguna
Comment Utility
be sure to find out more about VLANs before implementing. VLANs can complicate your network. why do you say the network is badly designed? are you experiencing any particular problems? what are you trying to achieve?
0
 

Author Comment

by:Thushya
Comment Utility
well , as i said before 255.255.0.0 makes all host transparent to each other , including all the test domain created via vmware , emulation its own broadcast , i am ending up 10 to 20 test domain listed , etc . to scan the network it takes for ever ....

for 400 hosts , a single host ip with 192.168.0.1 / 255.255.0.0 , is it okay to have such ip setting no impact on the network ?
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
The actual mask used is irrelevant to the broadcast domain. You can run multiple ip subnets on the same network and they can't talk to each other, but this causes other issues, some like you see with the VM testbed.
You may even have vlan support in the switches you have. What brand/model are they?
For good switches you might look at the Adtran Netvanta line. They are comparible to Cisco for about half the price.
You will only need one Layer3 capable switch, you do not need routers everywhere.
0
 
LVL 13

Expert Comment

by:kdearing
Comment Utility
In order to implement VLANs, you need to make sure your switches have that capability.
What type of switches do you have (mfr & model)?

Also assuming you have internet access, you probably have a router or other layer 3 device.
What type of equipment (mfr & model) do you have for internet access?

Is your network a MS Windows AD domain?

What device does your DHCP?
0
 

Author Comment

by:Thushya
Comment Utility
i have some smc and d-link 24 port switches , they are unmanaged switches .I have a pix that does the simple routing .

my network is windows AD domain and the dhcp service comes from pix , i will be moving this to a windows server later .
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
with 400+ hosts growing to 1000 on an unmanaged network, I'd be afraid.. very afraid...
Understand that budgets are tight, but at some point you are going to have to move up to a managed switch solution that supports VLAN's and L3 routing and possibly Power over Ethernet if you ever intend to move to VoIP or have other devices like wireless access points or security cameras that run off PoE.
We can't design the network for you in a forum like this, but we can give you suggestions on what to look for.
I've already mentioned the Adtran Netvanta line and I would recommend them over any other Commodity vendor like DLINK, Netgear, Dell.
2nd in line might be Linksys, only because they are owned by Cisco and will carry the Cisco brand next year.. with all their R&D and support behind it.
0
 

Author Comment

by:Thushya
Comment Utility
Irmoore,
thanks for the valuable input , i am thinking of implementing a VLAN solution .
I have few floors , do i need a manged switch in each floor ? or i can cascade with dumb switches ? I am planing put each floor in one vlan and all of them will be allowed to access the server roon VLANID , no between floors , assuing server room will be another floor .

could you please recommend a good model from Adtran , DELL or CISCO for VLAN capable switches ?
thx
0
 
LVL 13

Expert Comment

by:kdearing
Comment Utility
The Dell PowerConnect switches are a good bang for the buck.
Look at the 3524 & 3548 for managed 10/100 and maybe a 5424 managed gig for your servers.
http://www.dell.com/business/networking

For Linksys:
Look at the SFE series for managed 10/100 and the SGE series for managed gig for the servers.
http://www.linksys.com/servlet/Satellite?c=L_Product_C1&childpagename=US%2FLayout&cid=1134691195123&pagename=Linksys%2FCommon%2FVisitorWrapper&lid=9512361982B05

For Cisco:
Look at the 2950 series for managed 10/100 and the 3750 G series for managed gig
http://www.cisco.com/en/US/products/hw/switches/index.html

For Adtran:
I'll have to defer to lrmoore's expertise.
I haven't used Adtran for awhile, so I'm not familiar with their current products.
0
 

Author Comment

by:Thushya
Comment Utility
dell looks like a good option as money comes into the picture .
Is it better to change ip '192.168.0.1 / 255.255.0.0' or keep as it is just for total hosts around 400s?
0
 
LVL 13

Expert Comment

by:kdearing
Comment Utility
If you are going to divide your network into VLANs, then I would just use a 255.255.255.0 subnet mask.

Something like:
VLAN 1    192.168.1.0 255.255.255.0
VLAN 2    192.168.2.0 255.255.255.0
VLAN 3    192.168.3.0 255.255.255.0
VLAN 4    192.168.4.0 255.255.255.0
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
>dell looks like a good option as money comes into the picture .
You get what you pay for. I would never recommend Dell switches for any business.
You'd be better off with the Linksys
0
 

Author Comment

by:Thushya
Comment Utility
got it , thanks again !
:)
0
 

Author Comment

by:Thushya
Comment Utility
>I would never recommend Dell switches for any business.
You'd be better off with the Linksys<
mm... i see , a friend mine had the same issue wtih dell switches , they went with ciso more expensive , so i better looks for lynksys !
:)
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

AWS has developed and created its highly available global infrastructure allowing users to deploy and manage their estates all across the world through the use of the following geographical components   RegionsAvailability ZonesEdge Locations  Wh…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now