[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Subnetting IP

Posted on 2009-04-23
19
Medium Priority
?
1,194 Views
Last Modified: 2013-12-09
I have got the range of 10.150.x.x and my subnet mask is 255.255.252.0
now which this subnet mask i can have almost 4 networks, from 10.150.0-4.x. if i give an IP address from range of 10.150.6.1 and my other computer as 10.150.1.1, i can not ping.

i want to make it more, i want to be able to go from 10.150.0 to 20.x and i should be able to comunicate with them.

which subnet mast should i use and how should i subnet this?

Thanks,
0
Comment
Question by:helpdesk93
  • 8
  • 5
  • 3
  • +3
19 Comments
 
LVL 7

Accepted Solution

by:
hau_it earned 1500 total points
ID: 24222448
ok. It is not very clear what you want to do but.
If someone gives the mask 255.255.252.0 it means that you have 10 bits to create subnets. If you want to create subnets with mask 255.255.255.0 then as you correctly said you can create 4 subnets.
The two IPs that you mention 10.150.6.1 and 10.150.1.1 with mask 255.255.255.0 i suppose,  are on different subnets and unless you have a router or device that is routing capable you will not be able to ping between.

In the second part of the question the 10.150.0.0/24 is a network produced from the subnetting. The 10.150.20.0/24 is also another network but those are different networks so you need again a routing device.
Unless you use the first mask 255.255.252.0 without creating subnets, with all other possible solutions you will need a router.

If this suits your needs get the 10.150.0.0/24 and give the pcs the 10.150.0.1 to 10.150.0.254 then you should be able to ping.

Dimitris
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 24222662
try subnet 255.255.0.0
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24225956

The best you could do is 255.255.224.0 which gives you from 10.150.0.0 to 10.150.31.254. The next subnet down (255.255.240.0) would give you 10.150.0.0 to 10.150.15.254 which doesn't cover the range you want.

Of course, all of those hosts would have to be connected to a single network with no routing. Rather a large subnet block for a network with no routing.

Chris
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
LVL 8

Expert Comment

by:halejr1
ID: 24230025
I don't know if I understand you correctly, please clarify the following:

you have established a private network of 10.150.x.y
You currently have (in use) subnet mask of 255.255.252.0
which tells me you have 1022 hosts per network and one host address and one broadcast per network
I need to know what Y is to determine which "Network" you are one, as the third OCTET is in the Networks realm of your subnet schema based on the first 6 bits of that octet..

Also please be more clear as to what you are trying to accomplish.  Are you having difficulty talking to host on another network or another host IP address?

what are the parameters on the router, i.e. IP Address, Subnet Mask, DFG, etc.

If these hosts are on different networks please provide ip configs of both routers.
0
 
LVL 8

Expert Comment

by:halejr1
ID: 24230032
sorry, mistyped...

I said: "I need to know what Y is to determine which....."  

I should have said: "I need to know what X is to determine which....."

X and Y being 10.150."X". "Y"

Thanks.
0
 
LVL 8

Expert Comment

by:halejr1
ID: 24230041
Also unless I misunderstood "again!" based on your subnetting schema you can have 16382 networks, with 1022 hosts per network.
0
 
LVL 8

Expert Comment

by:halejr1
ID: 24230256
after re-reading your post a couple of times it is more clear to me what you are doing ...

with your current subnet mask (22bit) your networks and hosts would be as follows:

10.150.0.x through 10.150.3.254
10.150.4.x through 10.150.7.254
10.150.8.x through 10.150.11.254
10.150.12.x through 10.150.15.254
and so on and so on......

sorry for the confusion I did not read your problem clearly.

so if you place your hosts within the ranges above, you will be in good shape and should be able to communicate.

So you can either leave your subnetting the way that it is and place computers in their respective network ranges, or you could change / modify your subnet schema and simply drop the last octet and have a 16 bit subnet mask, then your hosts from the following would be on a contiguous subnet:

10.150.0.1 through 10.150.255.254 which is a total of 65534 hosts.

0
 

Author Comment

by:helpdesk93
ID: 24230936
Thanks Chris den and halejr1,

let me make it a little more clear,

in fact, in our main office we have our DHCP 10.150.1.1-10.150.3.254 and the subnet mask is 255.255.252.0.......computers within this range can ping each other and communicate.

BUT, this is range is not enough for us.........first of all i want to make it more like i want to make it from 10.150.1.1 to 10.150.25.255.........my question is how i can make iit this way ? which subnet mask should i use? and will they communicate with each other?

the fact is that currenly the DHCP range we have (10.150.1.1-10.150.3.254) is enough for all our users and office, the reason i want to expand it to go till 10.150.25.254 is that i want to make VLANs. I want to give each and every one of the sub offices or departments in seperate VLANs and they should have seperate range. for instance our Flight office should have the range of 10.150.6.x.......the Administration office have the range of 10.150.7.x.........the Engineering department have the range of 10.150.8.x......the irrigation department have the range of 10.150.9.x...........Guest house one have the range of 10.150.10.x.......Guest house two have the range of 10.150.11.x.........and so on.

and all these ranges that i give to each department or building should be able to communicate with each other, without any router.

i think it is clear .........!!!!!
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24231511

> which subnet mask should i use? and will they communicate with each other?

The smallest Subnet Mask you can use that covers that range is this:

255.255.224.0

That gives you from 10.150.0.0 to 10.150.31.255 (or 10.150.0.1 to 10.150.31.254 usable).

But..

> is that i want to make VLANs

Now you have routing because VLANs introduces separation between networks. As such one big mask is no help. For the separate ranges it would be:

Flight: 10.150.6.0 255.255.255.0
Administration: 10.150.7.0 255.255.255.0
Engineering: 10.150.8.0 255.255.255.0
Irrigation: 10.150.9.0 255.255.255.0
Guest One: 10.150.10.0 255.255.255.0
Guest Two: 10.150.11.0 255.255.255.0

Each is a separate subnet, and each operates on a separate VLAN. Something must provide the routing between those VLANs for this to be a successful scheme.

If you don't want any routing, then you want to avoid using VLANs.

Chris
0
 

Author Comment

by:helpdesk93
ID: 24231630
Chris, i got the first phase that you suggested the 255.255.224.0 that way i can go to 10.150.31.254

the second phase about VLANs you suggest the 255.255.255.0 subnet mask, will this subnet mast communicate with the 255.255.224.0 ?

If no, then what should i do in order for them to communicate?
secondly, the reason as i said i wanted to expand my range from 255.255.252.0 to 255.255.224.0 was to get more ranges.

0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24231646

> If no, then what should i do in order for them to communicate?

You need something to route traffic between subnets. But if you were separating portions of your network using VLANs you would have to expect that.

> secondly, the reason as i said i wanted to expand my range from 255.255.252.0 to
> 255.255.224.0 was to get more ranges.

That gives you a bigger range, not more ranges.

Where do you want the boundaries of your Broadcast domain, subnet, or whatever you prefer to call it to be?

If there's no routing, then a single subnet using 255.255.224.0 is the way to go.

If you have routing each separate VLAN needs a range to match usage, if there are no more than 254 hosts per VLAN then a mask of 255.255.255.0 works. However, you would require something to route between each VLAN.

> the second phase about VLANs you suggest the 255.255.255.0 subnet mask, will this
> subnet mast communicate with the 255.255.224.0 ?

Not really, not if the smaller subnet is part of the larger subnet. Either you expand the current range, and have all machines on a single subnet. Or you bring in VLANs and the associated routing and split it up into smaller subnets.

You can mix the two, but you would use subnets for the VLANs outside of the current range and route between the main subnet and the VLAN.

Chris
0
 
LVL 8

Expert Comment

by:halejr1
ID: 24231924
helpdesk---

If you are going to be providing v'an's why not segment your network into "24bit" subnetmasks, i.e. 255.255.255.0 and that would provide 254 hosts per vlan, and simply route between those vlans.  It would be easier to manage, and your segmentation would be readily defined.

If you create a huge "network" or broadcast domain with a 255.255.244.x subnetmask, I think you will be less efficient--  

You simply set your layer 3 device (router) with sub-interfaces, for each subnet and you can have one interface doing the routing on all vlans.  And you don't have to setup vlans your not ready to use yet.

for instance if you were going to do this:
10.150.8.x / 24 - accounting
10.150.9.x / 24 - procurement
10.150.10.x / 24 - HR
10.150.11.x / 24 - IT
10.150.12.x /24 - field staff
10.150.99.x /24 - Resources
etc. etc

and simply add your vlan's as needed, by merely creating additional sub-interfaces.  as for DHCP, you can create multiple scopes on one server to provide DHCP across multiple networks.  Or, if you feel it necessary, you can place a DHCP server on each subnet.  Your choice depending on available resources and how simple or complex you choose to make it.

Good Luck
0
 

Author Comment

by:helpdesk93
ID: 24257319
Thanks Halejr and Chris,

in face i read both of your reply, i appreciate it. it was easier to get Halejr.

Halejr, lets suppose i get the 24 bit 255.255.255.0 and each one range for each of the offices like 10.150.8.x for accounting and 10.150.9.x for procurement and etc....

some questions here:
if i want to make them through VLANs, like in accounting office i have one Cisco 2960 series switch where i make VLan and give them the range of 10.150.8.x. and in Procurement i have another Cisco 2960 series swithch that i make Vlan and givem them the range of 10.150.0.9. and this way to all our offices.
now, how will each office get the IP address in the range of of thier VLANs for example if someone in procurement plugs his computer to network, how will he get IP? shall make DHCP on the switch of the procurement?

and how will i route the VLANS of all offices to each other, if i don't have a route can i do it through switches?


second thing,
just as said if i don't go with VLANs, how can i assign 10.150.8.x to accounting and 10.150.9.x to procurement from one DHCP server? i don't want to put seperte DHCP servers in each of the offices it is a waste. so how can i have all them lets say 15 different ranges for different offices in one DHCP server?

like if someone in HR plugs his computer, how will he get the IP from range of 10.150.0.10?

thanks,
0
 
LVL 10

Expert Comment

by:lanboyo
ID: 24274372
The Cisco 2960does not support a routing code, so you have some issues. I assume you have a router, somewhere, unless this is one big standalone network. Wherever this router is, you need to configure its connection to the switches as however many interfaces as  you have vlans. The ip address on this router in the vlan is what you configure the dhcp scope gateway as.

You can either configure the dhcp scopes on this router, or you can configure as many different scopes on the dhcp server as you have vlans.

You then configure the router to pass dhcp to the remote dhcp server using the ip helper command or the dhcp relay command.  The dhcp server will see the request coming in from a particular network and will hand the correct ip and such back to the router, which will relay it back to the computer.

If you really don't have a router, or a switch capable of running routing code. like a 3550,   then all I can think to do is configure the dhcp server to hand out ip addresses by assigning the ips to manually configured mac/ip address pairs. Which is a nightmare. By definition, you will need to put all of the offices in the same network range and vlan if you don't have a router.


0
 

Author Comment

by:helpdesk93
ID: 24276817
Thanks lanboyo, which series of router do you recommend that i get?

so you mean that i should have one router that should have several interfaces, on each interface i configure a VLN and connect one office in it, then configure DHCP on that VLAN, right?

i just didn't get the last part that you said the DHCP from router will then communicate to the DHCP server? how?

Thanks,
0
 
LVL 8

Expert Comment

by:halejr1
ID: 24276953
helpdesk... first things first .. what environment are you supporting and does it include an AD infrastructure?

when you talk about your odepartments it sounds like some may be not on the same campus -- is this correct???

What layer 3 device are you planning to use?

I recommend you use a windows DHCP server, where you can create multiple scopes.  in lieu of having a dhcp server on all segments, you can provide for forwarding so the DHCP server will answer all DHCP requests from any givin subnet.  Also, you could configure 2 DHCP servers with duplicate scopes to provide for failover / etc.  and provide IP helper address on your router interface to allow the clients to get to the dhcp server.  

Here is a best practices link:
http://technet.microsoft.com/en-us/library/cc780311.aspx

Answer my questions a the beginning so I don't have any unknowns and I'll help you as best I can.....
0
 

Author Comment

by:helpdesk93
ID: 24277634
Thanks, in face we are going to AD, we were in a workgoup envirnment and recently we have done almost 70% of the computers joined to the AD.

The departments i am talking about are not in sites right now, they are all located in one location one place............while in future we will have site offices too, that i want to go with same range........like i want to have my main office in NY to have the range from 10.150.0.x to 10.150.15.x and then i want my NJ office to be in the range of 10.150.16.x...........my Washington office to be in the range of 10.150.17.x

then i will have site to site VPN established, so the AD from all the sites can replicate to the NY DC, please correct me if i am wrong. i want to have such a thing..

also in NY office that is my main office, i will have a DHCP server that will assign different ranges of IP to my different departments,like for IT dept it should assign 10.150.1.x, for accounting 10.150.2.x, for procurement 10.150.3.x and so on...........can one DHCP server assing different ranges? will need to do anything on the router or switches?

thanks,
.
0
 
LVL 8

Expert Comment

by:halejr1
ID: 24360865
helpdesk... be careful.  I don't know if  I understand your approach, but if you are planning on creating a HUGE broadcast domain, i.e. 255.255.244.0 SNM, your going to have a problem bridging all those hosts together.  especially if they are in a Large Campus area.  

You may make it more complex thinking your making it more simple.  

Segmentation is not a bad thing... it's a simpler approach to management too.    If you have a problem in a large broadcast domain, you will likely impact the entire domain.  If you segment, in most cases your problems may be isolated from their place of origin.  

if you don't undertand routing and you have some money in budget for this "project" include a couple of thousand for a good network engineer to consult and advise you.  Don't try to be the end all beat all expert.  It could cost you in the long run months later when a knowledgeable professional comes in and asks... "how in the H#%% did this happen?????"

good luck.
0
 
LVL 8

Expert Comment

by:halejr1
ID: 24360875
PS.. all those "hosts" in each segment, the only thing I can think of is your either an administrator for the government - (large, large offices with too many people with no supervision) or the federal penitentiary and they are giving all prisonoers PC's for their cells?

just kidding....:)
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Please see preceding article here: http://www.experts-exchange.com/Networking/Operating_Systems/A_11209-Root-Bridge-Election.html Figure 1 After Root Bridge has been elected, then what?..... Let's start by defining a Root Port in la…
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question