helpdesk93
asked on
Subnetting IP
I have got the range of 10.150.x.x and my subnet mask is 255.255.252.0
now which this subnet mask i can have almost 4 networks, from 10.150.0-4.x. if i give an IP address from range of 10.150.6.1 and my other computer as 10.150.1.1, i can not ping.
i want to make it more, i want to be able to go from 10.150.0 to 20.x and i should be able to comunicate with them.
which subnet mast should i use and how should i subnet this?
Thanks,
now which this subnet mask i can have almost 4 networks, from 10.150.0-4.x. if i give an IP address from range of 10.150.6.1 and my other computer as 10.150.1.1, i can not ping.
i want to make it more, i want to be able to go from 10.150.0 to 20.x and i should be able to comunicate with them.
which subnet mast should i use and how should i subnet this?
Thanks,
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
omarfarid
try subnet 255.255.0.0
The best you could do is 255.255.224.0 which gives you from 10.150.0.0 to 10.150.31.254. The next subnet down (255.255.240.0) would give you 10.150.0.0 to 10.150.15.254 which doesn't cover the range you want.
Of course, all of those hosts would have to be connected to a single network with no routing. Rather a large subnet block for a network with no routing.
Chris
I don't know if I understand you correctly, please clarify the following:
you have established a private network of 10.150.x.y
You currently have (in use) subnet mask of 255.255.252.0
which tells me you have 1022 hosts per network and one host address and one broadcast per network
I need to know what Y is to determine which "Network" you are one, as the third OCTET is in the Networks realm of your subnet schema based on the first 6 bits of that octet..
Also please be more clear as to what you are trying to accomplish. Are you having difficulty talking to host on another network or another host IP address?
what are the parameters on the router, i.e. IP Address, Subnet Mask, DFG, etc.
If these hosts are on different networks please provide ip configs of both routers.
you have established a private network of 10.150.x.y
You currently have (in use) subnet mask of 255.255.252.0
which tells me you have 1022 hosts per network and one host address and one broadcast per network
I need to know what Y is to determine which "Network" you are one, as the third OCTET is in the Networks realm of your subnet schema based on the first 6 bits of that octet..
Also please be more clear as to what you are trying to accomplish. Are you having difficulty talking to host on another network or another host IP address?
what are the parameters on the router, i.e. IP Address, Subnet Mask, DFG, etc.
If these hosts are on different networks please provide ip configs of both routers.
sorry, mistyped...
I said: "I need to know what Y is to determine which....."
I should have said: "I need to know what X is to determine which....."
X and Y being 10.150."X". "Y"
Thanks.
I said: "I need to know what Y is to determine which....."
I should have said: "I need to know what X is to determine which....."
X and Y being 10.150."X". "Y"
Thanks.
Also unless I misunderstood "again!" based on your subnetting schema you can have 16382 networks, with 1022 hosts per network.
after re-reading your post a couple of times it is more clear to me what you are doing ...
with your current subnet mask (22bit) your networks and hosts would be as follows:
10.150.0.x through 10.150.3.254
10.150.4.x through 10.150.7.254
10.150.8.x through 10.150.11.254
10.150.12.x through 10.150.15.254
and so on and so on......
sorry for the confusion I did not read your problem clearly.
so if you place your hosts within the ranges above, you will be in good shape and should be able to communicate.
So you can either leave your subnetting the way that it is and place computers in their respective network ranges, or you could change / modify your subnet schema and simply drop the last octet and have a 16 bit subnet mask, then your hosts from the following would be on a contiguous subnet:
10.150.0.1 through 10.150.255.254 which is a total of 65534 hosts.
with your current subnet mask (22bit) your networks and hosts would be as follows:
10.150.0.x through 10.150.3.254
10.150.4.x through 10.150.7.254
10.150.8.x through 10.150.11.254
10.150.12.x through 10.150.15.254
and so on and so on......
sorry for the confusion I did not read your problem clearly.
so if you place your hosts within the ranges above, you will be in good shape and should be able to communicate.
So you can either leave your subnetting the way that it is and place computers in their respective network ranges, or you could change / modify your subnet schema and simply drop the last octet and have a 16 bit subnet mask, then your hosts from the following would be on a contiguous subnet:
10.150.0.1 through 10.150.255.254 which is a total of 65534 hosts.
ASKER
Thanks Chris den and halejr1,
let me make it a little more clear,
in fact, in our main office we have our DHCP 10.150.1.1-10.150.3.254 and the subnet mask is 255.255.252.0.......comput
BUT, this is range is not enough for us.........first of all i want to make it more like i want to make it from 10.150.1.1 to 10.150.25.255.........my question is how i can make iit this way ? which subnet mask should i use? and will they communicate with each other?
the fact is that currenly the DHCP range we have (10.150.1.1-10.150.3.254) is enough for all our users and office, the reason i want to expand it to go till 10.150.25.254 is that i want to make VLANs. I want to give each and every one of the sub offices or departments in seperate VLANs and they should have seperate range. for instance our Flight office should have the range of 10.150.6.x.......the Administration office have the range of 10.150.7.x.........the Engineering department have the range of 10.150.8.x......the irrigation department have the range of 10.150.9.x...........Guest
and all these ranges that i give to each department or building should be able to communicate with each other, without any router.
i think it is clear .........!!!!!
let me make it a little more clear,
in fact, in our main office we have our DHCP 10.150.1.1-10.150.3.254 and the subnet mask is 255.255.252.0.......comput
BUT, this is range is not enough for us.........first of all i want to make it more like i want to make it from 10.150.1.1 to 10.150.25.255.........my question is how i can make iit this way ? which subnet mask should i use? and will they communicate with each other?
the fact is that currenly the DHCP range we have (10.150.1.1-10.150.3.254) is enough for all our users and office, the reason i want to expand it to go till 10.150.25.254 is that i want to make VLANs. I want to give each and every one of the sub offices or departments in seperate VLANs and they should have seperate range. for instance our Flight office should have the range of 10.150.6.x.......the Administration office have the range of 10.150.7.x.........the Engineering department have the range of 10.150.8.x......the irrigation department have the range of 10.150.9.x...........Guest
and all these ranges that i give to each department or building should be able to communicate with each other, without any router.
i think it is clear .........!!!!!
> which subnet mask should i use? and will they communicate with each other?
The smallest Subnet Mask you can use that covers that range is this:
255.255.224.0
That gives you from 10.150.0.0 to 10.150.31.255 (or 10.150.0.1 to 10.150.31.254 usable).
But..
> is that i want to make VLANs
Now you have routing because VLANs introduces separation between networks. As such one big mask is no help. For the separate ranges it would be:
Flight: 10.150.6.0 255.255.255.0
Administration: 10.150.7.0 255.255.255.0
Engineering: 10.150.8.0 255.255.255.0
Irrigation: 10.150.9.0 255.255.255.0
Guest One: 10.150.10.0 255.255.255.0
Guest Two: 10.150.11.0 255.255.255.0
Each is a separate subnet, and each operates on a separate VLAN. Something must provide the routing between those VLANs for this to be a successful scheme.
If you don't want any routing, then you want to avoid using VLANs.
Chris
ASKER
Chris, i got the first phase that you suggested the 255.255.224.0 that way i can go to 10.150.31.254
the second phase about VLANs you suggest the 255.255.255.0 subnet mask, will this subnet mast communicate with the 255.255.224.0 ?
If no, then what should i do in order for them to communicate?
secondly, the reason as i said i wanted to expand my range from 255.255.252.0 to 255.255.224.0 was to get more ranges.
the second phase about VLANs you suggest the 255.255.255.0 subnet mask, will this subnet mast communicate with the 255.255.224.0 ?
If no, then what should i do in order for them to communicate?
secondly, the reason as i said i wanted to expand my range from 255.255.252.0 to 255.255.224.0 was to get more ranges.
> If no, then what should i do in order for them to communicate?
You need something to route traffic between subnets. But if you were separating portions of your network using VLANs you would have to expect that.
> secondly, the reason as i said i wanted to expand my range from 255.255.252.0 to
> 255.255.224.0 was to get more ranges.
That gives you a bigger range, not more ranges.
Where do you want the boundaries of your Broadcast domain, subnet, or whatever you prefer to call it to be?
If there's no routing, then a single subnet using 255.255.224.0 is the way to go.
If you have routing each separate VLAN needs a range to match usage, if there are no more than 254 hosts per VLAN then a mask of 255.255.255.0 works. However, you would require something to route between each VLAN.
> the second phase about VLANs you suggest the 255.255.255.0 subnet mask, will this
> subnet mast communicate with the 255.255.224.0 ?
Not really, not if the smaller subnet is part of the larger subnet. Either you expand the current range, and have all machines on a single subnet. Or you bring in VLANs and the associated routing and split it up into smaller subnets.
You can mix the two, but you would use subnets for the VLANs outside of the current range and route between the main subnet and the VLAN.
Chris
helpdesk---
If you are going to be providing v'an's why not segment your network into "24bit" subnetmasks, i.e. 255.255.255.0 and that would provide 254 hosts per vlan, and simply route between those vlans. It would be easier to manage, and your segmentation would be readily defined.
If you create a huge "network" or broadcast domain with a 255.255.244.x subnetmask, I think you will be less efficient--
You simply set your layer 3 device (router) with sub-interfaces, for each subnet and you can have one interface doing the routing on all vlans. And you don't have to setup vlans your not ready to use yet.
for instance if you were going to do this:
10.150.8.x / 24 - accounting
10.150.9.x / 24 - procurement
10.150.10.x / 24 - HR
10.150.11.x / 24 - IT
10.150.12.x /24 - field staff
10.150.99.x /24 - Resources
etc. etc
and simply add your vlan's as needed, by merely creating additional sub-interfaces. as for DHCP, you can create multiple scopes on one server to provide DHCP across multiple networks. Or, if you feel it necessary, you can place a DHCP server on each subnet. Your choice depending on available resources and how simple or complex you choose to make it.
Good Luck
If you are going to be providing v'an's why not segment your network into "24bit" subnetmasks, i.e. 255.255.255.0 and that would provide 254 hosts per vlan, and simply route between those vlans. It would be easier to manage, and your segmentation would be readily defined.
If you create a huge "network" or broadcast domain with a 255.255.244.x subnetmask, I think you will be less efficient--
You simply set your layer 3 device (router) with sub-interfaces, for each subnet and you can have one interface doing the routing on all vlans. And you don't have to setup vlans your not ready to use yet.
for instance if you were going to do this:
10.150.8.x / 24 - accounting
10.150.9.x / 24 - procurement
10.150.10.x / 24 - HR
10.150.11.x / 24 - IT
10.150.12.x /24 - field staff
10.150.99.x /24 - Resources
etc. etc
and simply add your vlan's as needed, by merely creating additional sub-interfaces. as for DHCP, you can create multiple scopes on one server to provide DHCP across multiple networks. Or, if you feel it necessary, you can place a DHCP server on each subnet. Your choice depending on available resources and how simple or complex you choose to make it.
Good Luck
ASKER
Thanks Halejr and Chris,
in face i read both of your reply, i appreciate it. it was easier to get Halejr.
Halejr, lets suppose i get the 24 bit 255.255.255.0 and each one range for each of the offices like 10.150.8.x for accounting and 10.150.9.x for procurement and etc....
some questions here:
if i want to make them through VLANs, like in accounting office i have one Cisco 2960 series switch where i make VLan and give them the range of 10.150.8.x. and in Procurement i have another Cisco 2960 series swithch that i make Vlan and givem them the range of 10.150.0.9. and this way to all our offices.
now, how will each office get the IP address in the range of of thier VLANs for example if someone in procurement plugs his computer to network, how will he get IP? shall make DHCP on the switch of the procurement?
and how will i route the VLANS of all offices to each other, if i don't have a route can i do it through switches?
second thing,
just as said if i don't go with VLANs, how can i assign 10.150.8.x to accounting and 10.150.9.x to procurement from one DHCP server? i don't want to put seperte DHCP servers in each of the offices it is a waste. so how can i have all them lets say 15 different ranges for different offices in one DHCP server?
like if someone in HR plugs his computer, how will he get the IP from range of 10.150.0.10?
thanks,
in face i read both of your reply, i appreciate it. it was easier to get Halejr.
Halejr, lets suppose i get the 24 bit 255.255.255.0 and each one range for each of the offices like 10.150.8.x for accounting and 10.150.9.x for procurement and etc....
some questions here:
if i want to make them through VLANs, like in accounting office i have one Cisco 2960 series switch where i make VLan and give them the range of 10.150.8.x. and in Procurement i have another Cisco 2960 series swithch that i make Vlan and givem them the range of 10.150.0.9. and this way to all our offices.
now, how will each office get the IP address in the range of of thier VLANs for example if someone in procurement plugs his computer to network, how will he get IP? shall make DHCP on the switch of the procurement?
and how will i route the VLANS of all offices to each other, if i don't have a route can i do it through switches?
second thing,
just as said if i don't go with VLANs, how can i assign 10.150.8.x to accounting and 10.150.9.x to procurement from one DHCP server? i don't want to put seperte DHCP servers in each of the offices it is a waste. so how can i have all them lets say 15 different ranges for different offices in one DHCP server?
like if someone in HR plugs his computer, how will he get the IP from range of 10.150.0.10?
thanks,
The Cisco 2960does not support a routing code, so you have some issues. I assume you have a router, somewhere, unless this is one big standalone network. Wherever this router is, you need to configure its connection to the switches as however many interfaces as you have vlans. The ip address on this router in the vlan is what you configure the dhcp scope gateway as.
You can either configure the dhcp scopes on this router, or you can configure as many different scopes on the dhcp server as you have vlans.
You then configure the router to pass dhcp to the remote dhcp server using the ip helper command or the dhcp relay command. The dhcp server will see the request coming in from a particular network and will hand the correct ip and such back to the router, which will relay it back to the computer.
If you really don't have a router, or a switch capable of running routing code. like a 3550, then all I can think to do is configure the dhcp server to hand out ip addresses by assigning the ips to manually configured mac/ip address pairs. Which is a nightmare. By definition, you will need to put all of the offices in the same network range and vlan if you don't have a router.
You can either configure the dhcp scopes on this router, or you can configure as many different scopes on the dhcp server as you have vlans.
You then configure the router to pass dhcp to the remote dhcp server using the ip helper command or the dhcp relay command. The dhcp server will see the request coming in from a particular network and will hand the correct ip and such back to the router, which will relay it back to the computer.
If you really don't have a router, or a switch capable of running routing code. like a 3550, then all I can think to do is configure the dhcp server to hand out ip addresses by assigning the ips to manually configured mac/ip address pairs. Which is a nightmare. By definition, you will need to put all of the offices in the same network range and vlan if you don't have a router.
ASKER
Thanks lanboyo, which series of router do you recommend that i get?
so you mean that i should have one router that should have several interfaces, on each interface i configure a VLN and connect one office in it, then configure DHCP on that VLAN, right?
i just didn't get the last part that you said the DHCP from router will then communicate to the DHCP server? how?
Thanks,
so you mean that i should have one router that should have several interfaces, on each interface i configure a VLN and connect one office in it, then configure DHCP on that VLAN, right?
i just didn't get the last part that you said the DHCP from router will then communicate to the DHCP server? how?
Thanks,
helpdesk... first things first .. what environment are you supporting and does it include an AD infrastructure?
when you talk about your odepartments it sounds like some may be not on the same campus -- is this correct???
What layer 3 device are you planning to use?
I recommend you use a windows DHCP server, where you can create multiple scopes. in lieu of having a dhcp server on all segments, you can provide for forwarding so the DHCP server will answer all DHCP requests from any givin subnet. Also, you could configure 2 DHCP servers with duplicate scopes to provide for failover / etc. and provide IP helper address on your router interface to allow the clients to get to the dhcp server.
Here is a best practices link:
http://technet.microsoft.com/en-us/library/cc780311.aspx
Answer my questions a the beginning so I don't have any unknowns and I'll help you as best I can.....
when you talk about your odepartments it sounds like some may be not on the same campus -- is this correct???
What layer 3 device are you planning to use?
I recommend you use a windows DHCP server, where you can create multiple scopes. in lieu of having a dhcp server on all segments, you can provide for forwarding so the DHCP server will answer all DHCP requests from any givin subnet. Also, you could configure 2 DHCP servers with duplicate scopes to provide for failover / etc. and provide IP helper address on your router interface to allow the clients to get to the dhcp server.
Here is a best practices link:
http://technet.microsoft.com/en-us/library/cc780311.aspx
Answer my questions a the beginning so I don't have any unknowns and I'll help you as best I can.....
ASKER
Thanks, in face we are going to AD, we were in a workgoup envirnment and recently we have done almost 70% of the computers joined to the AD.
The departments i am talking about are not in sites right now, they are all located in one location one place............while in future we will have site offices too, that i want to go with same range........like i want to have my main office in NY to have the range from 10.150.0.x to 10.150.15.x and then i want my NJ office to be in the range of 10.150.16.x...........my Washington office to be in the range of 10.150.17.x
then i will have site to site VPN established, so the AD from all the sites can replicate to the NY DC, please correct me if i am wrong. i want to have such a thing..
also in NY office that is my main office, i will have a DHCP server that will assign different ranges of IP to my different departments,like for IT dept it should assign 10.150.1.x, for accounting 10.150.2.x, for procurement 10.150.3.x and so on...........can one DHCP server assing different ranges? will need to do anything on the router or switches?
thanks,
.
The departments i am talking about are not in sites right now, they are all located in one location one place............while in future we will have site offices too, that i want to go with same range........like i want to have my main office in NY to have the range from 10.150.0.x to 10.150.15.x and then i want my NJ office to be in the range of 10.150.16.x...........my Washington office to be in the range of 10.150.17.x
then i will have site to site VPN established, so the AD from all the sites can replicate to the NY DC, please correct me if i am wrong. i want to have such a thing..
also in NY office that is my main office, i will have a DHCP server that will assign different ranges of IP to my different departments,like for IT dept it should assign 10.150.1.x, for accounting 10.150.2.x, for procurement 10.150.3.x and so on...........can one DHCP server assing different ranges? will need to do anything on the router or switches?
thanks,
.
helpdesk... be careful. I don't know if I understand your approach, but if you are planning on creating a HUGE broadcast domain, i.e. 255.255.244.0 SNM, your going to have a problem bridging all those hosts together. especially if they are in a Large Campus area.
You may make it more complex thinking your making it more simple.
Segmentation is not a bad thing... it's a simpler approach to management too. If you have a problem in a large broadcast domain, you will likely impact the entire domain. If you segment, in most cases your problems may be isolated from their place of origin.
if you don't undertand routing and you have some money in budget for this "project" include a couple of thousand for a good network engineer to consult and advise you. Don't try to be the end all beat all expert. It could cost you in the long run months later when a knowledgeable professional comes in and asks... "how in the H#%% did this happen?????"
good luck.
You may make it more complex thinking your making it more simple.
Segmentation is not a bad thing... it's a simpler approach to management too. If you have a problem in a large broadcast domain, you will likely impact the entire domain. If you segment, in most cases your problems may be isolated from their place of origin.
if you don't undertand routing and you have some money in budget for this "project" include a couple of thousand for a good network engineer to consult and advise you. Don't try to be the end all beat all expert. It could cost you in the long run months later when a knowledgeable professional comes in and asks... "how in the H#%% did this happen?????"
good luck.
PS.. all those "hosts" in each segment, the only thing I can think of is your either an administrator for the government - (large, large offices with too many people with no supervision) or the federal penitentiary and they are giving all prisonoers PC's for their cells?
just kidding....:)
just kidding....:)