[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Running out of IP addresses - best (easiest?) way to increase available IPs in DHCP?

Posted on 2010-01-06
6
Medium Priority
?
905 Views
Last Modified: 2012-06-21
We have a new client that is a private school and after a recent purchase of new computers, we are several IP addresses short in our DHCP scope.  Here is the setup we inherited:

Windows 2008 Server Enterprise (DC) running DHCP
DHCP Scope of 192.168.168.1 - 192.168.168.252 with .1-.75 excluded from distribution for servers, printers, etc. that need static IPs.  (Realistically we don't need that many static IPs and as a short term fix could reduce that to about 50 IPs excluded for static assignment, but we're looking for a longer term solution)

There are two routers for the purpose of sharing two cable internet connections.  One is a SonicWALL NSA 240 which serves the bulk of the computers and the other is a Cisco ASA 5505 which also gives a handful of admin people VPN access for the purpose of using remote desktop to login to their computers from home.  The Sonicwall is the default gateway and is 192.168.168.254 and the handful of systems that are on the Cisco have their Gateway statically assigned in advanced IP settings which is 192.168.168.253.

There are a couple of wiring closets connected by a fiber link.  Most of the switches are 3Com but there are a number of smaller switches thrown into the mix both in one of the wiring closets as well as little 5 port switches in several classrooms allowing several computers to share one network jack in the wall.

We have a theoretical general understanding of what needs to happen to increase the number of available IPs through DHCP, but no practical knowledge or expertise in that area.  Our average size customer is about 20 PCs so this is by far our largest in terms of network nodes.

We're looking for a best practice tutorial in how to do this right.  Thanks.
0
Comment
Question by:jtgerdes
  • 2
  • 2
  • 2
6 Comments
 
LVL 5

Accepted Solution

by:
Netcraft earned 1000 total points
ID: 26191849
Just make the scope larger.

You can change the range from 192.168.168.1 - 192.168.168.252 to 192.168.168.1 - 192.168.169.252, or use any other range between 192.168.0.x - 192.168.254.x. Change the subnet from 255.255.255.0 to 255.255.254.0.

Change the IP-configuration of the servers, routers and other machines with a static IP to the same subnet mask.

You can go even bigger if need be, e.g. 192.168.168.1 - 192.168.175.254, with a subnet of 255.255.248.0. Please note that the IP-range and subnet have a delicate relationship, e.g. you cannot use 192.167.x.x - 192.168.x.x / 255.255.254.0.

More info on IP-ranges: http://en.wikipedia.org/wiki/IP_address.
0
 
LVL 71

Assisted Solution

by:Chris Dent
Chris Dent earned 1000 total points
ID: 26191852
Hi,

I recommend you increase the size of your existing network by changing the subnet mask to 255.255.254.0.

That changes the IP range from this:

192.168.168.1 to 192.168.168.254

To:

192.168.168.1 to 192.168.169.254

That gives you another 255 IP addresses to use without having to re-IP your entire network. It's about the least possible work.

Chris
0
 

Author Comment

by:jtgerdes
ID: 26194209
Wow same basic answer from two experts in the same minute - very impressive.  Just a couple of quick questions on Netcraft's statement about changing the subnet mask on the computers with static IPs to 255.255.254.0:

1. I'm assuming the first change would be changing the subnet mask on the DC server that is the DHCP server then changing the IP range in the scope in DHCP.

2. Looking in the Scope properties noticed that the subnet mask is greyed out - is it just pulling that from the IP settings in the network adapter?

3. When I change the subnet mask on the server will that cause any network disruption?  Basically I'm wondering if this has to be done all at once with everyone having all network resources closed or if I can just set it on the server, change the other static systems and let DHCP push out the rest over the following hours?

Thanks.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 71

Expert Comment

by:Chris Dent
ID: 26194272

1. It would perhaps be prudent to do it that way.

If a system ends up with the old mask (for whatever reason) it will only be able to communicate with the first half of the subnet, not the new expanded portion.

2. I suspect you may have to delete the scope completely unfortunately. If you do end up doing that, and are happy to do so, make sure you enable Conflict Detection in DHCP. That will prevent it leasing out addresses that are already in use.

Do you have a lot of reservations in the scope?

3. No, not really anything at all. You can do one system at a time. Systems on the new mask will be able to communicate with systems using the old mask. It will only fail if a system on the old mask tries to take to one on the upper part of the new IP range.

Chris
0
 
LVL 5

Expert Comment

by:Netcraft
ID: 26195403
It is probably best to first change the subnet mask of all fixed-IP hardware, and only then change (probably recreate) the DHCP scope. You don't want any workstations to get an IP in the upper half when your server's, routers of printers cannot handle them.

Do you have a solid administration of the fixed IP addresses? Do your switches have an IP for management purposes?
0
 

Author Closing Comment

by:jtgerdes
ID: 31673542
Thanks guys!
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question