Running out of IP addresses - best (easiest?) way to increase available IPs in DHCP?

Posted on 2010-01-06
Last Modified: 2012-06-21
We have a new client that is a private school and after a recent purchase of new computers, we are several IP addresses short in our DHCP scope.  Here is the setup we inherited:

Windows 2008 Server Enterprise (DC) running DHCP
DHCP Scope of - with .1-.75 excluded from distribution for servers, printers, etc. that need static IPs.  (Realistically we don't need that many static IPs and as a short term fix could reduce that to about 50 IPs excluded for static assignment, but we're looking for a longer term solution)

There are two routers for the purpose of sharing two cable internet connections.  One is a SonicWALL NSA 240 which serves the bulk of the computers and the other is a Cisco ASA 5505 which also gives a handful of admin people VPN access for the purpose of using remote desktop to login to their computers from home.  The Sonicwall is the default gateway and is and the handful of systems that are on the Cisco have their Gateway statically assigned in advanced IP settings which is

There are a couple of wiring closets connected by a fiber link.  Most of the switches are 3Com but there are a number of smaller switches thrown into the mix both in one of the wiring closets as well as little 5 port switches in several classrooms allowing several computers to share one network jack in the wall.

We have a theoretical general understanding of what needs to happen to increase the number of available IPs through DHCP, but no practical knowledge or expertise in that area.  Our average size customer is about 20 PCs so this is by far our largest in terms of network nodes.

We're looking for a best practice tutorial in how to do this right.  Thanks.
Question by:jtgerdes
    LVL 5

    Accepted Solution

    Just make the scope larger.

    You can change the range from - to -, or use any other range between 192.168.0.x - 192.168.254.x. Change the subnet from to

    Change the IP-configuration of the servers, routers and other machines with a static IP to the same subnet mask.

    You can go even bigger if need be, e.g. -, with a subnet of Please note that the IP-range and subnet have a delicate relationship, e.g. you cannot use 192.167.x.x - 192.168.x.x /

    More info on IP-ranges:
    LVL 70

    Assisted Solution

    by:Chris Dent

    I recommend you increase the size of your existing network by changing the subnet mask to

    That changes the IP range from this: to

    To: to

    That gives you another 255 IP addresses to use without having to re-IP your entire network. It's about the least possible work.


    Author Comment

    Wow same basic answer from two experts in the same minute - very impressive.  Just a couple of quick questions on Netcraft's statement about changing the subnet mask on the computers with static IPs to

    1. I'm assuming the first change would be changing the subnet mask on the DC server that is the DHCP server then changing the IP range in the scope in DHCP.

    2. Looking in the Scope properties noticed that the subnet mask is greyed out - is it just pulling that from the IP settings in the network adapter?

    3. When I change the subnet mask on the server will that cause any network disruption?  Basically I'm wondering if this has to be done all at once with everyone having all network resources closed or if I can just set it on the server, change the other static systems and let DHCP push out the rest over the following hours?

    LVL 70

    Expert Comment

    by:Chris Dent

    1. It would perhaps be prudent to do it that way.

    If a system ends up with the old mask (for whatever reason) it will only be able to communicate with the first half of the subnet, not the new expanded portion.

    2. I suspect you may have to delete the scope completely unfortunately. If you do end up doing that, and are happy to do so, make sure you enable Conflict Detection in DHCP. That will prevent it leasing out addresses that are already in use.

    Do you have a lot of reservations in the scope?

    3. No, not really anything at all. You can do one system at a time. Systems on the new mask will be able to communicate with systems using the old mask. It will only fail if a system on the old mask tries to take to one on the upper part of the new IP range.

    LVL 5

    Expert Comment

    It is probably best to first change the subnet mask of all fixed-IP hardware, and only then change (probably recreate) the DHCP scope. You don't want any workstations to get an IP in the upper half when your server's, routers of printers cannot handle them.

    Do you have a solid administration of the fixed IP addresses? Do your switches have an IP for management purposes?

    Author Closing Comment

    Thanks guys!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
    Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
    This tutorial will walk an individual through the process of upgrading their existing Backup Exec 2012 to 2014. Either install the CD\DVD into the drive and let it auto-start, or browse to the drive and double-click the Browser file: Select the ap…
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now