Avatar of jhaff
jhaff
Flag for Afghanistan asked on

change network address scope

the network i'm managing is having incredible performance problems.  i've replaced a ton of the underlying network hardware, but we're still having problems... my next step is to correct the network addressing scheme.

currently its a flat network - no vlans, subnets, etc. - with a class b netmask!  we probably have, at most, 700 devices on the network at the same time... obviously no need for a 65,000+ address space.

currently we're using 10.10.0.0/16.  i'd like to keep the net id at 10.10.0.0 but change the netmask to 255.255.248.0 or 255.255.252.0 scheme, but i'm worried i'm going to cause major headaches for myself.  anyone done something like this before?

i understand i need to fix all my routes, static ip's, dhcp scope to reflect the change, but is there something i may be missing?  am i going to screw up my dns tables?  switching arp tables?

any input is appreciated.

Software FirewallsDHCPWindows Networking

Avatar of undefined
Last Comment
tomand

8/22/2022 - Mon
tomand

Hi,

The shortening of the subnet mask itself should not improve your network (unles some strange problem will not be solved by it just as a side effect). I would recommend to try to find the bottleneck in the network. If you have no dumb switches or so you are happy. You should create SNMP graphs from any interesting device/interface (bits per second, packets (unicast, broadcast and maybe multicasts too) per second, various errors per second). If you have the graph you usually are able to see an overloaded interface or the one which is generating errors.

Your network maybe full of broadcasts (it would be fine if you could meassure average broadcast rate) some device (switch)  may be overloaded, there maybe a station injecting corrupted packets. There maybe even viruses active in your network.

Once you will know what is causing the problems you can solve it...
ASKER CERTIFIED SOLUTION
MikeKane

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
NetAdmin2436

I'd have to agree with Tomand. From the sounds of it you are creating a lot of unneeded work for yourself that will not fix the performance issue.

Can you describe more of your physical and logical setup of your network? Do you have 1 site or 25 sites? Also, please describe what performance issues you are having. Specific examples like is all email slow? during specific times? ect..
jhaff

ASKER
i'm at 1 site... i've looked at graphs of our network traffic and have TONS of broadcast traffic... narrowing the ip scope will not help with that?  I was under the assumption that narrowing my broadcast domain will reduce broadcast traffic in turn reducing the total amount of traffic on the network... i could be wrong.

the performance issues that we're seeing are with external resources.  web speeds and access to external resources seem to be fine from the firewall, but as soon as traffic goes beyond the firewall - to our internal network - access to those resources takes longer than expected.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
Rick_O_Shay

If you have that many devices I would start by looking into configuring rate limiting for your broadcast traffic especially over switch to switch links.
tomand

Hi,

TONS of broadcast traffic means what rate of broadcast? I would expect tens of broadasts per seconds when there is 700 IPs on the network. If there is more broadcasts then it would be good to know what they are. Sure, there will be ARP queries and maybe something else which can be eliminated.If you can run on the proper place a packet sniffer (if you have switches which are able to mirror traffic to other port you can easily catch traffic on any port)

What is the operating system used in the network? Are there Windows station? I am not sure but windows sharing may produce some significant amount broadcasts ?

If there is large amount of broadcast (tens of per cents of total amount of packet, perhaps) and there is no way to eliminate some types of broadcast you should start to think about dividing the network into smaller subnets. It means use routing between subnets, maybe vlans, etc.