2 Private IP Ranges

Ok I will explain this the best I can.  Our network, that was set up long before me.  Our Ip range is 172.16.x.x and now we also have 172.17.x.x.  Our DC has our dhcp server on it and works fine for the 172.16.x.x address.  The 17 address range cannot see any assets on the network that carry 172.16 range and cannot access the internet.  Both ranges are setup in the router.  Our 172.16 range for uses a 255.255.255.0 mask.  Our server is 2003.  Can anyone tell me how to get the two ranges to see each other?
MaximusTechAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rfc1180Commented:
you are either running into a routing issue are IP filtering issue. What type of router do you have.
What is the default gateway and subnet masks of the hosts that are in the 172.17.x.x?
0
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
What hardware is the router? Can you post the configuration here?

/Kvistofta
0
MaximusTechAuthor Commented:
the default gateway is 172.17.1.1
and the subnet mask 255.255.0.0

0
The Five Tenets of the Most Secure Backup

Data loss can hit a business in any number of ways. In reality, companies should expect to lose data at some point. The challenge is having a plan to recover from such an event.

rfc1180Commented:
your subnet mask is incorrect, change it to 255.255.255.0
Also please post the router config
Billy
0
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
rfc1180: Why is the mask incorrect?? 172.17 is a B-class network and /16 is perfectly fine.

/Kvistofta
0
rfc1180Commented:
his hosts in the 172.16 are using 255.255.255.0
hosts in the 172.17.x.x that are using 255.255.0.0 that are trying to communicate with 172.16 will never send a packet to the default gateway as the host(s) will assume that 172.16 is local

Also, we have asked for a posting of his config which will verify if the 2 networks are separate broadcast domains or if they are in fact local, if that is the case, then possible the hosts in 172.16.0.0 will need to change the mask to 255.255.0.0

Billy
0
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
"hosts in the 172.17.x.x that are using 255.255.0.0 that are trying to communicate with 172.16 will never send a packet to the default gateway as the host(s) will assume that 172.16 is local"

What? Why would a properly configured host in 172.17.0.0/16 believe that anything addressed 172.16.x.x is local???

/Kvistofta
0
rfc1180Commented:
>What? Why would a properly configured host in 172.17.0.0/16 believe that anything addressed 172.16.x.x is local???

yeah, you are right! My bad, I am thinking /8 not sure why; you are correct, the 172.17.x.x and 255.255.0.0 is the correct mask.

at any rate, we still need the config of the router

Billy
0
Fred MarshallPrincipalCommented:
It's a bit unclear if the objective is to have two separate subnets that are interconnected or to have a single subnet.    That's because the author says: "and now we have ...."  So, it would help the Author to have this clear and it would help us to know so we can provide better advice.  Anyway, I strongly suspect that someone set up "17" addresses because they should have been available with 255.255.0.0

If that's the case then it's a matter of subnet masks matching the intent.  255.255.255.0 seems incorrect under *any* circumstance here - or there's not enough information to go on.
0
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
Yes, we are all guessing. The author needs to give more information.

/Kvistofta
0
goyal_251Commented:
you donot need to add router to connect 172.16.x.x and 172.17.x.x.change the subnet mask 255.255.254.0 in both the network.both network will communicate each other without router(will become same network actually).
0
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
goyal_251: That is totally wrong. Maybe you mean subnet mask 255.254.0.0?

/Kvistofta
0
goyal_251Commented:
no its 255.255.254.0 .......I am taking about CIDR(Classless Inter-Domain Routing)
0
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
Sure, but with the mask 255.255.254.0 you can never have anything addressed 172.16.x.x and 172.17.y.y in the same network. Sorry, get back to the books.

172.16.0.0/23 contains 172.16.0.0 - 172.16.1.255
172.17.98.0/23 contains 172.17.98.0 - 172.17.99.255.

You sure talk about CIDR becaus this is what all this is about, without that you would have the entire 172.16.0.0/16 as a classful network and 172.17.0.0/16 as another. But in your mask 255.255.254.0 you have the network-host-boundary in the third octet, which means that everything in the second octet defines the network, not host. Hence 172.16.whatever.whatever with 255.255.254.as mask contains nothing more than 172.16.whatever.0 to 172.16.whatever+1.255. Never 172.17, because then your second octet in the netmask needs to be something else than 255.

/Kvistofta
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
chris-burnsCommented:
Kvistofta is right, he could change his subnet to 255.254.0.0.

that would have all addresses from 172.16.0.0 to 172.17.255.255.
By doing this you would have a single subnet, but by far is the easiest fix.

http://www.subnet-calculator.com/cidr.php Is worth having to hand.
0
goyal_251Commented:
Yes.. Kvistofta you are right,atucally we need to make the change in second octet.But the calculation I had given was for third octact.thanks for notifying the error.
0
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
You are welcome. ;)

/Kvistofta
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.