Solved

Can setting up a VLAN give us more addresses?

Posted on 2010-09-16
9
425 Views
Last Modified: 2012-05-10
We have a 192.168.0.X (255.255.255.0) class network and are running out of addresses.  We have about 100 thin clients that only need to access the Servers that host them.  If I set up the thin clients to use one VLAN, their servers (which are their gateway to the rest of the network) to use both that VLAN and a primary VLAN, and everything else to just use the primary VLAN, would that free up 100 addresses so we wouldn't have to change all our nodes to use a different class of addresses?  Would it work if the thin clients used a 192.168.1.X (255.255.255.0) address scheme and the primary VLAN used a 192.168.0.X address scheme?  What type of address would the thin client servers use to be able to access both VLANs, the 192.168.0.X or the 192.168.1.X?  Would the thin client servers need to be assigned 2 addresses?
0
Comment
Question by:Declan_Basile
9 Comments
 
LVL 9

Expert Comment

by:jerrypd
ID: 33695030
silly question - are you using DHCP? If so, all you need to do is change the scope, and the users will get the change automatically on next boot...
otherwise, I *think* your solution is sound, but I am a bit concerned about the servers using both VLAN addresses.
0
 
LVL 1

Author Comment

by:Declan_Basile
ID: 33695352
  We are using DHCP, but there are a lot of static addresses on the network, some from third party companies (security, phone, etc) which we don't know how to change, some from legacy devices that you can't easily change the address of, and a lot of computers reference these static addresses (ex. printing to a TCP/IP port), so if the address changes, the computers need to be changed to reference the new address.  I was hoping that the VLAN solution would be an easier transition for us.
   Can a server be assigned two addresses?  What's wrong with doing that?  I thought that is common practice for a computer to be able to access more than one VLAN?  I thought that it was just a matter of configuring the port of the switch it's plugged into to "Trunk" mode instead of "Access" mode (in Cisco terms)?
0
 
LVL 1

Accepted Solution

by:
cdusio earned 250 total points
ID: 33695761
You can do a couple of things. FIrst off, you can put a secondary address on the servers and oyu don't have to do squat with VLAN's.

Now I am not telling you what to do but what you could do..

Second thing is yes you can create a trunk on the switch and then you can trunk down to the servers. If they understand VLAN tagging, one vlan (thin client vlan) would have an address of the 0 network and the other would have the address of the server network.

That assumes the server can support tagged frames.

And if the clients only access the server then all they would need is the access to the server.

The simplest thing would be to just create another vlan with a l3 interface (SVI) and then out the thin app clients on that. They sb able to reach the servers as long as their ip's and gateways are correct. then you're done.

so example

thin clients move to 192.168.6.X/24
gateway is .1
create an SVI (hopefully you can) on something interface XX ip address 192.168.6.1 255.255.255.0
then when the clients want to connect to the server, they hit that router of course the router has to know about the other network as well then you're on your way.

hth
0
 
LVL 3

Expert Comment

by:ad4m1
ID: 33712856
You could use just use 2 networks or better still if it's just that your running out of address change your network mask from 255.255.255.0 to 255.255.254.0 which will mean that 192.168.0.1 and 192.168.1.1 are on the same network and can see each other. The range would actually be 192.168.0.1 to 192.168.1.25, which gives you twice as many addresses. 255.255.252.0 will give you 4 times as many etc. This would do away with the need to setup VLANS across your network switches as well as setting up any trunk ports etc and also any routing required to route the 2 networks together.
Changing your network mask on static devices might be a bit of a pain but you can change it easily in your DHCP server scope.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 1

Author Comment

by:Declan_Basile
ID: 33735909
Why won't a computer with IP 192.168.0.1 and subnet 255.255.255.0 see a computer with IP 192.168.1.1 and subnet 255.255.254.0?  Shouldn't both computers be on the same network?  The following is my understanding ...

Consider 3rd octet ...
00000000 - IP #1 (3rd octet)
11111111 - SubNet #1  (all bits define the Network)
00000000 - Network

00000001 - IP#2  (3rd octet)
11111110 - SubNet#2  (only 7 bits define the Network)
00000000 - Network  (Network comes out the same because the last bit defines the Node.  Also, the 1st, 2nd, and 4th octets are the same for both IP and subnet)
0
 
LVL 3

Assisted Solution

by:ad4m1
ad4m1 earned 250 total points
ID: 33749951
Both machines must have the same subnet to be able to see each other.
A machine with subnet 255.255.254.0 and IP 192.168.0.xxx will see machines on 192.168.1.xxx but if the machine on 192.168.1.xxx does not also have a subnet of 255.255.254.0 then it will only be able to see machines on it's same subnet. eg 192.168.1.1 to 192.168.1.254.
without blinding with science it's to do with how the machines works out what address is on it's network and what addresses are on other networks. Machines on it's own network, it will talk to, machines not on it's network will likely a) not get routed to the machine anyway, or b) on a hub network will be seen by the machine but the network OSI layer of the Operating system will reject the packets of data because the 2 machines differ in terms of what network their on.
If you break the IP address down into Binary and the subnet down into binary then you can see how it works.
Subnet of 255.255.255.0 = 11111111 11111111 11111111 00000000 in binary. Working from the right side to the left, the point at which the number changes from a 0 to a 1 is where the network range works from and too. Anything IP address (in binary) before that point must be the same in for it to be able to talk to one another
For example:
Subnet 255.255.254.0 =
11111111 11111111 11111110 00000000
Which means 192.168.0.1 can talk to 192.168.1.1 because
192.168.0.1 =
11000000 10101000 00000000 00000001
and
192.168.1.1 =
11000000 10101000 00000001 00000001

You can see with the above exaple that your 2 address remain the same before the break in the subnet so they can see each other, whereas 192.168.2.1 is on a new subnet because:
192.168.2.1 =
11000000 10101000 00000010 00000001
Notice that the 1 has now bled into the range which has to remain the same and thus dictates it's on a different network.
Hope that helps when working out your addreses.
ps, Use windows calculater in either Scientific (or programmer mode in Windows 7) and have it on Dec and type in your number and hit Bin to convert the number into binary. I find it's the quickest way to do it unless your very good with your math ;)
 
0
 
LVL 3

Expert Comment

by:ad4m1
ID: 33749964
To add to my above comment, If your other machine has subnet 255.255.255.0 then it's binary would be
11111111 11111111 11111111 00000000
I've bolded the above to show where our other subnet went up top, This now means that your 2 address ranges cannot see each other because when broken down into Binary the change happens before the last 0, in other words they are still on 2 different networks. If that makes sense.
0
 
LVL 1

Author Comment

by:Declan_Basile
ID: 33757001
  I think I found a way to get more nodes on our network without changing the class of addresses we are using (i.e. without changing the subnet mask of all of the devices on our network).  The thin clients and their servers will have a subnet mask of 255.255.254.0, and everything else will stay at subnet mask 255.255.255.0.  The thin clients will have an address of 192.168.1.X, and everything else, including the servers of the thin clients, will still have an address of 192.168.0.X.  The thin clients will be able to communicate with their servers and only with their servers (which is fine), servers will still be able to communicate with the rest of the devices on the network because then though they have a different subnet mask, the first 3 octets of the IP will be the same as the rest of the devices on the network (except the thin clients).
   Does anyone have any reasons why this approach is not a good idea?  I tried this and it worked.  However, at the time I tried this we got network disconnect problems, and all the thin clients hosted by one of our servers were locked up (frozen).  Someone restarted that server. to remedy this.  I don't know if it is a coincidence that this happen when I changed the TCP/IP settings of a couple of computers.  One of the computers I changed the address of already got an address by DHCP that was logged in WINS.  I didn't delete the WINS entry when I changed its address to a static one.  Would this cause a conflict?
0
 
LVL 1

Author Closing Comment

by:Declan_Basile
ID: 33823587
ad4m1 - Thank you for going through all of that with me.  I understand subnet masks much better now.
cdusio - I ended up using two IP addresses on the thin client's servers.  Thanks for the idea.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now