Solved

Changing IP address scheme

Posted on 2011-02-11
5
631 Views
Last Modified: 2012-05-11
Hello Experts -

We're getting ready to move our company to a new location and have decided to change our whole address scheme.  We're planning to do this all over a weekend.  We use a 2003 active directory domain with about 25 physical statically assigned servers, we have Vsphere 4.0 running about 25 servers with statically assigned addresses, we use Lefthand for our san solution, dhcp for the desktops and vmware view machines.

Obviously this is a big undertaking...  Would anyone have any advice for best practices on tackling this undertaking?  Possibly some steps to take or gotchas to look out for?

Any help or leads to good reference material would be greatly appreciated.

Thanks
0
Comment
Question by:MMIC
5 Comments
 
LVL 28

Expert Comment

by:bgoering
ID: 34872440
Is it because you are using public IP addresses everywhere? If so I would recommend you switch to private addressing wherever possible as part of the conversion.

The only other advice I might be able to tender is to start using DHCP wherever possible to allocate addresses. With what you have it won't be difficult, just tedious.

Good Luck
0
 
LVL 1

Expert Comment

by:ragijshah
ID: 34872508
I am assuming that you are using Windows based DHCP server (Windows 2003).

You might want to consider following things before changing IP scheme.

1) Assign secondary IP to servers and ensure routing is done.
2) Change lease time for scope in existing DHCP configuration
3) Once ready to change over IP scheme create new scope for DHCP keeping two IPs on static serves (one from old network and 2nd from new ip scheme)
4) Leave initial IP on server for few days and then remove them from server

Also its advised to run DHCP best practice analyzer to avoid any known issues.

http://blogs.technet.com/b/teamdhcp/archive/2010/05/01/dhcp-server-best-practice-analyzer-available-for-download.aspx

Regards,
0
 
LVL 28

Expert Comment

by:bgoering
ID: 34872607
Another observation to look out for - if you have subnets set up in active directory sites and services then make sure you have a subnet defined for the new ip range before you change the DC address.
0
 
LVL 15

Accepted Solution

by:
Lee Osborne earned 500 total points
ID: 34875052
We've just changed our subnet from a public class C to a private class B. One reason because it was public, and the second because we were almost out of IP's. We changed ours when we virtualised the infrastructure and haven't looked back since!

We started by putting a temporary router in to send traffic from one (new) subnet to another (old) and vice-versa, and act as a temporary gateway address. When we put a new DC VM in place, this was the first DC in the new subnet to hold the new DHCP scope, DNS and WINS. The old scope was deactivated and the new one was activated for the workstations to pick up a new lease. Then all the printers (which are static) were changed.

Once we had done this part, the servers were migrated from P2V and assigned a new class B IP on reboot. Lastly, we changed the WAN routers IP's and routes, and finally changed the firewall address (which is the default 0.0.0.0 route for all other traffic). Once everything had moved, we removed the temporary router.

One thing we ended up being aware of were routes on routers, switches and firewalls, NAT translations, static ARP entries, and firewall rules.

If I think of anything else, I'll let you know!

Lee
0
 

Author Comment

by:MMIC
ID: 34891616
Thanks for all your suggestions.  We actaully decided against changing our IP's since there wasnt a real need to do so.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
DHCP on ASA 3 23
Firewall port opening 2 22
Best RAID for a BDD Oracle 4 18
Secondary DNS Server 2008 R2 not kicking in 1 27
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Teach the user how to edit .vmx files to add advanced configuration options Open vSphere Web Client: Edit Settings for a VM: Choose VM Options -> Advanced: Add Configuration Parameters:
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now