?
Solved

DHCP/DNS issue

Posted on 2011-03-04
9
Medium Priority
?
805 Views
Last Modified: 2012-05-11
I have an issue where my company is expanding into a new building.  The old building has an internal ip range from 192.168.8.1 - 192.168.9.254. Everything seems to work fine. They want to bring the majority of the servers, including DNS, to the new building where the internal ip range is from 192.168.23.1 - 192.168.24.254.  The subnet for both locations is 255.255.248.0. The gateway for the new location is 192.168.23.1. We set up the server to do both DNS and DHCP.  The DHCP ended up being a super scope that ranges from 192.168.16.1 to 23.254 on one scope and 24.1 - I think 30.254 on the other scope.  We have the 23.XXX set aside for our servers, printers, cameras etc and have set the 24.XXX set for the users.  I have gone into DNS and the NICs and changed the pointers and IP addresses to match the new location.  My clients seem to be getting the 24.XXX address from DHCP.  My issue is that they cannot access or ping anything on the 23.XXX portion of the network.  The servers can ping one another but not any clients and the clients cannot see the servers or anything on the 23.XXX portion of the network.  What am I missing?  Is it because of the super scope in DHCP?  
0
Comment
Question by:dustaine
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +3
9 Comments
 
LVL 71

Accepted Solution

by:
Chris Dent earned 400 total points
ID: 35042142
First and formost we need to address this:

192.168.23.1 - 192.168.24.254

This cannot be the range unless the subnet mask is 255.255.224.0 or less. If you use 255.255.248.0 then the following ranges apply:

192.168.16.0/21 - 192.168.16.1 to 192.168.23.254
192.168.24.0/21 - 192.168.24.1 to 192.168.31.254

So, if you use the 255.255.248.0 mask you'll have to make something a router to get between the two networks. I believe that to be the step you're missing. Unless you already have one?

Note: The Superscope is an administrative container, it gives you nothing other than a folder to put scopes in, it has no impact on how clients access individual scopes.

Chris
0
 
LVL 8

Assisted Solution

by:Toxacon
Toxacon earned 400 total points
ID: 35042146
Is the connection between the buildings routed or is it a bridged/LAN connection?

Based on that information you should verify your subnet mask and routing information in case of routed network.
0
 
LVL 37

Assisted Solution

by:Neil Russell
Neil Russell earned 400 total points
ID: 35042157
Why are you not using a class B network address space as you are trying to use a class B subnett?

192.168.x.x is a class C address range and your subnetmask should not exceed 255.255.255.0

You should technically now be configured using one of the class B ranges from
172.16.0.0 - 172.16.255.255
172.17.0.0 - 172.17.255.255
172.18.0.0 - 172.18.255.255

Then your netmask of 255.255.248.0 is acceptable and makes sense.

I assume you have a Single router that is the default gateway on both subnets and manages the routing between the two correctly already?
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 
LVL 2

Assisted Solution

by:tyol
tyol earned 400 total points
ID: 35043188
hey all problems goes from MASK that don't correlates with IP addresses of servers and clients.

try mask 255.255.240.0 that includes all IP addresse from 192.168.16.0 thru 192.168.31.255
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 35043476
Do you understand IP address's and routers and netmasks?
0
 
LVL 2

Expert Comment

by:tyol
ID: 35043652
as for me - i do.

if dustaine want use that network - hi can use it.
actualy all 192.168.x.x range is private.
Yes it's not best choice but it can be :)

of cause without router or withuot routes on computers he can't acces computers from 192.168.8.x range, but he doesn't wrote about this problem
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 35044079

Classful addressing... it's been a long long time since that was the root of any problem. 192.168.0.0/16 is the private range in Class C. Convention and tradition may have us use masks /24 or more, but no rule in the network stack enforces that. There's nothing wrong with using the range above provided the mask does not prohibit acces between networks or a router is present to help out.

And yeah, 255.255.240.0, I miscounted that one earlier :)

Chris
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 400 total points
ID: 35047140
There are some significant IP subnetting problems here, as Chris alluded to.

If the subnet mask is truely 255.255.240.0, the first network ID is 192.168.8.0, and the broadcast IP is 192.168.15.255. The correct subnet mask for a useable range of 192.168.8.1-192.168.9.254 is 255.255.254.0.

For the second building, in order to have 192.168.23.1 and 192.168.24.1 in the same subnet, you actually need to go to a subnet mask of 255.255.224.0, which makes the network 192.168.16.1-192.168.31.254.

If dustaine wants to keep the subnets at 510 hosts, the subnet for the first building should be corrected to 255.255.254.0, and the network in the new building should be changed to 192.168.24.0 255.255.254.0 with usable IPs 192.168.24.1-192.168.25.254. The other option is to change the mask to 255.255.224.0, and then realize that the network really does go from 192.168.16.1-192.168.31.254.

The author can explore using a subnet calculator.
http://www.subnet-calculator.com/subnet.php?net_class=B

0
 

Author Comment

by:dustaine
ID: 35064355
You all have been really great in your assistance.  Honestly, I am just a Information Security person who had been put in charge of putting this together.  I remember some things from subnetting and figured the mask was the issue, especially when I saw the range as 16 - 23.  I figured the .23 wouldn't be able to talk to the .24 without some routing. The .23 and .24 are actually on the same network in the same building. The .8 network is in the building next door.  I am not really interested in the two building communicating except perhaps via vpn because of ITAR and other concerns. I was just momentarily stumped as to why on the same network .23 and .24 would not talk to one another then I remembered binary. lol.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question