DHCP/DNS issue

I have an issue where my company is expanding into a new building.  The old building has an internal ip range from 192.168.8.1 - 192.168.9.254. Everything seems to work fine. They want to bring the majority of the servers, including DNS, to the new building where the internal ip range is from 192.168.23.1 - 192.168.24.254.  The subnet for both locations is 255.255.248.0. The gateway for the new location is 192.168.23.1. We set up the server to do both DNS and DHCP.  The DHCP ended up being a super scope that ranges from 192.168.16.1 to 23.254 on one scope and 24.1 - I think 30.254 on the other scope.  We have the 23.XXX set aside for our servers, printers, cameras etc and have set the 24.XXX set for the users.  I have gone into DNS and the NICs and changed the pointers and IP addresses to match the new location.  My clients seem to be getting the 24.XXX address from DHCP.  My issue is that they cannot access or ping anything on the 23.XXX portion of the network.  The servers can ping one another but not any clients and the clients cannot see the servers or anything on the 23.XXX portion of the network.  What am I missing?  Is it because of the super scope in DHCP?  
dustaineAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Chris DentConnect With a Mentor PowerShell DeveloperCommented:
First and formost we need to address this:

192.168.23.1 - 192.168.24.254

This cannot be the range unless the subnet mask is 255.255.224.0 or less. If you use 255.255.248.0 then the following ranges apply:

192.168.16.0/21 - 192.168.16.1 to 192.168.23.254
192.168.24.0/21 - 192.168.24.1 to 192.168.31.254

So, if you use the 255.255.248.0 mask you'll have to make something a router to get between the two networks. I believe that to be the step you're missing. Unless you already have one?

Note: The Superscope is an administrative container, it gives you nothing other than a folder to put scopes in, it has no impact on how clients access individual scopes.

Chris
0
 
ToxaconConnect With a Mentor Commented:
Is the connection between the buildings routed or is it a bridged/LAN connection?

Based on that information you should verify your subnet mask and routing information in case of routed network.
0
 
Neil RussellConnect With a Mentor Technical Development LeadCommented:
Why are you not using a class B network address space as you are trying to use a class B subnett?

192.168.x.x is a class C address range and your subnetmask should not exceed 255.255.255.0

You should technically now be configured using one of the class B ranges from
172.16.0.0 - 172.16.255.255
172.17.0.0 - 172.17.255.255
172.18.0.0 - 172.18.255.255

Then your netmask of 255.255.248.0 is acceptable and makes sense.

I assume you have a Single router that is the default gateway on both subnets and manages the routing between the two correctly already?
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
tyolConnect With a Mentor Commented:
hey all problems goes from MASK that don't correlates with IP addresses of servers and clients.

try mask 255.255.240.0 that includes all IP addresse from 192.168.16.0 thru 192.168.31.255
0
 
Neil RussellTechnical Development LeadCommented:
Do you understand IP address's and routers and netmasks?
0
 
tyolCommented:
as for me - i do.

if dustaine want use that network - hi can use it.
actualy all 192.168.x.x range is private.
Yes it's not best choice but it can be :)

of cause without router or withuot routes on computers he can't acces computers from 192.168.8.x range, but he doesn't wrote about this problem
0
 
Chris DentPowerShell DeveloperCommented:

Classful addressing... it's been a long long time since that was the root of any problem. 192.168.0.0/16 is the private range in Class C. Convention and tradition may have us use masks /24 or more, but no rule in the network stack enforces that. There's nothing wrong with using the range above provided the mask does not prohibit acces between networks or a router is present to help out.

And yeah, 255.255.240.0, I miscounted that one earlier :)

Chris
0
 
kevinhsiehConnect With a Mentor Commented:
There are some significant IP subnetting problems here, as Chris alluded to.

If the subnet mask is truely 255.255.240.0, the first network ID is 192.168.8.0, and the broadcast IP is 192.168.15.255. The correct subnet mask for a useable range of 192.168.8.1-192.168.9.254 is 255.255.254.0.

For the second building, in order to have 192.168.23.1 and 192.168.24.1 in the same subnet, you actually need to go to a subnet mask of 255.255.224.0, which makes the network 192.168.16.1-192.168.31.254.

If dustaine wants to keep the subnets at 510 hosts, the subnet for the first building should be corrected to 255.255.254.0, and the network in the new building should be changed to 192.168.24.0 255.255.254.0 with usable IPs 192.168.24.1-192.168.25.254. The other option is to change the mask to 255.255.224.0, and then realize that the network really does go from 192.168.16.1-192.168.31.254.

The author can explore using a subnet calculator.
http://www.subnet-calculator.com/subnet.php?net_class=B

0
 
dustaineAuthor Commented:
You all have been really great in your assistance.  Honestly, I am just a Information Security person who had been put in charge of putting this together.  I remember some things from subnetting and figured the mask was the issue, especially when I saw the range as 16 - 23.  I figured the .23 wouldn't be able to talk to the .24 without some routing. The .23 and .24 are actually on the same network in the same building. The .8 network is in the building next door.  I am not really interested in the two building communicating except perhaps via vpn because of ITAR and other concerns. I was just momentarily stumped as to why on the same network .23 and .24 would not talk to one another then I remembered binary. lol.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.