Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!
Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!
Act now. This offer ends July 14, 2017.
Course Of The Month
4 days, 16 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Change LAN subnet and use two routers
Posted on 2011-09-14
Hi,
at one of my clients I need to join two networks into one, because finally they got 10 Gbps Optical line inbetween. Until now they were using interconnect link via 2 DSL routers. Ok, here we go:
OLD SITUATION (until today)
* LAN 1 ****** 200 IP devices
192.168.0.1/24
Subnet mask: 255.255.255.0
Main Router IP: 192.168.0.1
DSL router IP: 192.168.0.50
* LAN 2 ****** 100 IP devices
192.168.79.1/24
Subnet mask: 255.255.255.0
Main Router IP: 192.168.79.1
DSL router IP: 192.168.79.50
On both MAIN ROUTERS there is a route added for other network, so traffic destined from LAN1 to LAN2 (or vice versa) is routed on proper DSL ROUTER.
NOW, NEW CONFIGURATION (today)
They've got 10 Gbit optical dark fibre and FO-2-ETH adapters between both LANs.
Now, I need some suggestions how to utilize this link best. How should we proceed?
As we think of expanding subnet, for example to 192.168.0.1/23 (subnet mask 255.255.254.0), we realize that we won't be able to change all network device settings at once, but it will be a long process (more than 300 IP devices, lot's of them with static IP).
So QUESTIONS:
1.) Since by changing subnet to 255.255.254.0 we'll change broadcast address to 192.168.1.255, what could get broken in the process? I mean, when some of devices will have new subnet, and others old...will they be able to communicate?
2.) Should we start by changing IP/SUBNET on router/firewalls first, then servers, then clients.....or vice versa? I tested changing subnet on my PC, and from client side it all works from new IP and new subnet mask. But I did not try changing subnet on router.
NEXT QUESTION is about DUAL GATEWAYS.
Ok, when above config will be finished, there is one main problem:
We do not want all clients to use 1 gateway, but would like some sort of load-balancing. Each single gateway is on weak WAN connection (ADSL), so it barelly handles existing traffic, which is why we do not want further joint traffic to route via single ADSL.
So how to set this up?
WAN Routers are on one side LINUX machine on CentOS, and on the other side Cisco 800 series.
A simple FAILOVER can be established by configuring DHCP to provide 2 Gateways to clients. But this does not split traffic, neither provides load balancing.
Any idea?
at one of my clients I need to join two networks into one, because finally they got 10 Gbps Optical line inbetween. Until now they were using interconnect link via 2 DSL routers. Ok, here we go:
OLD SITUATION (until today)
* LAN 1 ****** 200 IP devices
192.168.0.1/24
Subnet mask: 255.255.255.0
Main Router IP: 192.168.0.1
DSL router IP: 192.168.0.50
* LAN 2 ****** 100 IP devices
192.168.79.1/24
Subnet mask: 255.255.255.0
Main Router IP: 192.168.79.1
DSL router IP: 192.168.79.50
On both MAIN ROUTERS there is a route added for other network, so traffic destined from LAN1 to LAN2 (or vice versa) is routed on proper DSL ROUTER.
NOW, NEW CONFIGURATION (today)
They've got 10 Gbit optical dark fibre and FO-2-ETH adapters between both LANs.
Now, I need some suggestions how to utilize this link best. How should we proceed?
As we think of expanding subnet, for example to 192.168.0.1/23 (subnet mask 255.255.254.0), we realize that we won't be able to change all network device settings at once, but it will be a long process (more than 300 IP devices, lot's of them with static IP).
So QUESTIONS:
1.) Since by changing subnet to 255.255.254.0 we'll change broadcast address to 192.168.1.255, what could get broken in the process? I mean, when some of devices will have new subnet, and others old...will they be able to communicate?
2.) Should we start by changing IP/SUBNET on router/firewalls first, then servers, then clients.....or vice versa? I tested changing subnet on my PC, and from client side it all works from new IP and new subnet mask. But I did not try changing subnet on router.
NEXT QUESTION is about DUAL GATEWAYS.
Ok, when above config will be finished, there is one main problem:
We do not want all clients to use 1 gateway, but would like some sort of load-balancing. Each single gateway is on weak WAN connection (ADSL), so it barelly handles existing traffic, which is why we do not want further joint traffic to route via single ADSL.
So how to set this up?
WAN Routers are on one side LINUX machine on CentOS, and on the other side Cisco 800 series.
A simple FAILOVER can be established by configuring DHCP to provide 2 Gateways to clients. But this does not split traffic, neither provides load balancing.
Any idea?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3-
2
6 Comments
Active 1 day ago
First question:
Why the urge to make it one IP network range.
Keep a router between the two compartiments and keep two subnets, then your 2nd problem doesn't exist either
as both compartiments have their own rules for routing...
Why the urge to make it one IP network range.
Keep a router between the two compartiments and keep two subnets, then your 2nd problem doesn't exist either
as both compartiments have their own rules for routing...
1. 192.168.0.1/24 devices will still be able to communicate with 192.168.0.1-192.168.0.255 devices, but not with 192.168.1.1 - 192.168.1.254.
192.168.0.1/23 will be able to communicate with 192.168.0.1/24 devices
2. It does not matter, if your firewall and servers will have addresses in 192.168.0.1-192.168.0.254 range. If you change subnet masks on them, they will still be able to communicate with other PCs in 192.168.0.1-192.168.0.254 range.
192.168.0.1/23 will be able to communicate with 192.168.0.1/24 devices
2. It does not matter, if your firewall and servers will have addresses in 192.168.0.1-192.168.0.254 range. If you change subnet masks on them, they will still be able to communicate with other PCs in 192.168.0.1-192.168.0.254 range.
Active 1 day ago
Mismatch of netmask can be an issue w.r.t. network stuff that depends on broadcast.... and on route selection.
So changing a netmask may block traffic, or shut parts of the network.
A better strategy if you want to change is to keep those networks saparated, and migrate to a NEW range.
(All equipment needs to be revisited anyway...)
so: 192.168.0.0/24 + 192.168.1.0 => 192.168.2.0/23
Then everything will continue to work as expected. (It can be done in the same lan, a bottleneck can be the capacity for the routers needed to bridge the temporary gap.
Anyway, why try to create ONE big network...
If you want to connect to the internet at large using multiple gateways you may need to look into getting BGP up & running and obtain a public network range that can be routed to.
So changing a netmask may block traffic, or shut parts of the network.
A better strategy if you want to change is to keep those networks saparated, and migrate to a NEW range.
(All equipment needs to be revisited anyway...)
so: 192.168.0.0/24 + 192.168.1.0 => 192.168.2.0/23
Then everything will continue to work as expected. (It can be done in the same lan, a bottleneck can be the capacity for the routers needed to bridge the temporary gap.
Anyway, why try to create ONE big network...
If you want to connect to the internet at large using multiple gateways you may need to look into getting BGP up & running and obtain a public network range that can be routed to.
Active 5 days ago
Hey, thanx for responds!
@noci
Well, regarding your first tip...it is a no go with existing equipment :(
In previous config, there were DSL modems as IP devices, which were used as hops from one to another network. Each side was configured to use this DSL modem's IP as gateway to another network.
But in new config, there are only fibre-to-ethernet adapters, which are not IP devices, so they cannot route traffic. This means, we would need to buy some extra routers for old config to be done on new fibre.
Regarding move to another range...
Well, you might be right, but it is PRODUCTION 24/7, with many devices running 24/7, which are integrated into network, so a move to another NEW subnet would be not possible, since it cannot be done in one run. Printers, surveilence devices, timers, gate control devices, telephony equipment, VPN links, etc...too many different devices and too many caretakers involved, that we cannot gather all together and reconfigure all devices at once.
So my plan was to keep larger subnet, and expand, so smaller subnet can fit into.
Regarding to Fgasimzade's explanation:
- if we expand subnet first on SERVERS and FIREWALL, those will be able to communicate with both, existing and newly expanded networks, right?
- after server's DHCP is updated to expanded subnet, clients will be able to communicate bot, with each other and with servers, right?
- the only problematic will be those machines with STATIC IP, which will remain on old subnet - they will not be able to communicate with devices on expanded part of new subnet, right?
So I assume, printers will be most noticeable problem, until we change their subnets.
@noci
Well, regarding your first tip...it is a no go with existing equipment :(
In previous config, there were DSL modems as IP devices, which were used as hops from one to another network. Each side was configured to use this DSL modem's IP as gateway to another network.
But in new config, there are only fibre-to-ethernet adapters, which are not IP devices, so they cannot route traffic. This means, we would need to buy some extra routers for old config to be done on new fibre.
Regarding move to another range...
Well, you might be right, but it is PRODUCTION 24/7, with many devices running 24/7, which are integrated into network, so a move to another NEW subnet would be not possible, since it cannot be done in one run. Printers, surveilence devices, timers, gate control devices, telephony equipment, VPN links, etc...too many different devices and too many caretakers involved, that we cannot gather all together and reconfigure all devices at once.
So my plan was to keep larger subnet, and expand, so smaller subnet can fit into.
Regarding to Fgasimzade's explanation:
- if we expand subnet first on SERVERS and FIREWALL, those will be able to communicate with both, existing and newly expanded networks, right?
- after server's DHCP is updated to expanded subnet, clients will be able to communicate bot, with each other and with servers, right?
- the only problematic will be those machines with STATIC IP, which will remain on old subnet - they will not be able to communicate with devices on expanded part of new subnet, right?
So I assume, printers will be most noticeable problem, until we change their subnets.
Active 1 day ago
If you have ONE router that can forward between the (Multiple IP in ONE Ethernet LAN). You can move everything one by one instead of all @ once.
Changing the Broadcast address will mean that all kinds of stuff related to Broadcast stops working.. That is in part implementation defined.
The DHCP update can be seen a one update. Then first move to a ultra short lease time (10 minutes or so) and after all systems are on that short lease you can change the setup. If the normal lease time is one week you need to wait one week in the short lease time to be sure that all addresses change.
Changing the Broadcast address will mean that all kinds of stuff related to Broadcast stops working.. That is in part implementation defined.
The DHCP update can be seen a one update. Then first move to a ultra short lease time (10 minutes or so) and after all systems are on that short lease you can change the setup. If the normal lease time is one week you need to wait one week in the short lease time to be sure that all addresses change.
Featured Post
We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month4 days, 16 hours left to enroll
Earn Certification
MTA Server Fundamentals Exam 98-365
$59.00$53.10
688 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.