ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.
One of a set of tools we're offering as a way to say thank you for being a part of the community.
Change LAN subnet and use two routers
Hi,
at one of my clients I need to join two networks into one, because finally they got 10 Gbps Optical line inbetween. Until now they were using interconnect link via 2 DSL routers. Ok, here we go:
OLD SITUATION (until today)
* LAN 1 ****** 200 IP devices
192.168.0.1/24
Subnet mask: 255.255.255.0
Main Router IP: 192.168.0.1
DSL router IP: 192.168.0.50
* LAN 2 ****** 100 IP devices
192.168.79.1/24
Subnet mask: 255.255.255.0
Main Router IP: 192.168.79.1
DSL router IP: 192.168.79.50
On both MAIN ROUTERS there is a route added for other network, so traffic destined from LAN1 to LAN2 (or vice versa) is routed on proper DSL ROUTER.
NOW, NEW CONFIGURATION (today)
They've got 10 Gbit optical dark fibre and FO-2-ETH adapters between both LANs.
Now, I need some suggestions how to utilize this link best. How should we proceed?
As we think of expanding subnet, for example to 192.168.0.1/23 (subnet mask 255.255.254.0), we realize that we won't be able to change all network device settings at once, but it will be a long process (more than 300 IP devices, lot's of them with static IP).
So QUESTIONS:
1.) Since by changing subnet to 255.255.254.0 we'll change broadcast address to 192.168.1.255, what could get broken in the process? I mean, when some of devices will have new subnet, and others old...will they be able to communicate?
2.) Should we start by changing IP/SUBNET on router/firewalls first, then servers, then clients.....or vice versa? I tested changing subnet on my PC, and from client side it all works from new IP and new subnet mask. But I did not try changing subnet on router.
NEXT QUESTION is about DUAL GATEWAYS.
Ok, when above config will be finished, there is one main problem:
We do not want all clients to use 1 gateway, but would like some sort of load-balancing. Each single gateway is on weak WAN connection (ADSL), so it barelly handles existing traffic, which is why we do not want further joint traffic to route via single ADSL.
So how to set this up?
WAN Routers are on one side LINUX machine on CentOS, and on the other side Cisco 800 series.
A simple FAILOVER can be established by configuring DHCP to provide 2 Gateways to clients. But this does not split traffic, neither provides load balancing.
Any idea?
at one of my clients I need to join two networks into one, because finally they got 10 Gbps Optical line inbetween. Until now they were using interconnect link via 2 DSL routers. Ok, here we go:
OLD SITUATION (until today)
* LAN 1 ****** 200 IP devices
192.168.0.1/24
Subnet mask: 255.255.255.0
Main Router IP: 192.168.0.1
DSL router IP: 192.168.0.50
* LAN 2 ****** 100 IP devices
192.168.79.1/24
Subnet mask: 255.255.255.0
Main Router IP: 192.168.79.1
DSL router IP: 192.168.79.50
On both MAIN ROUTERS there is a route added for other network, so traffic destined from LAN1 to LAN2 (or vice versa) is routed on proper DSL ROUTER.
NOW, NEW CONFIGURATION (today)
They've got 10 Gbit optical dark fibre and FO-2-ETH adapters between both LANs.
Now, I need some suggestions how to utilize this link best. How should we proceed?
As we think of expanding subnet, for example to 192.168.0.1/23 (subnet mask 255.255.254.0), we realize that we won't be able to change all network device settings at once, but it will be a long process (more than 300 IP devices, lot's of them with static IP).
So QUESTIONS:
1.) Since by changing subnet to 255.255.254.0 we'll change broadcast address to 192.168.1.255, what could get broken in the process? I mean, when some of devices will have new subnet, and others old...will they be able to communicate?
2.) Should we start by changing IP/SUBNET on router/firewalls first, then servers, then clients.....or vice versa? I tested changing subnet on my PC, and from client side it all works from new IP and new subnet mask. But I did not try changing subnet on router.
NEXT QUESTION is about DUAL GATEWAYS.
Ok, when above config will be finished, there is one main problem:
We do not want all clients to use 1 gateway, but would like some sort of load-balancing. Each single gateway is on weak WAN connection (ADSL), so it barelly handles existing traffic, which is why we do not want further joint traffic to route via single ADSL.
So how to set this up?
WAN Routers are on one side LINUX machine on CentOS, and on the other side Cisco 800 series.
A simple FAILOVER can be established by configuring DHCP to provide 2 Gateways to clients. But this does not split traffic, neither provides load balancing.
Any idea?
Asked:
Who is Participating?
First question:
Why the urge to make it one IP network range.
Keep a router between the two compartiments and keep two subnets, then your 2nd problem doesn't exist either
as both compartiments have their own rules for routing...
Why the urge to make it one IP network range.
Keep a router between the two compartiments and keep two subnets, then your 2nd problem doesn't exist either
as both compartiments have their own rules for routing...
Mismatch of netmask can be an issue w.r.t. network stuff that depends on broadcast.... and on route selection.
So changing a netmask may block traffic, or shut parts of the network.
A better strategy if you want to change is to keep those networks saparated, and migrate to a NEW range.
(All equipment needs to be revisited anyway...)
so: 192.168.0.0/24 + 192.168.1.0 => 192.168.2.0/23
Then everything will continue to work as expected. (It can be done in the same lan, a bottleneck can be the capacity for the routers needed to bridge the temporary gap.
Anyway, why try to create ONE big network...
If you want to connect to the internet at large using multiple gateways you may need to look into getting BGP up & running and obtain a public network range that can be routed to.
So changing a netmask may block traffic, or shut parts of the network.
A better strategy if you want to change is to keep those networks saparated, and migrate to a NEW range.
(All equipment needs to be revisited anyway...)
so: 192.168.0.0/24 + 192.168.1.0 => 192.168.2.0/23
Then everything will continue to work as expected. (It can be done in the same lan, a bottleneck can be the capacity for the routers needed to bridge the temporary gap.
Anyway, why try to create ONE big network...
If you want to connect to the internet at large using multiple gateways you may need to look into getting BGP up & running and obtain a public network range that can be routed to.
Hey, thanx for responds!
@noci
Well, regarding your first tip...it is a no go with existing equipment :(
In previous config, there were DSL modems as IP devices, which were used as hops from one to another network. Each side was configured to use this DSL modem's IP as gateway to another network.
But in new config, there are only fibre-to-ethernet adapters, which are not IP devices, so they cannot route traffic. This means, we would need to buy some extra routers for old config to be done on new fibre.
Regarding move to another range...
Well, you might be right, but it is PRODUCTION 24/7, with many devices running 24/7, which are integrated into network, so a move to another NEW subnet would be not possible, since it cannot be done in one run. Printers, surveilence devices, timers, gate control devices, telephony equipment, VPN links, etc...too many different devices and too many caretakers involved, that we cannot gather all together and reconfigure all devices at once.
So my plan was to keep larger subnet, and expand, so smaller subnet can fit into.
Regarding to Fgasimzade's explanation:
- if we expand subnet first on SERVERS and FIREWALL, those will be able to communicate with both, existing and newly expanded networks, right?
- after server's DHCP is updated to expanded subnet, clients will be able to communicate bot, with each other and with servers, right?
- the only problematic will be those machines with STATIC IP, which will remain on old subnet - they will not be able to communicate with devices on expanded part of new subnet, right?
So I assume, printers will be most noticeable problem, until we change their subnets.
@noci
Well, regarding your first tip...it is a no go with existing equipment :(
In previous config, there were DSL modems as IP devices, which were used as hops from one to another network. Each side was configured to use this DSL modem's IP as gateway to another network.
But in new config, there are only fibre-to-ethernet adapters, which are not IP devices, so they cannot route traffic. This means, we would need to buy some extra routers for old config to be done on new fibre.
Regarding move to another range...
Well, you might be right, but it is PRODUCTION 24/7, with many devices running 24/7, which are integrated into network, so a move to another NEW subnet would be not possible, since it cannot be done in one run. Printers, surveilence devices, timers, gate control devices, telephony equipment, VPN links, etc...too many different devices and too many caretakers involved, that we cannot gather all together and reconfigure all devices at once.
So my plan was to keep larger subnet, and expand, so smaller subnet can fit into.
Regarding to Fgasimzade's explanation:
- if we expand subnet first on SERVERS and FIREWALL, those will be able to communicate with both, existing and newly expanded networks, right?
- after server's DHCP is updated to expanded subnet, clients will be able to communicate bot, with each other and with servers, right?
- the only problematic will be those machines with STATIC IP, which will remain on old subnet - they will not be able to communicate with devices on expanded part of new subnet, right?
So I assume, printers will be most noticeable problem, until we change their subnets.
If you have ONE router that can forward between the (Multiple IP in ONE Ethernet LAN). You can move everything one by one instead of all @ once.
Changing the Broadcast address will mean that all kinds of stuff related to Broadcast stops working.. That is in part implementation defined.
The DHCP update can be seen a one update. Then first move to a ultra short lease time (10 minutes or so) and after all systems are on that short lease you can change the setup. If the normal lease time is one week you need to wait one week in the short lease time to be sure that all addresses change.
Changing the Broadcast address will mean that all kinds of stuff related to Broadcast stops working.. That is in part implementation defined.
The DHCP update can be seen a one update. Then first move to a ultra short lease time (10 minutes or so) and after all systems are on that short lease you can change the setup. If the normal lease time is one week you need to wait one week in the short lease time to be sure that all addresses change.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
-
Course of the Month5 days, 3 hours left to enrollMonitoring and Operating a Private Cloud with System Center 2012 R2 273 lessons
192.168.0.1/23 will be able to communicate with 192.168.0.1/24 devices
2. It does not matter, if your firewall and servers will have addresses in 192.168.0.1-192.168.0.254 range. If you change subnet masks on them, they will still be able to communicate with other PCs in 192.168.0.1-192.168.0.254 range.