Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Looking for a second opinion on network config

Posted on 2011-09-22
1
Medium Priority
?
271 Views
Last Modified: 2012-05-12
My immediate problem is DHCP is saying it's almost out of IP addresses to pass out. We have as few as 6 left at times. I don't anticipate a lot of growth in the next year or two, but folks will get annoyed if we have to tell them, "Hey, we're out of IPs, sneak over and shut your neighbor's PC off and you can maybe take his."

So the plan is to just exoand the current scope, which is192.168.150.56-254    (199 IPs).

We'd extend it to 192.168.151.56 - 192.168.151.254  (= 453 IPs). We adjust the subnet mask DHCP passes out to 255.255.254.0, boot all the PCs, change the subnet masks on all the staticly assigned devices, and we're good to go.

But this has gotten me thinking: "THEY" say that would work, but what is best practice for a network our size? The network performs reasonaby well. Maybe the little scope expansion above is all we need. Or, maybe we should use some vlans to segregate things - but would this just be added complexity but yeild no real world improvement?

I've done some reading about subnetting, which only shows me how vast my ignorance is. I'd like someone who's 'been-there-done-that' to say a few words about how you'd organize this network.

Here's the data:

- 190 PCs/laptops

- 10 servers

- 11 remote sites which connect via PIX or ASA and a Comcast connection (about 40 of the PCs are spread among these sites, each site orerates as its own subnet)

-20+ printers

- our ISP connection is 16 Mbs  (this may be too small)

- our main site has 4 buildings connected by fibre optic - that is our main subnet, the one that is running out of IP addresses.

- we have maybe 4 managed switches and a bunch of unmanaged ones. We don't actually do any managing with the switches.

- One significant addition that looks like it's headed our way is VOIP, within 2 years



I'd appreciate any insight on what we might realistically change or add.


Thanks

Larry
0
Comment
Question by:cgunix
1 Comment
 
LVL 9

Accepted Solution

by:
Brian earned 2000 total points
ID: 36581297
If you have VoIP coming, you are going to want VLANs. Setup each VLAN with its own /24 subnet. Maybe building one is 10.1.1.0/24 and building two is 10.1.2.0/24 etc... You may want to segregate by department or by security levels instead.

Using VLANs with VoIP you can start to use QoS on your network as well. Also, your IP problem will only get worse as you add two hundred or so VoIP devices, so it becomes critical to break up the network in to pieces with their own subnets.

The other nice thing VLANs should give you is damage control. If you get an infected PC or someone plugs in a laptop that starts sending out SPAM and loads down the network, you can contain the damage.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question