Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Looking for a second opinion on network config

Posted on 2011-09-22
1
Medium Priority
?
268 Views
Last Modified: 2012-05-12
My immediate problem is DHCP is saying it's almost out of IP addresses to pass out. We have as few as 6 left at times. I don't anticipate a lot of growth in the next year or two, but folks will get annoyed if we have to tell them, "Hey, we're out of IPs, sneak over and shut your neighbor's PC off and you can maybe take his."

So the plan is to just exoand the current scope, which is192.168.150.56-254    (199 IPs).

We'd extend it to 192.168.151.56 - 192.168.151.254  (= 453 IPs). We adjust the subnet mask DHCP passes out to 255.255.254.0, boot all the PCs, change the subnet masks on all the staticly assigned devices, and we're good to go.

But this has gotten me thinking: "THEY" say that would work, but what is best practice for a network our size? The network performs reasonaby well. Maybe the little scope expansion above is all we need. Or, maybe we should use some vlans to segregate things - but would this just be added complexity but yeild no real world improvement?

I've done some reading about subnetting, which only shows me how vast my ignorance is. I'd like someone who's 'been-there-done-that' to say a few words about how you'd organize this network.

Here's the data:

- 190 PCs/laptops

- 10 servers

- 11 remote sites which connect via PIX or ASA and a Comcast connection (about 40 of the PCs are spread among these sites, each site orerates as its own subnet)

-20+ printers

- our ISP connection is 16 Mbs  (this may be too small)

- our main site has 4 buildings connected by fibre optic - that is our main subnet, the one that is running out of IP addresses.

- we have maybe 4 managed switches and a bunch of unmanaged ones. We don't actually do any managing with the switches.

- One significant addition that looks like it's headed our way is VOIP, within 2 years



I'd appreciate any insight on what we might realistically change or add.


Thanks

Larry
0
Comment
Question by:cgunix
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 9

Accepted Solution

by:
Brian earned 2000 total points
ID: 36581297
If you have VoIP coming, you are going to want VLANs. Setup each VLAN with its own /24 subnet. Maybe building one is 10.1.1.0/24 and building two is 10.1.2.0/24 etc... You may want to segregate by department or by security levels instead.

Using VLANs with VoIP you can start to use QoS on your network as well. Also, your IP problem will only get worse as you add two hundred or so VoIP devices, so it becomes critical to break up the network in to pieces with their own subnets.

The other nice thing VLANs should give you is damage control. If you get an infected PC or someone plugs in a laptop that starts sending out SPAM and loads down the network, you can contain the damage.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question