?
Solved

How to obtain and be able to use more ip addresses than the standard 255?

Posted on 2011-10-11
18
Medium Priority
?
413 Views
Last Modified: 2012-05-12
Hello experts,

I have a little bit of a dilemma at the company that I work at.  We have been changing around the IP configuration a little bit and I am running into the problem that many of the allotted 255 ip addresses are being used up quite quickly.  We have about 350 employees and there are many computers, printers, and other devices that are on our network and mostly all of them are static IP, but even if they have DHCP, the server is running out of IP addresses to use.  One of my friends suggested adding an additional NIC card to the domain controller and creating a new set of 255 IP addresses.  I read somewhere that another option would be to take advantage of supernetting.  I don't know much about IP addresses to begin with, so whereas both of these options sound alright to me, I don't really know how to implement either option.  If I added a second NIC to the server, would I have to add another connection onto the computers?  Would that mess up the connection already established?  If I wanted to start this supernetting idea, would that involve me having to reconfigure every machine?  Is supernetting difficult to implement?  Do I need any additional software or hardware to supernet?  Does anyone have any other options for me? Thanks so much in advance for any help!
0
Comment
Question by:Brent Johnson
  • 8
  • 5
  • 3
  • +1
18 Comments
 
LVL 15

Accepted Solution

by:
DonConsolio earned 1000 total points
ID: 36952934
Change your subnet from 255.255.255.0 (e.g. 10.1.2.1-254) to 255.255.0.0 (e.g. 10.1.X.X)

Important: ALL devices in your network need to be updated to new subnet mask.
0
 

Author Comment

by:Brent Johnson
ID: 36952965
do I make this change on the domain controller?
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 36957121
as DonConsolio said:  *all* devices...

Just so you're not confused by any of this.  I note you mention supernetting.  Nothing "super" about a larger subnet.  Supernetting is a more elaborate scheme than that .. in which there are distinct subnets within the supernet and there are devices capable of dealing with the necessary protocols.  Sounds like this would be beyond your scope or needs.

Another way, which may have some advantages would be to introduce a new, larger subnet in addition to the existing subnet and route between them.  Then gradually transition devices from the old to the new at your leisure.

If you add an IP address to the gateway NIC then you can use the same copper for both subnets if there aren't any "too smart" devices in between ("router on a sitck").
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 29

Expert Comment

by:pwindell
ID: 36988136
Never make segments bigger than the normal 254 Host segments you get with a 24bit mask.  Ethernet looses efficiency after 250-300 hosts.  Therefore,...for every 200 Hosts create a new IP Segment.  Never roll the mask back to /23 bit,...that jumps the segment up to 510 Host which is too big to actually use,...yet if you don't use it then you are wasting the addresses and are increasing the chances of a routing conflict if you ever have to join your LAN to someone else's with a VPN or some other WAN type.
0
 
LVL 15

Expert Comment

by:DonConsolio
ID: 36990022
Sorry, but that sounds like nonsense to me.

- Ethernet does not care how many IP addresses you have in your network nor does it "lose efficiency" with a /16 subnet (what matters is the number of active hosts active at the same time and the amount of traffic)
- segmenting your IP space without reason makes your setup more complicated and more prone to error
- just because you increase your possible address range to 510 (or even more) you don't suddenly have 510 devices active on your network - if your network supports 250 devices now it can also handle 260 :-)
- you cannot "waste" private IP addresses (the entire 10.X.X.X range belongs to you and there is no need to worry about wasting it), but you can use this space to arrange your IP range according to your needs (e.g. 10.0.0.0/16 network: 10.0.10.X - department A,  10.0.11.X - department B, 10.0.1.X - Servers, 10.0.2.X - Printers , 10.0.90.X - DHCP addresses, etc.)
0
 
LVL 29

Expert Comment

by:pwindell
ID: 36993201
Yea, Don,...there that the guys that say that everytime post it,...I expect it.
You need to put more thought into that.

Any school worth paying tuition has properly taught that the number of host effect broadcasts and that Ethernet starts to degrade at the level of broadcasts that you get around 250-300 Hosts.  Unfortunately too many schools aren't worth paying the tuition. Note I said starts to degrade,...I never said it came to a crashing stop at 301,...but running 500 hosts will definitely run into performance problems if the people running the network actually care about performance.  

Switches help make it less noticeable, raising to Gig speeds over 100mbps make it less noticeable but it doesn't keep it from happening.  Modern servers, OS's, and even business software itself generate more broadcasts than in the past so they make the broadcasts worse. Those same things are also more traffic intensive than in the past which also make it worse.

Segmenting does not make it more complex and error prone if the people doing it are qualified and know what they are doing.  I run 6 segments (254 Hosts each, 1524 Host max capacity) and do it with just a single simple LAN Router,...and it is extremely simple (so simple a cave man could do it), and needs no dynamic routing protocols,...and it also remains extremely fast and efficient.  Yet it accomplished that performance while still running 10/100 with Gig (1000) only on the Backbone links, ..just think how much more it could do if I went 1gig to desktops with 10gig backbones.

Yes you can waste addresses.  10.x.x.x doesn't belong to you,..it belongs to everybody,...think about that one for a minute.  FInd a company that doesn't have a WAN link or a VPN to some other site or some other Company now-a-days,..go ahead,..try to find one.  Even if you do it is only a matter of time before they do expand.  You cannot join two networks together effectively if they both use the same address space.  So you get wasteful with your addressing scheme and suddenly you hit a wall trying to link to another network because you have over-lapping address spaces,...I mean this can already happen if you choose an over-used lower 192 range like 192.168.0.x or 192.168.1.x,...so why exacerbate the problem?

Now what usually happens in these cases?  Do people ever listen to me? Do they usually do the right thing?
NO.  Most IT people unfortunately are just plain lazy (no offense to those of who who aren't and work hard and care about your work).  They only want instant gratification and want to find the quickest way to get the boss off their back with the least amount of effort.  They don't care about the quality of their work and then when the network they work on starts to get bad they just leave, move on to a new job that they think is a better deal and leave the problems to the next poor sap who comes in to replace them.  How many posts in this site begin with the words, "I inherited this mess from the previous guy"?
0
 

Author Comment

by:Brent Johnson
ID: 37040492
Okay.  I read an article that said if I change my subnet to "255.255.252.0", I will have 1022 addresses to use.  What will the addresses be though?  Right now my subnet is 255.255.255.0 and the ips that I  use are 10.1.81.1 - 10.1.81.253 with the last one as my default gateway.  What is an example of some new ip addresses and/or ip range if I change the subnet to 255.255.252.0??
0
 
LVL 29

Expert Comment

by:pwindell
ID: 37041019
Looks like you may want about 400-450 Hosts on the network. That is a guess based on the number of employees and the amount of additional equipment.

All you need to do is add a LAN Router onto the LAN.  You could build one out of Linux and some scrap PC parts if you want to.  But personally I'd buy something better,...for that matter the school probably has a few "real" routers laying around the PC Labs.

Configure on Interface on the "Router" to be on your existing LAN and plug that into a switch,...any switch would do it,..but I recommend a primary switch in the Server Room.

There,...90% done already.

The second Interface on the "Router" you plug into a new Switch in the Server Room.   All new additional Hosts added as your LAN Grows just get plugged into the new switch (or switches downstream from that one).

254 Host Segment + a second 254 Host segment  = 508 possible Hosts.

Subnet #1 (your existing one)  10.1.81.1 - 10.1.81.254    255.255.255.0
Subnet #2 (the new one)          10.1.82.1 - 10.1.82.254   255.255.255.0
0
 
LVL 29

Expert Comment

by:pwindell
ID: 37041079
There are a few more config details to finish it up but there is no point in me going there just yet unless you are actually going to do this.  I'm here to help people do things the right way.  If all you are going to do is roll the Mask back by one bit I'll have no part of that.  I'm not here to encourage bad practice.  On top of that rolling the mask back is a whole heck of a lot more work due to reconfiguring every PC, Server, Printer, Switch, and who knows what all, on the LAN.

But you can do it the correct way by adding a router and you'll barely have to touch a PC and you can actually get the whole thing in place without disturbing anything,...then "make use of it" once it is ready.
0
 
LVL 29

Expert Comment

by:pwindell
ID: 37041250
But personally I'd buy something better,...for that matter the school probably has a few "real" routers laying around the PC Labs.

Was thinking you were at a school,...if not, then ignore that comment.  
It changes nothing about the situation though.
0
 

Author Comment

by:Brent Johnson
ID: 37042374
pwindell, thanks for the info.  However, I'm trying to make it so that the computers that are DHCP will have more IP addresses to use because right now, every day, I am getting the same calls "IP conflict on network" because there are not enough IP addresses for the amount of machines and devices on the network.  If I add this router that you are talking about, will the existing DHCP machines be able to use the additional IP addresses?
0
 
LVL 29

Expert Comment

by:pwindell
ID: 37044832
You could temporarily (to buy time) reduce the DHCP Lease period to maybe, like, 2 hours. This would free up addresses quicker and buy you time till you get the network corrected.   I think someone may have suggested something like that earlier.  You have also never indicated the "specs" of your DHCP Scope.  There is no way that it could possibly giving out a full block of 254 addresses because you are going to have a certain number of Statically addressed machines,...so your Scope is giving out something less than that.  Make sure you aren't wasting addresses by not including them in the Scope's available address when they haven't been statically assigned to anything.  For example if you have 22 address statically assigned to equipment and they are sequential from the beginning, then your Scope should give out addresses to the Client beginning with the 23rd address down to he end,..but if it starts at the 30th address then you wasted 8 addresses..

Anyway......

They WILL have more IP Addresses when you are done.

DHCP will serve both subnets,...each subnet will have its own DHCP Scope on the DHCP Server

Clients get an address from the correct Scope that corresponds to the subnet that you physically attach them to

It is the job of the LAN Router to pass the DHCP Queries from the Clients.   There is nothing special on the DHCP Server other than you create a Scope for each subnet,...just simple normal Scopes,...nothing special there.  You just add the DHCP "Helper" Address to the Router so it knows what DHCP Server(s) to use.

So, this is all common stuff and is all proper practice and proper network design.  This is the way it has been done for 25 years or ever since TCP/IP took over the world from the IPX/SPX Novel monster.

Lastly,...this is something I touched on n another thread.   How much time do you want to sit around wasting messing with web forums?  When I have a problem with something I want it fixed yesterday,...I'm not going to mess around  in a web forum haggling over things and watching 3 or 4 people argue of how to fix something that they can't even see with their own eyes while egos and pride drag the argument out for days or weeks.  If you want it fixed right,...and I think that should be every IT person's goal,...and if you don't know how to approach it yourself,...call in a consultant,...tell them you want to add a LAN Router and a second /24 bit segment,...and it will be done.

Web forums are great when your dealing with something that is not a critical or an immediate problem.  If you have plenty of time to mess around with something and take the time to learn from other people,...then web forums are a great place.  But they are lousy for critical problems that need fast solutions.



0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 37046277
Well, sometimes I post a question in "real time", fix the problem before any helpful answers appear and then continue with the question as I might learn something new.  

Perhaps an issue for the Author is that the location of the added router in the network physical topology isn't clear (in view of the question of limited IP addresses still):

I would think you'd switch roughly half the users to the new subnet in one step ... or maybe in a few steps with the first one your "trial" to make sure things are going as you expect.

In order for some clients to connect to the "other side" of the added router means some kind of cabling change.  

- If all clients are cabled directly into the switch room then there's likely a stacked switch or a cascade of switches.  You break the network at that point and that's where the added router goes.

- If the clients fan out by virtue of closet switches distributed around the building, then you could split their terminations between sides of the router.

There may be other approaches that someone could share.
0
 
LVL 29

Expert Comment

by:pwindell
ID: 37046659
I'd say the same thing.
I have one "Server room" and one IDF with a stack of switches.
I have 6 IP Segments
I have 6 gigabit ports on the L3 Switch/Router in the Server Room and use that to run 6 "backbone" cables down to the IDF where there is a big stack of Switches.  The Switches are part of a particular subnet by virture of what "backbone" cable plugs into it.
The Patch Panels in the IDF run to the building's "outlets", so I can change the segment a particular wall jack is part of by only just moving a simple patch cable into a port on the proper Switch.
I make use of Patch Panels in the Server Room too,... so cabling switching is just a matter of moving a simple short patch cable to a different port.

But we can't see his system with our own eyes so I don't know how it is structured there.  But I make a really big deal out of planning,...not only logically in how you create and design a subnet "plan" but also the physical as well,...it has to be flexible and scaleable if you only want to do it once.
0
 

Author Comment

by:Brent Johnson
ID: 37047412
We have a server room and a couple of other closets that house switches and patch panels.  The server room has our dns server and exchange/app/data server.  It has about 4 switches, but only 3 of them are active.  The internet connections go into another room that we call the "dmarc room".  That is where our firewalls and main (and I think only) router is.  We have another room which houses 2 patch panels and 1 switch.  I am still a bit confused though.  You guys may need to dumb everything down a couple of notches since I am not that savvy when it comes to anything involving network configurations.  If you could please instruct me on what to physically do to allow me to obtain more ip addresses, that would be wonderful.  Thanks.
0
 

Author Comment

by:Brent Johnson
ID: 37047428
And would I add this new router to one of the switches in the server room?
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 37048958
Well, it appears that you don't really know what the network topology is, only the geography to a point.

So, here is a quick "cartoon".

Internet Gateway / Firewall .... a central point in the network to be sure.  Could include a modem/router of some kind (cable ADSL etc.).  Depending on how many public IP addresses you have (how many?), there could be a switch here as well.  NOTE: this isn't a "closet", it's a set of network components that are *probably* in the same place.

On the "inside" of the firewall, the Local Area Network.  From here on out to the client computers are switches.  Maybe they are in one or two places and maybe not.

Looking "upstream" from the client machines you may see:
- A group of client machines connected to a switch.
- Other groups of client machines connected to switches.
- These switches go upstream connected to other switches until the flow hits the Internet Gateway.

The switches may be all in one place or distributed around the building(s).  Even so, they will have cables that end up in a switch or switches than wind up connecting to the Internet Gateway.

This is a gross description but likely close.

OK, so what you want to do is figure out where the LAN subnet cabling is.
What you want to figure out is how many client machines connect into the network / where?
Ideally you'd like to more or less split the client machines in half.

So, lets say that you find there are 180 cables coming into the switch room into 4 48-port switches.
The 48-port switches will be connected together somehow: either stacked to make a bigger switch in effect orr cascaded so that each of the 48-port switches also connects upstream maybe even to the Internet Gateway device with 4 cables.

Let's say that the subnet is 192.168.1.0/24.
What you want is another subnet say: 192.168.2.0/24.

You do this:
Split the client connections (conceptually) into two groups that are easily separable.
Let's say that you decide to split the 4 cables above into two groups of 2 each.
To make this happen you do something like this:

1) disconnect 2 of the cables from the existing LAN on the upstream side.
2) connect those 2 cables into a router on the LAN side
That router will have:
- NAT turned off.  It will be in Router mode for some devices.
- DHCP turned on with the LAN address 192.168.2.1/24 and the DHCP range perhaps 192.168.2.16 - 192.168.2.239, leaving some addresses for static assignment at the bottom and the top of the  range.
- The WAN side of the router will be 192.168.1.xxx such as 254 or 253 ... just so it's out of the DHCP range of the original LAN subnet.
The router will need a static route from 192.168.2.0 to 192.168.1.0 which it will probably have simply by virtue of its IP address setup.
The Internet Gateway on the original LAN will have to have a route that points to 192.168.2.0/24 at the 192.168.1.xxx address of the added router.

Now you will have 2 LANS with 1 Internet Gateway.

It's also very possible that your existing Internet Gateway will have available ports that can be assigned to the added subnet and all the work will be done there.  Then it's just a matter of fanning out the cabling from 2 ports on the gateway to the 2 LANs and making sure there are routes that connect the two LANs.

This is about as close as I can get without knowing what equipment you're using and what the actual network topology is.
0
 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 1000 total points
ID: 37056710
And would I add this new router to one of the switches in the server room?

Yes.

1st interface goes into a live switch you are using

2nd Interfaces goes to the switch that is not being used now. This switch becomes the "beginning" of the new segment.

Add a Switch to one or more of the closets and connect them back to the one in the server room.

You can get all of it running and routing properly without even disturbing the existing system.

Here is a model of this.  This model uses three subnets in the example.

 3 segment LAN
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Web hosting control panels were first developed to make it faster and easier for most users to set up and operate websites. The graphical user interface (GUI) allows users to perform tasks by pointing and clicking rather than typing highly specific…
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question