ltoebbe
asked on
New Network Location
I am currently in the mist of planning out a new network design for a building move, however I was not 100% on best practices.
We currently have roughly 200+ servers, and roughly 600 users in our current location. We want to plan a building with 8% user growth per year, over the next 10 years. We are also going to be adding a VoIP system into this new location, which we currently do not have.
Taking a looking at my estimations, that would be roughly 1900 (500 server + 700 user + 700 VoIP) IP's, which I would like to grow into.
We currently have a 10.0.0.0/16 network, which seems like severe over-kill. I was considering looking at a 172.16.0.0/32 or /16, however after reading some of the posts here, it looks like I should be trying to keep around 100-200 hosts in each subnet? In my head I was thinking of breaking up the subnets by Geographical Location, but maybe I should be looking into breaking it up into departments?
As stated above, I was hoping someone could give me some insight/direction on best practices, as I feel like I am barking up the wrong tree with my /32.
~Thanks!
We currently have roughly 200+ servers, and roughly 600 users in our current location. We want to plan a building with 8% user growth per year, over the next 10 years. We are also going to be adding a VoIP system into this new location, which we currently do not have.
Taking a looking at my estimations, that would be roughly 1900 (500 server + 700 user + 700 VoIP) IP's, which I would like to grow into.
We currently have a 10.0.0.0/16 network, which seems like severe over-kill. I was considering looking at a 172.16.0.0/32 or /16, however after reading some of the posts here, it looks like I should be trying to keep around 100-200 hosts in each subnet? In my head I was thinking of breaking up the subnets by Geographical Location, but maybe I should be looking into breaking it up into departments?
As stated above, I was hoping someone could give me some insight/direction on best practices, as I feel like I am barking up the wrong tree with my /32.
~Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hello,
/24=256-2=254 hosts
/23=512-2=510 hosts
/22=1024-2=1022 hosts
It's not a matter which IP you are using like started with 10 or 172.The issue is you need how many hosts and how many networks you want to create.Because 10.0.0/22 & 172.16.0.0/22 indicates same number of hosts and networks.
So, people use to consider :
Security,Reliability,Scala
However, it's not a good idea to use a single network for large numbers of computers+Servers+Devices.
At first, you need to classify your important servers and separate those inside a different subnet.Then use router+Firewall
Secondly, you need keep some servers into different geo-location for disaster and backup.So all backup+additional servers (Like Secondary DNS) you need to keep into different geo-location and different subnet.It's recommended that you should have more than SPF (Single point of failure).
Thirdly, you can create subnet based on different departments.Some cases you may use /23, some cases /24 it's not a matter which CIDR you are using ..because router will route data among those subnets.You need to remember that smaller network has less broadcast.So, better try to create subnet for different different departments.CIDR depends on the users number of each department.
You also can use VLAN into your switchport to increase your security and separate into different subnets.
Lastly, resource is limited.So, you must need to think which resources are available to you and design should be cost effective.Based on your resource availability go ahead..
/24=256-2=254 hosts
/23=512-2=510 hosts
/22=1024-2=1022 hosts
It's not a matter which IP you are using like started with 10 or 172.The issue is you need how many hosts and how many networks you want to create.Because 10.0.0/22 & 172.16.0.0/22 indicates same number of hosts and networks.
So, people use to consider :
Security,Reliability,Scala
However, it's not a good idea to use a single network for large numbers of computers+Servers+Devices.
At first, you need to classify your important servers and separate those inside a different subnet.Then use router+Firewall
Secondly, you need keep some servers into different geo-location for disaster and backup.So all backup+additional servers (Like Secondary DNS) you need to keep into different geo-location and different subnet.It's recommended that you should have more than SPF (Single point of failure).
Thirdly, you can create subnet based on different departments.Some cases you may use /23, some cases /24 it's not a matter which CIDR you are using ..because router will route data among those subnets.You need to remember that smaller network has less broadcast.So, better try to create subnet for different different departments.CIDR depends on the users number of each department.
You also can use VLAN into your switchport to increase your security and separate into different subnets.
Lastly, resource is limited.So, you must need to think which resources are available to you and design should be cost effective.Based on your resource availability go ahead..
ASKER
It I am understanding you correctly, if I wanted to start scoping down the subnet, I can stick with the 10.8.0.0 that we have, however use a /23 subnet (at the largest) to keep the hosts down to a reasonable level? While its not as bad as I originally thought to have the /16, its not the end of the world, however I really wouldn't want to put more then 500 hosts on the subnet?
Does that sound about right?