Solved

IP Address redesign

Posted on 2012-12-28
9
504 Views
Last Modified: 2012-12-28
We currently have a network of 192.168.0.0/23 which gives us 192.168.0.1-192.168.1.254. We have another remote location through site to site vpn that uses 192.168.3.0/24 and a 3rd site to site that uses 192.168.4.0/24. We are running out of IPs and trying to decide what is best. We are considering setting up a vlan for each department and giving them their own block of IPs. We are considering supernetting the 192.168 network for all departments. Each department would have 512 addresses. 192.168.0.0/23 for one, 192.168.2.0/23 for another, 192.168.4.0/23, 192.168.6.0/23 etc. Are there any potential problems with doing this? Is it better to subnet a class a or b using 10.0.0.0 or 172.16.0.0 or will it not matter. It will be substantially easier to stay with 192.168.0.0/23 due to the fact that much less will need changed in order to do that.

I am trying to come up with a plan that is best for the next 30 years and that will be easiest to implement. Any ideas?
0
Comment
Question by:Wyandotte
  • 4
  • 2
  • 2
  • +1
9 Comments
 
LVL 11

Accepted Solution

by:
rharland2009 earned 500 total points
ID: 38727285
The 512-address per department is a sound design - as long as you know you'll never exceed those seat numbers. When you say you're 'running out of IPs' I take that to mean that your /24 locations are getting bigger, since you'd like to stay at the /23 for your main location.
If you'd like to future-proof yourself a bit, put some space in between your location IP assignments. Like this:

192.168.0.0/23
192.168.10.0/23
192.168.20.0/23

This way, you could greatly expand these segments at a future date without bumping into the network boundary of the other locations. Just a thought.

As far as what class you use, it doesn't matter in the private space.
0
 

Author Comment

by:Wyandotte
ID: 38727328
I am running out of space at all locations and I don't think I should go over 512 hosts per vlan. I could leave the data center at 192.168.0.0/23 and that will be enough addresses for this building for quite some time. There are only about 70 being used right now. I could then open up the remote site that is 192.168.3.0/24 to include the .2.0 which will double their IPs and then give them several subnets after that for room to grow. What is the maximum number of hosts per network. We don't need to vlan for security, I just thought I shouldn't go over 512 hosts per network. Am I wrong in thinking that?
0
 
LVL 11

Expert Comment

by:rharland2009
ID: 38727358
Back in the day, flat networks were terrible just because of the chattiness of broadcast traffic due to DHCP, etc.. Is it that much of a dealbreaker today? Most likely not, but your 512-host limit is still a good practice.
I like your idea of enveloping the .2 into your .3. That's what I did the last time I had to redesign at a shop.
Lots of opinions out there...
https://learningnetwork.cisco.com/thread/10668
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:Wyandotte
ID: 38727366
I read that thread when I was google searching the topic. I wanted to get an opinion on here. I think we will go that route. thanks.
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 38727400
Another suggestion: if your users ever VPN, it can cause issues if you use 192.168.0 or .1 as most all consumer routers are default to 192.168.0.1 or 192.168.1.1. I'd either stay off those two or just move up to 10.
0
 

Author Comment

by:Wyandotte
ID: 38727512
We have a Cisco vpn currently with a few dozen users and don't have any problems.
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 38727602
If you have a server at the office with an ip of 192.168.0.101 and your user is at home and their dhcp range starts at 192.168.0.100 and their media server or whatever is at 192.168.0.101 then I think they can't reach your server.
0
 

Author Comment

by:Wyandotte
ID: 38727629
Correct, but most home networks start their IPs at 100 and our servers are all below that. Thanks for the tip though.
0
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 38727671
I would consider breaking it up so that you have actual subnet boundaries.  At least, at times, this simplifies setting up routers, firewalls, etc.

Then you would use:
192.168.0.0/23
192.168.8.0/23
192.168.16.0/23

This way the subnets not only do not overlap but can be increased in size to /21 in some fashion while maintaining the ability to use CIDR notation such as:
And each subnet can be referred to as:
192.168.0.0/21
192.168.8.0/21
192.168.16.0/21

If you choose other boundaries then you can't use this notation to refer to an entire subnet - should you choose to make one larger later on.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Expanding Subnet Mask 20 106
Point to point connection slow in one direction only 15 45
windows explorer default details view 10 56
DNS issue with resolving request 14 85
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question