Wyandotte
asked on
IP Address redesign
We currently have a network of 192.168.0.0/23 which gives us 192.168.0.1-192.168.1.254. We have another remote location through site to site vpn that uses 192.168.3.0/24 and a 3rd site to site that uses 192.168.4.0/24. We are running out of IPs and trying to decide what is best. We are considering setting up a vlan for each department and giving them their own block of IPs. We are considering supernetting the 192.168 network for all departments. Each department would have 512 addresses. 192.168.0.0/23 for one, 192.168.2.0/23 for another, 192.168.4.0/23, 192.168.6.0/23 etc. Are there any potential problems with doing this? Is it better to subnet a class a or b using 10.0.0.0 or 172.16.0.0 or will it not matter. It will be substantially easier to stay with 192.168.0.0/23 due to the fact that much less will need changed in order to do that.
I am trying to come up with a plan that is best for the next 30 years and that will be easiest to implement. Any ideas?
I am trying to come up with a plan that is best for the next 30 years and that will be easiest to implement. Any ideas?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Back in the day, flat networks were terrible just because of the chattiness of broadcast traffic due to DHCP, etc.. Is it that much of a dealbreaker today? Most likely not, but your 512-host limit is still a good practice.
I like your idea of enveloping the .2 into your .3. That's what I did the last time I had to redesign at a shop.
Lots of opinions out there...
https://learningnetwork.cisco.com/thread/10668
I like your idea of enveloping the .2 into your .3. That's what I did the last time I had to redesign at a shop.
Lots of opinions out there...
https://learningnetwork.cisco.com/thread/10668
ASKER
I read that thread when I was google searching the topic. I wanted to get an opinion on here. I think we will go that route. thanks.
Another suggestion: if your users ever VPN, it can cause issues if you use 192.168.0 or .1 as most all consumer routers are default to 192.168.0.1 or 192.168.1.1. I'd either stay off those two or just move up to 10.
ASKER
We have a Cisco vpn currently with a few dozen users and don't have any problems.
If you have a server at the office with an ip of 192.168.0.101 and your user is at home and their dhcp range starts at 192.168.0.100 and their media server or whatever is at 192.168.0.101 then I think they can't reach your server.
ASKER
Correct, but most home networks start their IPs at 100 and our servers are all below that. Thanks for the tip though.
I would consider breaking it up so that you have actual subnet boundaries. At least, at times, this simplifies setting up routers, firewalls, etc.
Then you would use:
192.168.0.0/23
192.168.8.0/23
192.168.16.0/23
This way the subnets not only do not overlap but can be increased in size to /21 in some fashion while maintaining the ability to use CIDR notation such as:
And each subnet can be referred to as:
192.168.0.0/21
192.168.8.0/21
192.168.16.0/21
If you choose other boundaries then you can't use this notation to refer to an entire subnet - should you choose to make one larger later on.
Then you would use:
192.168.0.0/23
192.168.8.0/23
192.168.16.0/23
This way the subnets not only do not overlap but can be increased in size to /21 in some fashion while maintaining the ability to use CIDR notation such as:
And each subnet can be referred to as:
192.168.0.0/21
192.168.8.0/21
192.168.16.0/21
If you choose other boundaries then you can't use this notation to refer to an entire subnet - should you choose to make one larger later on.
ASKER