Solved

Network Addressing Plan

Posted on 2013-12-17
7
343 Views
Last Modified: 2014-01-02
I am in the process of restructuring the company network from a 10.x.x.x network to a 172.16.x.x network. I found a number of addressing plans on the internet that talk about phases and how to plan, but it would be pretty legit to find an actual plan out there so I can read what someone else did in their planning.

Does anyone know where I can see an actual network addressing plan or template?
Also, should voice be on an entirely different subnet, be placed on static, QoS, etc.?

Thanks in advance!
0
Comment
Question by:Paul Wagner
  • 3
  • 3
7 Comments
 
LVL 17

Expert Comment

by:Andres Perales
ID: 39724649
I am not sure what you mean exactly by Network Addressing Plan, but I would tell you from some experience is to separate your subnets!

Separating subnets makes management easier at the edge, as well from a visual monitoring perpective.

Not sure why you are moving or transitioning from your 10.x.x.x scheme to a 172.16.x.x scheme but okay...

voice = one or two subnets
servers = one or two subnets
management = one or two subnets
iSCSI - on it's own subnet
Clients on there own networks

so on and so forth...for my client networks I have broken it up by building or wing that also helps with management and troubleshooting...plus security boundaries.
0
 
LVL 4

Author Comment

by:Paul Wagner
ID: 39724861
@peralsea

Sooo... this is what I have so far:

172.16.x.x
255.255.128.0 -for servers
255.255.192.0 -for users

172.16.0.1 - 0.254 - hosts, servers, AP's, printers, etc.
172.16.1.1 - 2.254 -PC's
172.16.3.1 - 3.254 -Voice
172.16.4.1 - 4.254 - VPN users

Does that jive with you?

.... we feel it is best to leave the 10.x.x.x network because we have two companies that merged and they both use the primary 10.x.x.x but then they have different subnets that overlap, combined with firewall rules, combined with IP conflicts, etc, we just feel it'd be easier to build a new network on the side and then bring everyone into the new plan/scheme.
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39725103
172.16.x.x
255.255.128.0 -for servers
255.255.192.0 -for users

172.16.0.1 - 0.254 - hosts, servers, AP's, printers, etc.
172.16.1.1 - 2.254 -PC's
172.16.3.1 - 3.254 -Voice
172.16.4.1 - 4.254 - VPN users
It's one or the other...

You've said you're going to use different masks for servers and users, but then the second part of your statement says that you're going to use the same /24 range for hosts and servers.

Which is it?

Your plan isn't going to work that way.

It largely depends on what you have on your network, how many users/servers/phones/other devices you have, and other factors besides, but as a very vague example I would do something like...

Base IP Range: 172.16.0.0 / 255.255.0.0
That gives you 172.16.0.0 - 172.16.255.255

You can then split it into smaller subnets, such as:

Users: 172.16.0.0 / 255.255.240.0 - that's 4094 hosts, or up-to 16 separate 254-host subnets

Servers: 172.16.32.0 / 255.255.255.0 - that's 254 servers

Voice: 172.16.36.0 / 255.255.255.0 - 254 phones

VPN: 172.16.255.0 / 255.255.255.0 - 254 VPN users


This is very rough, and might not suit your network, but it's displaying how you need to approach it at least.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 4

Author Comment

by:Paul Wagner
ID: 39725161
@craigbeck

Sorry if I made my intentions confusing....

172.16.0.1 - 0.254 - "hosts" is meant to be the blades (physical server) that the VM's are housed on.... so my listing should have said: blades, VM servers, printers, etc.

Am I wrong in this thought?...
I want the core devices to be on a /17 subnet and the PC's on a /18 so there isn't a broadcast storm.

... or would just subnetting them out fix that? or just put servers and PC's in different VLANs?
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39725225
No problem :-)

VLANs and subnets are different things.  You need VLANs to separate broadcast domains, and subnets to make best use of IP addressing within your IP scheme.  Each VLAN would usually have a unique subnet.  It's physically possible to put more than one subnet in a VLAN, but it's not advisable.

So, you would typically need separate VLANs for:

Servers
Phones
PCs
iSCSI
Management
...
...

I would put blade servers (the host machines for your VMs) in the management network for simplicity.

A /17 is a massive range.  That would give you 32766 hosts on that single subnet.

Look at my previous example.  Those subnet masks give you plenty of scope to adjust as required and are typical based upon some of the customers I've worked with in the past.
0
 
LVL 4

Author Comment

by:Paul Wagner
ID: 39725402
@craigbeck


I would put blade servers (the host machines for your VMs) in the management network for simplicity.
Management network.... Do you mean like on a management vlan or the same subnet as the vm servers?


Ok, so tell me if this jives with you (took your suggestions and personalized):

Base IP: 172.16.0.0 / 255.255.0.0
Range: 172.16.0.0 - 172.16.255.255

172.16.0.0 / 255.255.255.0 - servers, blades, router, etc.

172.16.1.0 / 255.255.240.0 - PC's

172.16.50.0 / 255.255.255.0 - Phones

172.16.200.0 / 255.255.255.0 - VPN
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 39725441
Not bad, but 172.16.1.0 / 255.255.240.0 overlaps with the servers as it actually covers 172.16.0.0 - 172.16.15.255

So you'd be able to use 172.16.0.0 / 255.255.255.0 for servers then 172.16.16.0 255.255.240.0 for PCs.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port forwarding 14 151
Hybrid WAN vs SD WAN 4 52
windows explorer default details view 10 57
Internet Service Provider 3 50
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question