Ip networking scheme

Posted on 2014-09-30
Last Modified: 2014-10-01
I have a project to do and i have no idea where or how to start. I only want to know how to start and where to go.

 "You are being hired on at an IT solution firm, and your first task as network administrator is to design
the IP scheme for the network. The specifics that are given are:
 375 computers (looking to expand and add additional 150 computers)
 Client Machines running Windows XP and Windows 7
 Servers Running Server 2003, 2008, and Server 2012
 3 Office locations – Houston (Home Office), Chicago, and New York
 Current Servers:
o 3 Domain Controllers
o 5 File Servers
o 2 Web servers
o 3 Exchange Servers
o 1 Certificate Server
 WAN links between Houston and New York are strong, link between Houston and Chicago are
o WAN links:
 Houston 40Mbps
 Chicago 15Mbps
 New York 25Mbps
 Company wants to limit the number public IP addresses to save money from ISP
Given this information, design the network scheme to include all following information:
 IP version (4 or 6)
 DHCP or Static IP Scheme
o If DHCP is used:
 Lease Time
 Size of DHCP Pool
 Pool IP Address Range
 IP addresses
 DNS address
 Default Gateway
 Whether Using WINS or LLMNR
 Subnet Mask or IP Prefix
 Computer Naming Scheme
 Where all servers are located (which offices)"
Question by:Woop Swag
LVL 11

Accepted Solution

Ganesh Kumar A earned 500 total points
ID: 40353798
You can either create internal IP addressing scheme any of the following subnet.
Create network ip scheme for each address.
10.4.1.x, 10.4.2.x, 10.4.3.x with /24 or
192.168.1.x 192.168.2.x, 192.168.3.x with /24 subnet. Incase if you have additional requirement expand it to 192.168.4.x and so on...

You will need public IP only for Exchange server but if you have LB for CAS and HT server you need dedicatedly two IP, mbx server doesn't need any public ip, To setup VPN connectivity between offices you need one ip each site, web server one IP. Note; Do not mix with Exchange IP, let it be dedicated.

Addl Domain controllers on each site, PDC must be in houston and exchange server and web server as well. I recommend to have one addl. DC in houston.

File server on each site but you can do DFS for replicating between site so that secondary copy gets stored on different site. I assume each site would be having one file server.

Web server would be on the houston site.

 IP version (4 or 6) 192.168.1.x/24, 192.168.2.x/24, 192.168.3.x/24, ....
 DHCP or Static IP Scheme : 254 IP you will get in /24 for servers you need to exclude some of the IP from DHCP. Other sites would have 254 IP for DHCP pool
o If DHCP is used:
 Lease Time : Give 2 hours or 4 hours lease if lot of mobile users are rolling inside office.
 Size of DHCP Pool : 200 IP in houston and 54 IP shall be excluded for the servers, printers and other shared resources.
 Pool IP Address Range : 192.168.1.x, 192.168.2.x, 192.168.3.x and so on...
 IP addresses :
 DNS address : Your active directory server must be the primary DNS on each site. If houston AD is then the client on houston would be having mask
 Default Gateway : Your router IP, you must be having some option to specify the internal DHCP server.
 Whether Using WINS or LLMNR : Use WINS as well.
 Subnet Mask or IP Prefix :
 Computer Naming Scheme : depends on your organization. If your organization name is Avaya Life Insurance (ALI) at houston, it would be OrgName-Location-Department-01 (ensure all char must be two letters)
 Where all servers are located (which offices)" : It can be in houston, but one additional DC, fileserver must be on other two sites for logon authentication and file & print server for local use.

Summary is :
IP Usage :
Houston office uses : Exchange server - 2 public IP, Web server - 1 IP, For VPN link - 1 IP, Gateway IP - 1 IP.
Chicago and Newyork will have one IP each for dedicated VPN routing.

Private IP for internal use will be much different from the public IP scheme which you can setup in each office router under LAN segment. (Wan segment is pointed with public IP)

Apart from these i would suggest you to make environment secured by following.

a) Antispam gw for exchange server on houston site (barracuda antispam firewall, trend micro antispam gateway, ironport....)
b) public SSL certificate for Webserver
c) UCC certificate for exchange server
d) firewall to block unwanted traffic except for the application requirement.
e) Have opensource or paid network monitoring solution like nagios, zenoss core, opennms, zabbix so on...
f) Server OS hardening and client OS hardening
g) Proper antivirus server and antivirus for all workstations/laptops

Author Closing Comment

by:Woop Swag
ID: 40356031
Thank you that was a lot of help!

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

5 Experts available now in Live!

Get 1:1 Help Now