Ip networking scheme

I have a project to do and i have no idea where or how to start. I only want to know how to start and where to go.

 "You are being hired on at an IT solution firm, and your first task as network administrator is to design
the IP scheme for the network. The specifics that are given are:
 375 computers (looking to expand and add additional 150 computers)
 Client Machines running Windows XP and Windows 7
 Servers Running Server 2003, 2008, and Server 2012
 3 Office locations – Houston (Home Office), Chicago, and New York
 Current Servers:
o 3 Domain Controllers
o 5 File Servers
o 2 Web servers
o 3 Exchange Servers
o 1 Certificate Server
 WAN links between Houston and New York are strong, link between Houston and Chicago are
o WAN links:
 Houston 40Mbps
 Chicago 15Mbps
 New York 25Mbps
 Company wants to limit the number public IP addresses to save money from ISP
Given this information, design the network scheme to include all following information:
 IP version (4 or 6)
 DHCP or Static IP Scheme
o If DHCP is used:
 Lease Time
 Size of DHCP Pool
 Pool IP Address Range
 IP addresses
 DNS address
 Default Gateway
 Whether Using WINS or LLMNR
 Subnet Mask or IP Prefix
 Computer Naming Scheme
 Where all servers are located (which offices)"
Woop SwagAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ganesh Kumar ASr Infrastructure SpecialistCommented:
You can either create internal IP addressing scheme any of the following subnet.
Create network ip scheme for each address.
10.4.1.x, 10.4.2.x, 10.4.3.x with /24 or
192.168.1.x 192.168.2.x, 192.168.3.x with /24 subnet. Incase if you have additional requirement expand it to 192.168.4.x and so on...

You will need public IP only for Exchange server but if you have LB for CAS and HT server you need dedicatedly two IP, mbx server doesn't need any public ip, To setup VPN connectivity between offices you need one ip each site, web server one IP. Note; Do not mix with Exchange IP, let it be dedicated.

Addl Domain controllers on each site, PDC must be in houston and exchange server and web server as well. I recommend to have one addl. DC in houston.

File server on each site but you can do DFS for replicating between site so that secondary copy gets stored on different site. I assume each site would be having one file server.

Web server would be on the houston site.

 IP version (4 or 6) 192.168.1.x/24, 192.168.2.x/24, 192.168.3.x/24, ....
 DHCP or Static IP Scheme : 254 IP you will get in /24 for servers you need to exclude some of the IP from DHCP. Other sites would have 254 IP for DHCP pool
o If DHCP is used:
 Lease Time : Give 2 hours or 4 hours lease if lot of mobile users are rolling inside office.
 Size of DHCP Pool : 200 IP in houston and 54 IP shall be excluded for the servers, printers and other shared resources.
 Pool IP Address Range : 192.168.1.x, 192.168.2.x, 192.168.3.x and so on...
 IP addresses :
 DNS address : Your active directory server must be the primary DNS on each site. If houston AD is then the client on houston would be having mask
 Default Gateway : Your router IP, you must be having some option to specify the internal DHCP server.
 Whether Using WINS or LLMNR : Use WINS as well.
 Subnet Mask or IP Prefix :
 Computer Naming Scheme : depends on your organization. If your organization name is Avaya Life Insurance (ALI) at houston, it would be OrgName-Location-Department-01 (ensure all char must be two letters)
 Where all servers are located (which offices)" : It can be in houston, but one additional DC, fileserver must be on other two sites for logon authentication and file & print server for local use.

Summary is :
IP Usage :
Houston office uses : Exchange server - 2 public IP, Web server - 1 IP, For VPN link - 1 IP, Gateway IP - 1 IP.
Chicago and Newyork will have one IP each for dedicated VPN routing.

Private IP for internal use will be much different from the public IP scheme which you can setup in each office router under LAN segment. (Wan segment is pointed with public IP)

Apart from these i would suggest you to make environment secured by following.

a) Antispam gw for exchange server on houston site (barracuda antispam firewall, trend micro antispam gateway, ironport....)
b) public SSL certificate for Webserver
c) UCC certificate for exchange server
d) firewall to block unwanted traffic except for the application requirement.
e) Have opensource or paid network monitoring solution like nagios, zenoss core, opennms, zabbix so on...
f) Server OS hardening and client OS hardening
g) Proper antivirus server and antivirus for all workstations/laptops

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Woop SwagAuthor Commented:
Thank you that was a lot of help!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Internet Protocols

From novice to tech pro — start learning today.