Ip networking scheme

Posted on 2014-09-30
Medium Priority
Last Modified: 2014-10-01
I have a project to do and i have no idea where or how to start. I only want to know how to start and where to go.

 "You are being hired on at an IT solution firm, and your first task as network administrator is to design
the IP scheme for the network. The specifics that are given are:
 375 computers (looking to expand and add additional 150 computers)
 Client Machines running Windows XP and Windows 7
 Servers Running Server 2003, 2008, and Server 2012
 3 Office locations – Houston (Home Office), Chicago, and New York
 Current Servers:
o 3 Domain Controllers
o 5 File Servers
o 2 Web servers
o 3 Exchange Servers
o 1 Certificate Server
 WAN links between Houston and New York are strong, link between Houston and Chicago are
o WAN links:
 Houston 40Mbps
 Chicago 15Mbps
 New York 25Mbps
 Company wants to limit the number public IP addresses to save money from ISP
Given this information, design the network scheme to include all following information:
 IP version (4 or 6)
 DHCP or Static IP Scheme
o If DHCP is used:
 Lease Time
 Size of DHCP Pool
 Pool IP Address Range
 IP addresses
 DNS address
 Default Gateway
 Whether Using WINS or LLMNR
 Subnet Mask or IP Prefix
 Computer Naming Scheme
 Where all servers are located (which offices)"
Question by:Woop Swag
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 12

Accepted Solution

Ganesh Kumar A earned 2000 total points
ID: 40353798
You can either create internal IP addressing scheme any of the following subnet.
Create network ip scheme for each address.
10.4.1.x, 10.4.2.x, 10.4.3.x with /24 or
192.168.1.x 192.168.2.x, 192.168.3.x with /24 subnet. Incase if you have additional requirement expand it to 192.168.4.x and so on...

You will need public IP only for Exchange server but if you have LB for CAS and HT server you need dedicatedly two IP, mbx server doesn't need any public ip, To setup VPN connectivity between offices you need one ip each site, web server one IP. Note; Do not mix with Exchange IP, let it be dedicated.

Addl Domain controllers on each site, PDC must be in houston and exchange server and web server as well. I recommend to have one addl. DC in houston.

File server on each site but you can do DFS for replicating between site so that secondary copy gets stored on different site. I assume each site would be having one file server.

Web server would be on the houston site.

 IP version (4 or 6) 192.168.1.x/24, 192.168.2.x/24, 192.168.3.x/24, ....
 DHCP or Static IP Scheme : 254 IP you will get in /24 for servers you need to exclude some of the IP from DHCP. Other sites would have 254 IP for DHCP pool
o If DHCP is used:
 Lease Time : Give 2 hours or 4 hours lease if lot of mobile users are rolling inside office.
 Size of DHCP Pool : 200 IP in houston and 54 IP shall be excluded for the servers, printers and other shared resources.
 Pool IP Address Range : 192.168.1.x, 192.168.2.x, 192.168.3.x and so on...
 IP addresses :
 DNS address : Your active directory server must be the primary DNS on each site. If houston AD is then the client on houston would be having mask
 Default Gateway : Your router IP, you must be having some option to specify the internal DHCP server.
 Whether Using WINS or LLMNR : Use WINS as well.
 Subnet Mask or IP Prefix :
 Computer Naming Scheme : depends on your organization. If your organization name is Avaya Life Insurance (ALI) at houston, it would be OrgName-Location-Department-01 (ensure all char must be two letters)
 Where all servers are located (which offices)" : It can be in houston, but one additional DC, fileserver must be on other two sites for logon authentication and file & print server for local use.

Summary is :
IP Usage :
Houston office uses : Exchange server - 2 public IP, Web server - 1 IP, For VPN link - 1 IP, Gateway IP - 1 IP.
Chicago and Newyork will have one IP each for dedicated VPN routing.

Private IP for internal use will be much different from the public IP scheme which you can setup in each office router under LAN segment. (Wan segment is pointed with public IP)

Apart from these i would suggest you to make environment secured by following.

a) Antispam gw for exchange server on houston site (barracuda antispam firewall, trend micro antispam gateway, ironport....)
b) public SSL certificate for Webserver
c) UCC certificate for exchange server
d) firewall to block unwanted traffic except for the application requirement.
e) Have opensource or paid network monitoring solution like nagios, zenoss core, opennms, zabbix so on...
f) Server OS hardening and client OS hardening
g) Proper antivirus server and antivirus for all workstations/laptops

Author Closing Comment

by:Woop Swag
ID: 40356031
Thank you that was a lot of help!

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
The Summer 2017 Scholarship Winners have been announced!
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question