Running out of IP's on a class C subnet
I mange a site with about 80 workstation and a few servers. The only subnet is 192.168.123.0 with 255.255.255.0 mask. We are running out of IP's since we have 30 IP phones and 50 IP Phones + all mobile devices, servers and switches. I thought of putting wireless on it's own subnet/vlan but I will still run out of IP's on the 123 subnet. I was just thinking of changing the mask on the the main subnet to 255.255.255.252 . That way I would also have the 192.168.122.0 IP address on the same network. We have 3 switches on main floor and one on each other floor. They are Cisco 500 smb switches . I am told if I do this, it may increase the broadcast packets and slow my network. I thought with all the switches in place and given the size of the network , this should not be an issue. We have all Windows 7 workstations and 4 Windows 2012 servers. I can not put the IP phones on another network because they are not cisco and they don't do well on VLANs.
The alternative is to place a router on the other floors, but I feel like that would complicate things since I would then have to somehow configure the Windows DHCP server to provide IP's to the segments behind the routers and also somehow figure out how to mange the wireless devices with same SSID behind these routers. Your input is appreciated. Thank you,
The alternative is to place a router on the other floors, but I feel like that would complicate things since I would then have to somehow configure the Windows DHCP server to provide IP's to the segments behind the routers and also somehow figure out how to mange the wireless devices with same SSID behind these routers. Your input is appreciated. Thank you,
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Changing the netmask to 255.255.252.0 would give you this range:
192.168.120.1 - 192.168.123.254
You shouldn't have any trouble with that on your network, that is the best way to go from my experience. We had quite a large office running a 255.255.240.0 subnet with mutliple cisco switches and it worked out fine. These were very old switches, too, but they were enterprise class.
Broadcast packets should not be an issue, the only real issue you might face would be if you have too many clients using too much bandwidth for the switches to handle, but in that case, none of your solutions would work.
Also, broadcast storms can bring down any network, but those are caused by viruses or malfunctioning hardware, and should not be a consideration in your topology design, I only mention it to distinguish it from typical broadcast traffic.
If your switches can't handle the load from this scenario then you will need better switches no matter what you do.
Best of luck! The upside to this is you don't need any additional hardware to test it out, so I would strongly recommend going this route first.
192.168.120.1 - 192.168.123.254
You shouldn't have any trouble with that on your network, that is the best way to go from my experience. We had quite a large office running a 255.255.240.0 subnet with mutliple cisco switches and it worked out fine. These were very old switches, too, but they were enterprise class.
Broadcast packets should not be an issue, the only real issue you might face would be if you have too many clients using too much bandwidth for the switches to handle, but in that case, none of your solutions would work.
Also, broadcast storms can bring down any network, but those are caused by viruses or malfunctioning hardware, and should not be a consideration in your topology design, I only mention it to distinguish it from typical broadcast traffic.
If your switches can't handle the load from this scenario then you will need better switches no matter what you do.
Best of luck! The upside to this is you don't need any additional hardware to test it out, so I would strongly recommend going this route first.
I absolutely agree. You should try how far you get with your current hardware. I cannot see an issue with it and expanding the subnet.
Isolating traffic is something I recommend to consider only for security reasons, or if devices go into the upper hundreds. Simple is better ;-).
Isolating traffic is something I recommend to consider only for security reasons, or if devices go into the upper hundreds. Simple is better ;-).
I have to disagree with your answers... We are not in the 90s anymore, logical segmentation by using VLAN is not rocket science and will help you create a more scalable and secure network.
First of all let me explain why you should segment your network:
1. Scalability - Using one large subnet increases broadcast traffic which could inflict your performance since every device in your network has to process every broadcast.
2. Security - You cannot securely seperate different workloads. If you would use VLANs you could do routing on an internal firewall to secure certain segments from each other
3. Management - You do not want an ip conflict turning everything upside down? Good luck with that in one large broadcast domain. Somebody sets up an DHCP server with conflicting ip addrtesses and everything will be upside down
There are many more reasons to do so but considering your networks size it would make sense to use VLANs and start segmenting.
SG500 are capable of routing, so you could use different VLANs on different floors. As for SSID you would just create a WLAN VLAN and create a new DHCP scope on your server.
As for different subnets and DHCP... Using an ip helper address on your L3 switch (SG500) is easy to setup and in case you want to go with a setup like that I will happily post all the configuration you need to get this done.
First of all let me explain why you should segment your network:
1. Scalability - Using one large subnet increases broadcast traffic which could inflict your performance since every device in your network has to process every broadcast.
2. Security - You cannot securely seperate different workloads. If you would use VLANs you could do routing on an internal firewall to secure certain segments from each other
3. Management - You do not want an ip conflict turning everything upside down? Good luck with that in one large broadcast domain. Somebody sets up an DHCP server with conflicting ip addrtesses and everything will be upside down
There are many more reasons to do so but considering your networks size it would make sense to use VLANs and start segmenting.
SG500 are capable of routing, so you could use different VLANs on different floors. As for SSID you would just create a WLAN VLAN and create a new DHCP scope on your server.
As for different subnets and DHCP... Using an ip helper address on your L3 switch (SG500) is easy to setup and in case you want to go with a setup like that I will happily post all the configuration you need to get this done.
Oliver,
There is a time to think bigger. There is a time to remain simple. To decide where you are now and if that scales good if you add some more devices is always difficult somehow. But if in doubt, don't change too much. There is no reason to shoot the elephant now, when you can do that easily later if required. One should keep it in head, however, and in particular if hardware changes are due,
Also. did you take notice of "I can not put the IP phones on another network because they are not cisco and they don't do well on VLANs."? Though I don't understand why VLANs should be an issue, I have to take the word of the OP for now.
There is a time to think bigger. There is a time to remain simple. To decide where you are now and if that scales good if you add some more devices is always difficult somehow. But if in doubt, don't change too much. There is no reason to shoot the elephant now, when you can do that easily later if required. One should keep it in head, however, and in particular if hardware changes are due,
Also. did you take notice of "I can not put the IP phones on another network because they are not cisco and they don't do well on VLANs."? Though I don't understand why VLANs should be an issue, I have to take the word of the OP for now.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial