+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 29
How do you do....it? Thread, Subnet Mask in Technical; Our admin and curriculum servers share the same network and the subnet mask was 255.255.255.0. When we had county broadband ...
  1. #1


    Join Date
    Sep 2007
    Location
    UK
    Posts
    5,374
    Thank Post
    1,417
    Thanked 865 Times in 556 Posts
    Rep Power
    642

    Subnet Mask

    Our admin and curriculum servers share the same network and the subnet mask was 255.255.255.0. When we had county broadband installed they didn't mention changing this but the LEA support team recommended changing the admin subnet to 255.255.252.0. I need more curriculum IP addresses so I asked the County Broadband team about changing the curriculum subnet and they said it should be 255.255.252.0 However, I'm considering changing it to 253.0 which will give me more than enough IP addresses and will help segregate the admin and curriculum systems. Does this make sense or am I barking?

  2. #2
    sahmeepee's Avatar
    Join Date
    Oct 2005
    Location
    Greater Manchester
    Posts
    795
    Thank Post
    20
    Thanked 70 Times in 42 Posts
    Rep Power
    33
    253.0 is verboten! you can do 252.0 or 254.0, but not 253, because of the way the bits fall. A quick cuttypasty from a recent thread:

    ... That is, you can have a subnet mask of (say) 255.255.252.0 which will give you approx 4 times your current address space:

    11111111.11111111.11111111.00000000 = 255.255.255.0 - current setting
    11111111.11111111.11111110.00000000 = 255.255.254.0 - ~2x as many hosts
    11111111.11111111.11111100.00000000 = 255.255.252.0 - ~4x as many hosts
    11111111.11111111.11111000.00000000 = 255.255.248.0 - ~8x as many hosts

  3. Thanks to sahmeepee from:

    laserblazer (2nd February 2008)

  4. #3

    SimpleSi's Avatar
    Join Date
    Jun 2005
    Location
    Lancashire
    Posts
    5,808
    Thank Post
    1,476
    Thanked 592 Times in 444 Posts
    Rep Power
    168
    The possible problems are that the larger ip address range you want might overlap with another school and therefore you can't have it.

    They might be willing to give you a completely different range to work with - liaise with them but be assertive about your ip range needs and see what they offer you.

    regards

    Simon

  5. #4
    Oops_my_bad's Avatar
    Join Date
    Jan 2007
    Location
    Man chest hair
    Posts
    1,738
    Thank Post
    438
    Thanked 53 Times in 50 Posts
    Rep Power
    30
    For the sake of your sanity I cannot stress enough that you get them to confirm the range they give you is NOT in use by another school.

    In the summer I requested an entirely new larger range. So I ring the LEA IT boys up "of course sir, here's your new IP range. Let me just check our Excel 97 spreadsheet to make sure it's not allocated to another school. Ah, it isn't. enjoy". 2 weeks later at the start of term,our printers are spewing out crap from other schools. Turns out they hadn't updated their little spreadsheet for a while and had given us someone elses range!!

  6. #5

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,240
    Thank Post
    1,058
    Thanked 1,068 Times in 625 Posts
    Rep Power
    740
    Quote Originally Posted by TeddyKGB View Post
    For the sake of your sanity I cannot stress enough that you get them to confirm the range they give you is NOT in use by another school.

    In the summer I requested an entirely new larger range. So I ring the LEA IT boys up "of course sir, here's your new IP range. Let me just check our Excel 97 spreadsheet to make sure it's not allocated to another school. Ah, it isn't. enjoy". 2 weeks later at the start of term,our printers are spewing out crap from other schools. Turns out they hadn't updated their little spreadsheet for a while and had given us someone elses range!!
    LOL - oh thats a classic....
    Nothing like a 'change management process' is there ?

  7. #6

    Join Date
    Jan 2008
    Posts
    48
    Thank Post
    1
    Thanked 2 Times in 2 Posts
    Rep Power
    14

    What !

    You should be using non routable IP addresses
    that way the school down the road could be using exactly
    the same addresses and it wouldn't matter. Your LEA/Council
    would then map your internal default gateway to external ones
    via their firewall ( the same way your broadband works at home but
    just on a bigger scale )

    see

    http://mtmnet.com/PDF_FILES/NonRoutableIPaddresses.PDF

    no way in the world should someone be able to print to your printers
    of even ping an address on your network. If you use one of these
    reserved addresses you can have a subnet mask of something
    like 255.255.0.0 and have loads of addresses

    If you are using real (as in routable) ip addresses then you'd better know
    exactly what you are doing. If your LEA/Council are telling you to use
    routable ip addresses and giving out overlapping or already used ip
    addresses then they need to be taken out into the playgound and beaten up

    M

  8. #7

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,061
    Thank Post
    853
    Thanked 2,675 Times in 2,269 Posts
    Blog Entries
    9
    Rep Power
    768
    It makes perfect sense bar the 3, if the admin machines are already using this subnet mask then the stations will have spread out into this new address space already and should have thrown some errors by now.

    - Using information from your previous post -
    Your address space with a subnet mask of 255.255.252.0 is between 10.91.4.1 and 10.91.7.254 this gives you 1022 avalible addresses all in the same subnet. The ip broadcast address is 10.91.7.255 and the network address is 10.91.4.0 .

  9. #8

    Join Date
    Oct 2005
    Location
    East Midlands
    Posts
    737
    Thank Post
    17
    Thanked 105 Times in 65 Posts
    Rep Power
    36

    IP addresses

    What i find really difficult is that the LEA or service provider goes all the way to the wqorkstation ip address level where they should just terminate the connection at the permiter of the school's network. This way the school can design and use thier own IP addressing scheme without any effect on other schools etc. There is absolutely no need for RBCs or LA to go down to the workstation level on the school's PCs. I understand from filtering control but still think they should just leave it at the permiter and allow schools to NAT their connections.

    I've seen so many implementation where the overlap in IP addresses has caused so much confusion and ongoing troubleshooting.

    Ash.

  10. #9

    Join Date
    Oct 2005
    Location
    East Midlands
    Posts
    737
    Thank Post
    17
    Thanked 105 Times in 65 Posts
    Rep Power
    36

    CIDR

    Quote Originally Posted by SYNACK View Post
    It makes perfect sense bar the 3, if the admin machines are already using this subnet mask then the stations will have spread out into this new address space already and should have thrown some errors by now.

    - Using information from your previous post -
    Your address space with a subnet mask of 255.255.252.0 is between 10.91.4.1 and 10.91.7.254 this gives you 1022 avalible addresses all in the same subnet. The ip broadcast address is 10.91.7.255 and the network address is 10.91.4.0 .
    The above IP range uses CIDR method (classless).

    Ash.

  11. #10

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,658
    Thank Post
    858
    Thanked 646 Times in 429 Posts
    Rep Power
    498
    We're currently on a subent of 10.4.28.xxx /23 giving us 510 pssoble hosts....

    but we're running out - what iwth PCs, servers, and various other IP devices (printers, cameras, etc..) so in process of moving to a new range of 192.168.1.1 to 192.168.9.254

    With servers, printers, etc on the 192.168.0.xx range..

    Just need to get Smoothwall to allow computers through on that range - if i can get the internal alias properly configured..

  12. #11
    Oops_my_bad's Avatar
    Join Date
    Jan 2007
    Location
    Man chest hair
    Posts
    1,738
    Thank Post
    438
    Thanked 53 Times in 50 Posts
    Rep Power
    30
    Quote Originally Posted by ashok View Post
    What i find really difficult is that the LEA or service provider goes all the way to the wqorkstation ip address level where they should just terminate the connection at the permiter of the school's network. This way the school can design and use thier own IP addressing scheme without any effect on other schools etc. There is absolutely no need for RBCs or LA to go down to the workstation level on the school's PCs. I understand from filtering control but still think they should just leave it at the permiter and allow schools to NAT their connections.

    I've seen so many implementation where the overlap in IP addresses has caused so much confusion and ongoing troubleshooting.
    This is true, and I agree. But I also agree with and accept that the LEA distributes address ranges. NAT'ing isn't possible here due to various technical and political reasons and I'm guessing other establishments have the same problem. I do recall in the BECTA technical specs that the LEA or RBC should be responsible for address ranges.

    Problems only ocurr such as in my case they hadn't been keeping their documentation up to date.

  13. #12
    torledo's Avatar
    Join Date
    Oct 2007
    Posts
    2,928
    Thank Post
    168
    Thanked 155 Times in 126 Posts
    Rep Power
    47
    Quote Originally Posted by ashok View Post
    What i find really difficult is that the LEA or service provider goes all the way to the wqorkstation ip address level where they should just terminate the connection at the permiter of the school's network. This way the school can design and use thier own IP addressing scheme without any effect on other schools etc. There is absolutely no need for RBCs or LA to go down to the workstation level on the school's PCs. I understand from filtering control but still think they should just leave it at the permiter and allow schools to NAT their connections.

    I've seen so many implementation where the overlap in IP addresses has caused so much confusion and ongoing troubleshooting.

    Ash.
    Ofcourse overlapping ip address space isn't an issue when MPLS VPN's and VRF tables are deployed in the WAN. Although i'd imagine you can count on the digits on one hand the number of authorities who've transitioned to MPLS VPN's - most are probably still stuck on the p2mp hub and spoke model and eigrp routing.
    Last edited by torledo; 2nd February 2008 at 02:34 PM.

  14. #13


    Join Date
    Sep 2007
    Location
    UK
    Posts
    5,374
    Thank Post
    1,417
    Thanked 865 Times in 556 Posts
    Rep Power
    642
    Quote Originally Posted by SYNACK View Post
    It makes perfect sense bar the 3, if the admin machines are already using this subnet mask then the stations will have spread out into this new address space already and should have thrown some errors by now.

    - Using information from your previous post -
    Your address space with a subnet mask of 255.255.252.0 is between 10.91.4.1 and 10.91.7.254 this gives you 1022 avalible addresses all in the same subnet. The ip broadcast address is 10.91.7.255 and the network address is 10.91.4.0 .
    We have static addressing throughout at present, hence my reason for wanting more addresses. So everything will still be within the range 10.91.4.1 - 255. If you read my previous post, I never managed to get DHCP to run on the curriculum server and ran out of time so I just stuck with static addresses. That has become more of a bind as the network has grown, so I plan to spend the holidays sorting out DHCP. What I then want to do is create a DHCP range big enough to take all of the curriculum computers (150 will do) and then I can just go round and reset the computers to DHCP at my leisure. So if I read this right, 255.255.254.0 will give me 10.91.5.1-255 to play with?

  15. #14

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,061
    Thank Post
    853
    Thanked 2,675 Times in 2,269 Posts
    Blog Entries
    9
    Rep Power
    768
    Quote Originally Posted by laserblazer View Post
    So if I read this right, 255.255.254.0 will give me 10.91.5.1-255 to play with?
    A 255.255.254.0 mask will give you 510 addresses in the address space. the starting ip depends on what you get allocated.

    .255.0 = 254 hosts
    .255.128 = 126 hosts

    As sahmeepee said its all about the binary

    Didn't remember that you had said that you went static, just recalled that I had given an answer to a similar question http://www.edugeek.net/forums/showth...t=14946&page=2
    Last edited by SYNACK; 2nd February 2008 at 07:15 PM.

  16. #15


    Join Date
    Sep 2007
    Location
    UK
    Posts
    5,374
    Thank Post
    1,417
    Thanked 865 Times in 556 Posts
    Rep Power
    642
    Sorry, I should have said extra IP addresses.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Subnet Mask Change
    By Grommit in forum Windows
    Replies: 26
    Last Post: 24th February 2009, 03:17 PM
  2. help with network address and subnet
    By sexyali in forum Network and Classroom Management
    Replies: 4
    Last Post: 28th August 2007, 06:18 PM
  3. How do you seperate your networks. Subnet / Vlan
    By drjturner in forum Wireless Networks
    Replies: 16
    Last Post: 28th September 2006, 07:24 AM
  4. Replies: 3
    Last Post: 4th July 2006, 02:22 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •