Printable View
How do i safely migrate a Windows 2003 DC onto a new IP range?
Need to start looking as current range is getting full and cant extend the subnet due to it being the LEA's and id end up with conflicts..
Is it just a case of changing the IP of the LAN card or is there other stuff to consider?
DC hosts DNS/DHCP/WINS and Exchange....
You'll need to fix up DNS/DHCP as well.
I know that i'll need to redo the DHCP leases for the new Range, but what do i need to fix in DNS? Reverse Lookup?
- Yes, you'll need to redo the Reverse lookup zone for your domain.
- You should also go through your foward lookup zone and remove any entries refering to the old IP range. Especially SRV records (which refer to DCs).
- Don't forget to check the subzones.
- Enabling Aging will automate a lot of this for you.
Cheers Geoff, I'll setup a test dc and give it a bash before i kill the pupil LAN :D
Once you have your DHCP stuff and other such gubbins sorted and you have changed the servers IP an ipconfig /registerdns never hurts to get things hurrying on.
OK I have migrated the IP addresses but got a problem with SchoolGuardian
I need it to be able to route addresses from the new range to the old LEA range (via their proxy)
Client settings:
IP - 172.x.x.1/16
GW - 172.x.x.206
SG Settings
Internal IP - 172.x.x.206
External IP - 10.x.x.200
I have changed the Internal IP of SG to that of the new range (172.x.x.x/16)
how do i get it to route traffic onto the old range (10.x.x.x/23)
Box has 2 NICs - internal on 172.x.x.x and external on 10.x.x.x) but cant get onto the internet
In fact, its not even routing anything across the network so guessing the whole gateway setup is b0orked (SG Box sahould be the gateway!)
Any ideas?
Why don't you ask the LA if they will give you a larger IP range ?
One of the first things I said when our school moved over to the LA broadband, was that the 22bit range they gave us, for the entire school, wasn't enough (about 1000 hosts).
Eventually I managed to persuade them to increase it, and I have ended up with a 20bit range (about 4000 hosts).
If you ask them to increase the range, it might be easier to get a nice big range for expansion. They'll not be happy if you don't use their range...
For a while I used our proxy to do the routing, you won't be able to set up a proper "router" to do this unless you tell them what range of IPs you're using, as otherwise they won't know where to route the packets.
The quickest and simplest way to do routing is by putting in a proxy server.
I have had to create static routes on my proxy server to get the right connections.
What do you have as GW on the School Guardian box ?
Does this machine "know" (IE can it ping) the LA side servers/routers ?
<deleted by joedetic>
Gah didnt read the last post properly
Well I had got all my IP's changed over with no problem until Smoothwall - cant get it working at all , and forgot that there are a few teacher PCs that wont connect to the SIMS due to the new IP range so gonna have to move back to the old range and then see if the LEA will extend the range cos i only have about 50 spare IP's left..
I hope ur not using a 192.168.x.x range mate.
I used that & ended up with a lot of IP conflicts. People bringing in their own switches at times without my consent etc....
Anything that uses its own DHCP will screw it up. If your DC has say an IP of 192.168.0.1 or 192.168.1.1 then another device with DCHP management switched on will also use that address.
What will also happen is ur AD will try to replicate itself to that device. Even though no no success it will grind ur servers down.
Just a friendly warning mate ;)
No i tried to move to the 172.16.x.x range, the LEA has us on a subnetted 10.x.x.x range (CIDR of 23)
Problem is just SIMS access and Smoothwall
well I just moved over from 192.168.x.x range back to 10.160.200.x - 10.160.207.254
Ive no probs with Sims at all. Just bloody Ranger. Had to change settings on server & then reinstall ranger on local clients!