+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Wired Networks Thread, IP Addressing across 3 sites in Technical; We have 3 different sites, all seperate and connected by a leased line with a firewall device at each site ...
  1. #1

    Join Date
    Jul 2006
    Location
    London
    Posts
    2,962
    Thank Post
    159
    Thanked 152 Times in 116 Posts
    Rep Power
    49

    IP Addressing across 3 sites

    We have 3 different sites, all seperate and connected by a leased line with a firewall device at each site creating a VPN.

    Currently only 2 of them are joined, one has a 172.16.0.0/16 network and the other has a 192.168.0.0/24.

    I'm redoing the network in all sites, and I was just wondering if I was better off keeping it as is, or to go maybe with a purely /24 range (be it 172 or 192) as there are not more than 254 hosts at any of the sites.

    The advantage I can see with using seperate ranges is that it would be very easy to see which site a device was at, but it just seems tidier if they are all on one range.

  2. #2


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    I'd be inclined to keep them on separate ranges, as you would a VLAN. Clearly get rid of the /16 subnet - it's way too large. How a bout a 25bit mask on each and 126 hosts per subnet for expansion?

  3. #3
    jamesreedersmith's Avatar
    Join Date
    Sep 2009
    Location
    Ruskington
    Posts
    1,152
    Thank Post
    78
    Thanked 253 Times in 227 Posts
    Rep Power
    76
    192.168.1.X/24
    192.168.2.X/24
    192.168.3.X/24

    Then at all sites the router would be 1(192.168.Y.1), network devices 2-49 (192.168.Y.2-49) and a dhcp range of 51-254 (192.168.Y.51-254)

    Easy peasy lemon squeezy

  4. Thanks to jamesreedersmith from:

    m25man (2nd July 2011)

  5. #4

    Join Date
    Jul 2006
    Location
    London
    Posts
    2,962
    Thank Post
    159
    Thanked 152 Times in 116 Posts
    Rep Power
    49
    James that sounds pretty sensible actually..not sure why I didn't just think of that?

    Cybernerd - Agreed, /16 is far too large. /25 might be pushing it though as we have around 100 devices at one site and it doesn't give much breathing space

  6. Thanks to sidewinder from:

    jamesreedersmith (1st July 2011)

  7. #5
    jamesreedersmith's Avatar
    Join Date
    Sep 2009
    Location
    Ruskington
    Posts
    1,152
    Thank Post
    78
    Thanked 253 Times in 227 Posts
    Rep Power
    76
    Quote Originally Posted by sidewinder View Post
    James that sounds pretty sensible actually..not sure why I didn't just think of that?

    Cybernerd - Agreed, /16 is far too large. /25 might be pushing it though as we have around 100 devices at one site and it doesn't give much breathing space
    @sidewinder - no problem - ip schema design is one of my specialisms so the scheme suggested will work with VPN's etc if needed.

  8. #6

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,160
    Thank Post
    12
    Thanked 224 Times in 214 Posts
    Rep Power
    66
    Quote Originally Posted by jamesreedersmith View Post
    192.168.1.X/24
    192.168.2.X/24
    192.168.3.X/24

    Then at all sites the router would be 1(192.168.Y.1), network devices 2-49 (192.168.Y.2-49) and a dhcp range of 51-254 (192.168.Y.51-254)

    Easy peasy lemon squeezy
    We do the same except with 172.16.x.x and 172.17.x.x one for each side and then about 60 sites each. Firewall on 254 and statics on .201 or above.

    Works very well.

  9. #7

    nephilim's Avatar
    Join Date
    Nov 2008
    Location
    Dunstable
    Posts
    11,760
    Thank Post
    1,623
    Thanked 1,877 Times in 1,395 Posts
    Blog Entries
    2
    Rep Power
    422
    I am inclined to agree with how James has it set up.

    One of the places I have an interview for has a federation set up, and as such they have everything managed centrally, but each site has its own router

    (192.168.1.x/24 - 192.168.5.x/24) Site A
    (192.168.6.x/24 - 192.168.10.x/24) Site B
    (192.168.11.x/24 - 192.168.15.x/24) Site C
    (192.168.16.x/24 - 192.168.20.x/24) Site D

    works well for them as they have ~800 devices per site and allows room for expansion

    The most sensible way to go in my opinion

  10. #8

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,621
    Thank Post
    49
    Thanked 451 Times in 334 Posts
    Rep Power
    137
    @jamesreedersmith 's post is directly from the land of IP common sense and is the correct way to go however if you use 192.168.1.x/24 192.168.10.x/24 192.168.20.x/24 etc you will have enough addresses in reserve for each LAN by just changing the subnet mask later if needs be.
    This way you can expand/change the range at any site without having to change the rest.

    Remember that if your part of a larger group of schools your LEA or Federation will have planned this for you ready for intersite routing purposes and any internal address changes need to be sanctioned by your LEA to avoid routing issues on your Grid.

  11. #9

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,930
    Thank Post
    1,337
    Thanked 1,780 Times in 1,105 Posts
    Blog Entries
    19
    Rep Power
    594
    Not in general response to the OP (as that has been answered) I am generally tempted to say to secondary schools to go for a /21 range so that they have 2048 address. /22 is generally fine (as described above) but it wasn't tool long ago that people wondered why you would ever need 1024 IP addresses ... and we are now getting into 800+ ...

  12. #10
    gaz350's Avatar
    Join Date
    Jul 2007
    Location
    Rutland, east.leicestershire :P
    Posts
    579
    Thank Post
    47
    Thanked 49 Times in 41 Posts
    Rep Power
    28
    Initially our new network was a /20 but as we started slicing up the subneta for our vlans it was amazing how quick we ran out of space(allowing for potential growth in anyone subnet) in the end needing a little bit more and now setup for a /19.

    Add in personal devices into the mix and the number of ip's you need grow very quickly!!

  13. #11

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,044
    Thank Post
    853
    Thanked 2,666 Times in 2,263 Posts
    Blog Entries
    9
    Rep Power
    767
    Quote Originally Posted by GrumbleDook View Post
    Not in general response to the OP (as that has been answered) I am generally tempted to say to secondary schools to go for a /21 range so that they have 2048 address. /22 is generally fine (as described above) but it wasn't tool long ago that people wondered why you would ever need 1024 IP addresses ... and we are now getting into 800+ ...
    More than a thousand hosts in a single broadcast domin is going to waste 5-10% of your internal bandwidth easy thanks to the shear number of devices involved, As a supernet its fine but you should really be dividing up that kind of number internally.

  14. #12

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,930
    Thank Post
    1,337
    Thanked 1,780 Times in 1,105 Posts
    Blog Entries
    19
    Rep Power
    594
    Quote Originally Posted by SYNACK View Post
    More than a thousand hosts in a single broadcast domin is going to waste 5-10% of your internal bandwidth easy thanks to the shear number of devices involved, As a supernet its fine but you should really be dividing up that kind of number internally.
    VLANs go without saying ... that is one of the criteria schools have to pass before we authorise them getting an additional /22 to go with their existing range.

  15. #13

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,044
    Thank Post
    853
    Thanked 2,666 Times in 2,263 Posts
    Blog Entries
    9
    Rep Power
    767
    Quote Originally Posted by GrumbleDook View Post
    VLANs go without saying ... that is one of the criteria schools have to pass before we authorise them getting an additional /22 to go with their existing range.
    You'd think so but I have had to have that conversation with someone in a large WAN provider related to schools here. I thought I had better pipe up incase others have the same horrifying experience.

  16. #14

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,512
    Thank Post
    1,320
    Thanked 469 Times in 306 Posts
    Blog Entries
    6
    Rep Power
    199
    Quote Originally Posted by SYNACK View Post
    You'd think so but I have had to have that conversation with someone in a large WAN provider related to schools here. I thought I had better pipe up incase others have the same horrifying experience.
    we have a single flat /16 with about 2500 devices, which is "fine because we have a 10gb network" and its "easier to manage" </sigh>

  17. #15

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,044
    Thank Post
    853
    Thanked 2,666 Times in 2,263 Posts
    Blog Entries
    9
    Rep Power
    767
    Quote Originally Posted by RabbieBurns View Post
    we have a single flat /16 with about 2500 devices, which is "fine because we have a 10gb network" and its "easier to manage" </sigh>
    :-S - Wimper, the Borg would assimilate someone for that and would be justified in the name of efficient use of resources. Besides it does not matter how big the backbone is as all of the stations are being sent every broadcast so it comes down to the speed of the slowest link as that link will still be reciving all of the broadcast packets.

    The horror... etc

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. CV Web Sites
    By mattx in forum General Chat
    Replies: 2
    Last Post: 19th October 2010, 09:35 AM
  2. IP addressing scheme feedback wanted
    By actech in forum Wireless Networks
    Replies: 20
    Last Post: 20th September 2010, 05:36 PM
  3. Changing IP Addressing Sheme companywide in AD Integrated DNS
    By albertwt in forum Windows Server 2000/2003
    Replies: 0
    Last Post: 3rd June 2009, 10:18 AM
  4. ISA server 2006 external IP addressing
    By nicholab in forum Windows
    Replies: 1
    Last Post: 12th March 2009, 04:01 PM
  5. Replies: 2
    Last Post: 26th March 2007, 07:11 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •