+ Post New Thread
Results 1 to 8 of 8
Wireless Networks Thread, Subnetting school network in Technical; Hi, I was just wondering how many schools have already subnet their network. I am facing the problem of running ...
  1. #1

    Join Date
    Apr 2009
    Posts
    7
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Subnetting school network

    Hi,

    I was just wondering how many schools have already subnet their network.

    I am facing the problem of running everything into one big networks ( 10.X.y.y/16 ) that by default has been given to the school. I would like to subnet the network so the servers, wireless, clients, guest wireless, etc runs on different networks and I can add security and performance into it. However I am not allowed to subnet the network as the LEA will not change their ip address in the router.

    My idea was to subnet the network into different networks depending on the number of hosts needs, etc. The LEA answer is to use block allocations ( they understand it as subnetting !?!), but it will not solve the problem of having a big broadcast domain and I'll never be able to use dhcp relay agent to make life easier.

    Should they change it if requested? Or I am missing something?

    Many thanks,

  2. #2

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,528
    Thank Post
    513
    Thanked 2,406 Times in 1,862 Posts
    Blog Entries
    24
    Rep Power
    822
    They should change their IP/subnet as you request - your network is your network, not theirs.

    However, there is another possibility if they want to play silly buggers. That is to use a completely different IP address range, stick your own router in between theirs and yours, using an IP on one of your subnets, and one of their IPs on the other side, and then NAT things across. That way, they don't have to do anything, and you have complete freedom to do what you want with your network. Downside being its more complicated.

  3. #3
    nicholab's Avatar
    Join Date
    Nov 2006
    Location
    Birmingham
    Posts
    1,452
    Thank Post
    4
    Thanked 97 Times in 93 Posts
    Blog Entries
    1
    Rep Power
    50
    There is no reason not sub-net with in that range.

  4. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,773
    Thank Post
    865
    Thanked 1,663 Times in 1,448 Posts
    Blog Entries
    11
    Rep Power
    442
    Quote Originally Posted by localzuk View Post
    They should change their IP/subnet as you request - your network is your network, not theirs.

    However, there is another possibility if they want to play silly buggers. That is to use a completely different IP address range, stick your own router in between theirs and yours, using an IP on one of your subnets, and one of their IPs on the other side, and then NAT things across. That way, they don't have to do anything, and you have complete freedom to do what you want with your network. Downside being its more complicated.
    I agree.

    You could use something like Smoothwall Express to do this. Its free and easy to use.

  5. #5

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,152
    Thank Post
    284
    Thanked 767 Times in 578 Posts
    Rep Power
    334
    As localzuk has said. I've always stuck our own firewall between us and the LEA and used NAT, the LEA can take a jump if they expect me to make our network visible to them, bad security if you do in my opinion.
    Just make sure you're using ranges within your personal NAT range that aren't used by the LEA, so if they use 10.0.0.0 – 10.255.255.255 range then use either 172.16.0.0 – 172.31.255.255 or 192.168.0.0 – 192.168.255.255. I tend to avoid the 192.168 range as a lot of devices use that as their default network, which can play havock when someone plugs some new random device in and you get an ip conflict.

  6. #6

    Join Date
    Apr 2009
    Posts
    7
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thank you for your replies. I am please to know that I was not wrong and that there is people out there with a similar situation.

    I was thinking of doing what you've just recommended to me ( do my own routing ). But I am concerned about the firewall and filtering rules that there is currently in place. Right now they do all the web filtering for us and they manage the firewall.

    We have several servers that require external access. If they are currently associating an external ip to and internal ip how can I manage that myself? Will they need to change the policies to point to my firewall/NAT box?

    It seems to me stupid that the school is paying for a service that is not getting...

    Many thanks

  7. #7

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,152
    Thank Post
    284
    Thanked 767 Times in 578 Posts
    Rep Power
    334
    You can still use their proxy server for filtering etc, the router/firewall you put in yourself will have an option to use an upstream proxy. For external access to servers, then yes you will need to get them to change it so that they point to your firewall and that then points to your servers.

  8. #8
    FreeWill's Avatar
    Join Date
    Jan 2007
    Location
    North East
    Posts
    118
    Thank Post
    19
    Thanked 9 Times in 9 Posts
    Rep Power
    17
    Quote Originally Posted by nicholab View Post
    There is no reason not sub-net with in that range.
    If the LEA refuse to change the subnet mask on their router within the school things would break. Their router would see the subnets of the allocated range as one subnet - which would mess up routing.

SHARE:
+ Post New Thread

Similar Threads

  1. The dreaded topic of subnetting...
    By Resolver in forum Wireless Networks
    Replies: 11
    Last Post: 29th April 2010, 01:12 PM
  2. The Best School Network
    By ceebster in forum Windows
    Replies: 18
    Last Post: 14th September 2009, 11:19 AM
  3. IT Network Manager, Crosfields School, Reading (Independent Prep School)
    By AngryTechnician in forum Educational IT Jobs
    Replies: 0
    Last Post: 27th March 2009, 08:21 AM
  4. Subnetting math question.
    By nigel6666 in forum Wireless Networks
    Replies: 4
    Last Post: 27th February 2008, 08:42 PM
  5. Need help getting to grips with subnetting
    By Kyle in forum Wireless Networks
    Replies: 26
    Last Post: 3rd April 2007, 11:57 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •