# Running out of (private) addresses on College LAN

Show 25 post(s) from this thread on one page
Page 2 of 2 First 12
• 25th May 2009, 06:20 AM
Hacksawbob
Class C subnet mask of
255.255.255.0
in binary =
111111111.11111111.11111111.00000000
the last range of 0 is what determines how many hosts/clients you can have in this case the final octet of zeros covers a range 255 in decimal, so 255 unique ip address, you subtract 2 as you dont use the 0 and the 255 so 253 potential clients.

if you have a
111111111.11111111.11111110.00000000
this equates to
255.255.254.0
this would allow one more binary position
so if you look at the host section
you cold have 1 11111111
ie 9 ones in binary which is 511 -4 this time as there are two 0 to 255 ranges so you have 507 client addresses. not enough? then steal another range for the hosts

heres a good example of custom subnetting which will give you 64 potential networks each with over 1000 clients
http://www.itdojo.com/synner/pdf/Sub...by%20Colin.pdf

I'm getting a little rusty at this myself, and I wasn't too shiny to start with!

plug a laptop into that router set it to autonegotiate the NIC speed and see what it finds ie whether it is 10 or 100 mbit

This would be a really good time switch to using a valid private IP address range!
• 25th May 2009, 08:06 AM
srochford
What IP ranges are used on the other sites? Are they also public IPs? How many are there?

Moving to a new range is hard when you have a lot of fixed IP devices (because ideally you need to change them all at the same time) but what you can do to move in the right direction is set the devices to use reserved DHCP addresses.

At the moment I'm guessing that you have an exclusion range in your DHCP (eg suppose you're using 195.194.12.1 - 195.194.12.255 for your addresses then only 195.194.12.21 up are used for DHCP). You identify 2-3 devices, take their addresses out of the exclusion block and reserve them for the specific MAC addresses, configure the device to use DHCP and restart it (or restart networking on it).

There are very few devices which can't be configured like this (I probably wouldn't put a DNS server on DHCP although it can be done). Once you've got everything using DHCP then you just change the scope on the server and wait for machines to request a new address. With a lease time set at 30 minutes you could make the change at (say) 4pm and it would all be working on the new addresses before 5pm

Hint: Add the reservations using netsh commands and save them in a spreadsheet. When you need to change the reservations for the new scope it's really easy to just update the commands and put in new reservations.
Code:

`netsh dhcp server dc1 scope 192.168.1.0 addreservedip 192.168.1.10 00112233445566 machine.college.ac.uk`
if you put the MAC, IP and name in columns A, B and C then a formula in D will generate the code and all you have to to is update column B to get the new setup.

Something I've not done but I think would work is to start preparing the new scope before you need it - you then just make the old scope inactive and the new one active at the change over time

The only thing which might make this harder is if your routers to the other sites can't cope with private addresses (eg you're using public addresses on the other sites) It's not the end of the world - you just need to change them at the same time.
• 25th May 2009, 10:17 AM
tom_newton
I second the calls for a complete range change - using public addresses in a non-routeable scenario is asking for bother.

This is also a good chance to hide everything you can behind DNS - which will help moves in the future - the only thing which should ever be configured as a raw IP is your DNS server(s) :)
• 25th May 2009, 05:20 PM
GrumbleDook
I second the call for a new range too, but a managed move can be done.

I would also go for a /22 range within the 172.16.x.x class, anything more than 1024 addresses and I would suggest you need to look at segmenting your network and having a good understanding of supernetting!

Depending on your existing router or your existing core switch you could actually add this new range in now, ensure your routing is correct between the two ranges and slowly migrate devices across. We have a number of primary schools in my LA who are at the limit of their existing ranges and will be given a new, larger range ... and a slow migration is going to be how it gets done.

It also depends how your NAT is done too ... especially if you host anything internally.
• 25th May 2009, 07:12 PM
OverWorked
I was recently in a similar situation, but using a private class C (192.168.0.0/24) which had become full. I just moved over to a private class B (172.16.0.0/16). It was a lot easier than I expected.

GrumbleDook's right in that anything over about 1000 addresses and you should start segmenting, but less than that you'll be OK.

I carefully planned out the changes with a spreadsheet. Classify your equipment into three basic types: static addresses, DHCP reservations, and normal DHCP dynamic leases.

In the DHCP server, create a new scope for the new subnet. You can disable this scope until ready. In it manually create the DHCP reservation using the mac addresses from the existing scope. (I think there's a way of exporting, assuming Windows Server, the mac addresses from the old scope; but you'll have to manually paste the mac addresses into the new reservations). The majority of machines using dynamic addresses will sort themselves out when the new range becomes active.

For the machines with static addresses, make sure you can log on to them with a local account, if anything goes wrong and they get cut off from the network. Temporarily give them second IP addresses on the new subnet. I found that servers had a few problems at this 'changeover' stage and that they wouldn't work properly until the old IP addresses were deleted, but it wasn't anything serious.

When you're ready, in the DHCP server, enable the new scope and disable the old.

After that it's just tidying up. Watch for any software that needs to be reconfigured for the new subnet, like apps (like IE) accessing the proxy server on a new IP.
• 26th May 2009, 10:33 AM
srochford
Quote:

Originally Posted by OverWorked
(I think there's a way of exporting, assuming Windows Server, the mac addresses from the old scope; but you'll have to manually paste the mac addresses into the new reservations).

You can use the netsh command to do both the export from the old scope and the import into the new scope - no need to do copy and paste :-)
Show 25 post(s) from this thread on one page
Page 2 of 2 First 12