2 IP ranges sharing router not seeing each other

[lemri]

Hi,

I have a network that has 2 tcp/ip network ranges on one network. 204.x.x.o and 205.x.x.0. I have a 2003 server with SP1 and all updates. The machines are XP Pro SP2 and all updates. I have one router that is handling the 2 ranges.

The problem I am having is that the computers on the 204.x.x.0 range do not see the computers on the 205.x.x.0 range--and vice versa.

Let me rephrase with an example. If I log on to a computer that has been assigned a 205.x.x.x address, when I browse network neighborhood I can see the network, but when I look at the different computers on it, I can not see my server computer that has 204.x.x.x for it's ip address. However, my networked drives are mapped just fine.

If I put in the server's computer name or IP address in "run," I can browse it just fine.

I think the problem I am having is my broadcasts are not crossing ranges. I really need them to cross ranges for a program I have (Deep Freeze) and so students can browse the network.

I have added a 205.x.x.0 ip address on my server (so it has 2 addresses), but the computers on the 2 ranges still don't see eachother.

I use DHCP with a superscope and 2 scopes with the different ranges. I have exceptions for machines/printers that need a static address in each range.

I have DNS enabled. It uses 127.0.0.1 and an off site alternative server. It also has 2 forwarders to off site servers. Client machines on the network are configured to look at the ip address of our 2003 server for it's DNS server in the properties of tcp/ip.

I have WINS enabled.

Any ideas how I can get broadcast traffic to flow between the IP ranges or to see the computer names in Network Neighborhood?

 

[Ididmyc600]

Hi

Just one question, why use 2 different IP ranges.?

Regards

 

[lemri]

Because that is what was assigned to our school. When it was first built, before I got here, it was assigned one range. As our little town took off and they added on to the school, they had to come back and give it another range. Since time had passed the range was not consecutive.

 

[Nodsu]

Windows network browsing does not work across routers..

Now, onto a much more serious matter.. You have a LAN that is using public IP addresses?!! Are you serious? That's just plain insane/crazy/moronic/not-kosher!

You should put your local machines into a single private network (10.x.x.x or 192.168.x.x) and let the router handle the public IP addresses with NAT.

 

[Rick]

A WINS server and/or using the lmhosts file in Windows can allow you to access Windows PCs across subnets. I have limited experience though, but there's plenty of information online that might get you started in the right direction.

I was wondering about those IP ranges too...

 

[YosefM]

Good answer Nodsu.
You really shouldn't expose any machine (or even individual ports) directly to the internet without a good reason.
The last time I looked, you can only use WINS in Hybrid or NT4 AD modes. Native mode AD eliminates WINS & the old browser model. The big advantage here is the ability to use the advanced features, including nested OUs and groups. Using AD, policies and permissions determine who can see what resources instead of the subnet. It also eliminates needing a server for each subnet as required by WINS (or maintaining lmhosts files on each PC).

Using the private IP ranges has the additional advantages of conserving your assigned IPs, and allowing you to subnet as makes sense for your organization.

 

[lemri]

You should put your local machines into a single private network (10.x.x.x or 192.168.x.x) and let the router handle the public IP addresses with NAT.

That is what I was thinking when I first got hired. However I am in the early stages of getting my MCSA and then MCSE. Basically I am a glorified library aid whom the school has turned over the running of the network. It is great to have so much free time to experiment and learn--even if my pay doesn't reflect what I do.

I did do a conversion from NT4.0 to 2003 Server. I used to be a social worker until I found I enjoy computers, networks, and servers.

Anyway, is there an online source you know of that explains the process of setting up a private network? I did self study and pass the Network+ and A+ certification. I get the concept and terms. I just don't have any real world experience...yet.

If I can find a good online source or book I will make our network private. Being able to experiment and learn is the only reason I am sticking it out this year. I do have a test server and 2 computers I set up so I don't mess up the network too bad while I am studying.

Is it a matter of keeping the DHCP on and just changing the ranges from our public IP addresses to private?

 

[Rick]

Is it a matter of keeping the DHCP on and just changing the ranges from our public IP addresses to private?

DHCP is good because it offers automatic configuration of all your computers. The alternative to DHCP is setting static IPs for each computer, which is quite a headache for any large scale operation.

If your router acts as a DHCP server, it assigns its own range of IPs. The default will be a private range of 192.168.x.x (class C, typical). There's also 172.16.x.x-172.31.x.x (class B, which is unusual with SOHO routers) or 10.x.x.x (Class A, more common than class B). Whatever you router may come with as a default though, you should have no problems changing the address ranges to meet your needs.

Your router will now assign network info to every DHCP enabled system, including IP, gateway, subnet etc.. Everything attached 'behind' your router on your local network will access each other using their local IP addresses.

The router acts as a gateway between your local network and the Internet, directing traffic from one network to the other. Once you are setup like this, no one can access your computers outside of your network unless you configure your router to allow it - this is a huge increase in security and definitely makes sense to do for any network.

 

[YosefM]

Good to hear you have Win2k3. The 2K or 2K3 server books discuss subnetting, DHCP & DNS.
The main thing they dont discuss is how dangerous it is to expose your machines (especially windows machines) directly to the internet. Hide them using private IPs behind NAT routers, VLAN switches and proxies. Additionally hide the administration computers from the students and (to a lesser degree) the teachers and staff.