1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Network IP address design question

By lemri
Feb 18, 2007
  1. Hello,

    I am...redoing my network. Imagine 400 computers all on the same network (default VLAN1) with multiple multi-cast programs (and our back bone is set up in a line topology instead of a star topology) sharing a router with another building!! yeah, I'm doing a little house work!!

    I work for a school district. I have a two questions which answers are independent of each other. Feel free to answer one or the other.

    Here is the set up. I am studying for my CCNA. My middle school is having network issues. Our design is all bad. I have redone the physical rewiring and put in a routing switch to manage our intra-network traffic.. Now it has been suggested to me to break up our network into multiple Vlans. Some of our labs have multi-casting software installed and it would be nice to isolate traffic..

    Our backbone is all Cisco products. It is a router with a 24 port routing switch attached to it. 3 48 port switches are then attached to the router/switch. <--After my re-wiring!!

    We have 2 Class C networks. One of them may be taken away by the state, and one Class C range is not enough ip address for my school. I can either subnet the two addresses into 4 subnets a piece (giving me 8 subnets with 62 addresses a piece) which I can easily use to divide our 5 major computer rooms and teacher computers with, or I can go Private!!!.

    I want to go private because I don't want to redo everything and then find out my school is slated to loose an IP range next year. No one in the district has gone private yet.

    QUESTION 1: Since private networks can not communicate with private networks very well, I want to make sure my network doesn't conflict with the district network--should they ever go private.

    Our network leadership is still finding it's way and I may be moving into a position of influence--especially if I clean up this school. If I go private I am going to map out a list of private ip ranges based on school and grade level. That way if another school decides to go private, or if the district decides to go private, there will be an IP table ready for them to use to determine their ip addresses which won't conflict with another school.

    Assuming I go with a class A private address and use as my subnet, I will have at the least 254 subnets with plenty of hosts. I could give each school a range with 65,00 hosts--plenty. We will never have more the 254 schools! All clean.

    BUT (finally here is the question part), if I give a school one of those private ranges, can they further subnet it down so they can isolate labs? Or will the entire school have to stay on that one subnet? Like I said, I would like to break my school into 6 subnets to manage traffic. Can I further break that one private ip range with 65000 hosts down? I know about subnetting, but I am not clear if you can subnet subnets. If you can, what is it called so I can research it out?

    QUESTION 2: If you work for a school district, could you tell me how you have it arranged so there is no IP conflicts? Our entire district is blessed with an abundance of IP ranges, HOWEVER, Arin won't give us any more and we are growing like crazy. Some of us will be sacrificing IP ranges to give to new schools. The state is also redoing it's router tables and they may be taking back some IP ranges. Now is a good time to implement, or at least prepare for, change.

    I can't believe every school district has enough public ranges for all of their schools. I am curious how your networks are set up--specifically how you manage your IP addresses? I am thinking it is wise to go private and use NAT, but many people at the district are wary of that idea. ARE YOUR SCHOOLS AND CLASSES USING VLANS AND SUBNETS? Ideas? Suggestions?
  2. mikescorpio81

    mikescorpio81 TS Rookie Posts: 292

    Class A subnet is probably best suited for such a large network infrastructure. VLAN could also work, with class C addressing for each VLAN port.
    How is your AD infrastructure set-up? Is there 1 DC tree or is it more of a forest, with multiple sites and DC's? Do you want them to all interact or share data in some way or keep them all isolated and hidden from sight?
  3. Nodsu

    Nodsu TS Rookie Posts: 5,452   +6

    There is absolutely no question about whether to use private addresses or not. Yes! Use private address ranges please! You get security, manageability and independence.

    You can do subnetting on as many levels as you like - it makes absolutely no difference. It is more human-friendly to split on the byte boundaries though (you get easy-to-remember IP addresses and no need for any the binary conversion). If you take the 10.x.x.x address range, then you could easily subnet it as 10.school.lab.host. No conflicts between schools would be possible either.
  4. jobeard

    jobeard TS Ambassador Posts: 12,282   +1,367

    yes :)

    Here's problem #1: you're drowning the net with multiple replies to every multicast(MC) request! MC is great for devices which go/come offline -- not for program communications protocols.
    Problem #2: This would be great for a gigbyte backbone or as a IPC
    channel on a multiprocessor frame. From your comment re CCNA, I assume you know or will very soon :)
    Use the routers to control subnet traffic and the switches to limit the traffic to client downlinks.
    Yes, but supernet subnet masks would span adjacent addresses
    (see this post)
    fine; your ISP access is public and your perimeter router/firewall transitions into the private range.
    they should all go with the perimeter router/firewall . Then you could run your own DNS and get flow between the sites.
    don't over engineer the solution. the VLan / VPN are network issues, but it's not likely that grade level would be.
    restrict physical sites to the A.B.C.Z subnet and allow the Z portion
    to be subdivided internally. With a router setting at EVERY Z address, you
    can transition from a Class A to a Class C subnet and still add lots of systems/clients. The Z route NAT feature will do the trick nicely.

    see previous comment
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...