1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Networks implementing a new network infrastructure

Discussion in 'Hardware' started by OneSeventeen, 11 Aug 2008.

  1. OneSeventeen

    OneSeventeen Oooh Shiny!

    Joined:
    3 Apr 2002
    Posts:
    3,454
    Likes Received:
    2
    Here's the scenario:

    We currently have enough devices on the network to warrant subnetting.
    All of our current networks are separated by physical wiring. (Meaning the wifi network has its own set of cables and switches, as do the media streaming and corporate LAN.)
    We have a SonicWall 3060 and a bunch of unmanaged switches.

    Here's what I just got in the mail:
    4 HP ProCurve 2848's
    4 miniGBIC SX LC adapters

    Here's what I'd like to do:
    Change our IP structure to 10.x.y.z
    x = building
    y = node type

    Is this possible with a bunch of managed switches and a single gateway router?

    We have roughly 8 "buildings" (0 = server room, 1 = main building, 2 = child check-in, 3 = radio building, 4 = radio station, 5 = student ministries building, 6 = plex/skate park/studio, 7 = bookstore/cafe)

    We could actually knock it down to just 5 buildings if that would make more sense. (Technically we only have the Main Building, Hub/Radio, Student Ministries, plex/skate park/studio, bookstore/cafe buildings.)

    We will only have managed switches (HP ProCurve 2848) in the server rack, main building, radio building, and student ministries building for now.

    We are on an active directory domain where the PDC is our DHCP server. Is it possible to have the DHCP server hand out IP's based on what building the person is in? Or at least allow me to just type in the default gateway and subnet mask, then have the device be handed an IP?

    I am incredibly new to networking, and have never worked with a managed switch. (I've done basic NAT policies, port forwarding, and firewalling, but that's about it.) I don't even know how to set up second subnet, much less 8 that should talk with each other.
     
  2. Cinnander

    Cinnander What's a Dremel?

    Joined:
    19 Apr 2007
    Posts:
    393
    Likes Received:
    2
    I'm not entirely sure but I *think* you need a router for each subnet, or building in this case. Seeing as the subnet mask is the same wherever you go (255.255.0.0) but the actual subnet (aka network segment) you're on changes from 10.0.x.x to 10.8.x.x, that seems to imply you'd need routing between them.
    The IPs of each device connected would be say 10.3.0.0 - 10.3.255.255 (aka 10.3.0.0/16) for the 3rd building, so the subnet mask would be 255.255.0.0. So, you'd have a star shape [central switch to each building], with another star at the end of each prong [router in the middle then all its machines round it]. You could think of it as a tree instead, of course. Not sure how you'd manage automatically assigning the third octet based on device type (unless you further subdivided with more routers, but that seems like a lot of overkill as you'd have potentially buildings * device-classes routers). The routers would all talk to one another via a central switch, to which the DHCP server would be connected making it centrally available.

    This is mere speculation though :p
     
  3. OneSeventeen

    OneSeventeen Oooh Shiny!

    Joined:
    3 Apr 2002
    Posts:
    3,454
    Likes Received:
    2
    I'm thinking the insane amount of subnetting would be crazy, so here's the new plan:

    10.0.0.0/16 for all nodes

    Have DHCP hand out 10.0.1.x

    Create static IP's for Servers, Printers, etc.

    Routers = 10.0.0.x
    Desktops/DHCP = 10.0.1.x
    Servers = 10.0.2.x
    Printers = 10.0.3.x

    I'd then assume that specialty items, such as security cameras, etc. that I'd like to truly be on their own network would be on their own subnet on their own VLAN.

    how does that sound?

    EDIT: Actually I'm looking at 10.0.0.0/20 since I don't need the full /16 range.
    Then the question is, how do I subnet other IP ranges...

    Can I just do 10.x.0.0/24 where x = different subnet?
    So our security cameras would be on 10.1.0.0/24 and our media streaming services would be 10.2.0.0/24 ?

    Is it kosher to divide up the subnet like that?
     
    Last edited: 13 Aug 2008
  4. Cinnander

    Cinnander What's a Dremel?

    Joined:
    19 Apr 2007
    Posts:
    393
    Likes Received:
    2
    Hmm I think if you do 10.0.0.0/16 then you might be able to do it with switches, but you'd effectively have everyone on one big network segment. If you did it with 10.0.0.0/24 then you'd start needing routers between the segments again.
    If you don't need the full /16 range it might just be simpler to use it anyway - /8 /16 or /24 mean you can discount the first, first two or first three blocks of the IP address respectively, so it can be easier to keep track of it in your head. If you start chopping off individual bits it might get confusing, so personally I'd just go with /16 for simplicity, hehe. then again if you want to stop people adding their own devices to the network a more stringent mask might help.

    You can do pretty much whatever you like with the subnets (assign them to various logical groups of hosts) but remember you'll need more than a switch to join say 10.0.1.0 and 10.0.2.0, if the subnet is /24: to transmit to a host outside the current subnet send to the default gateway (a router or a PC with two NICs doing routing) which in theory knows how to get the traffic there. If the subnet is 10.0.0.0/16 and you have hosts 10.0.1.7 and 10.0.2.3, these are on the same subnet (the subnet mask only covers the 10.0. part) so you can get away with a switch or bunch of switches (you could have 255*255 = 65535 hosts on the same subnet this way, so you'd need lots of switches!).
     
    Last edited: 13 Aug 2008
  5. OneSeventeen

    OneSeventeen Oooh Shiny!

    Joined:
    3 Apr 2002
    Posts:
    3,454
    Likes Received:
    2
    Okay, so then if I had 10.0.0.0/16 then everyone can see everyone as it is the same large subnet. (which is what I want)

    Then "weird" services, such as video surveillance, a/v streaming, a/v editing, and wifi can each be on their own smaller /24 subnets.

    I'd wind up with:
    • 10.0.0.0/16 - corporate LAN (printers, servers, workstations, etc) [max 65,534 nodes]
    • 10.1.1.0/24 - security cameras [max 254]
    • 10.1.2.0/24 - video streaming (WME, ustream, etc) [max 254]
    • 10.1.3.0/24 - a/v team (video editing and live production team) [max 254]
    • 10.128.0.0/9 - WiFi (We've got some Meraki devices which take this range) [max 8,388,606]

    Of course I could expand things in the future and shift things around if we need more space, but I doubt we'll do that at our current property.
     
Tags:

Share This Page