It is possible to implement larger subnets than /24 without leaping all the way to /16
"Best" is always subjective, but without telling us how many IPs you foresee needing, and other key details, you'll be the only person capable of determining it. You have to ensure that all your edge and near-edge devices (firewalls, VPN concentrators, load-balancers) are updated accordingly. Also, the larger your subnet, the greater the chance of overlap with a subnet on the other side of a VPN. Beyond that, all the advice dispensed on subnetting this week should prove helpful. * * *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… * On Fri, Jan 13, 2012 at 4:33 AM, Oliver Marshall < [email protected]> wrote: > We’ve hit the limit of internal IP range and need to extend it. **** > > ** ** > > There’s a couple of options and I’m trying to gauge which is the “best”. * > *** > > ** ** > > Option 1 would be the easiest which is to extend our current range ( > 10.1.37.0/24) to a /16 (10.1.0.0/16) to give us a whopping 65k IPs. This > seems easy enough, change the IP settings in DHCP and on the servers and > firewall and reboot it all. However we then have a myriad of VPN > connections which will also need adjusting and a stack of old kit which > hasn’t been touched since the animals went in two by two.**** > > ** ** > > Option 2 is to segregate the non-important stuff. Everyone here has a > desktop, most also have a laptop. Everyone has a smart phone as well and > most also have a tablet of some kind. Add to that the IP based webcams, > printers, internet Tellys and the like and you can see why we’ve hit the > limit. Really only the laptops and the desktops need internal access (to > servers and the like). Everything else only needs external internet access. > So we set up a separate wifi for external access on its own IP plumbed in > to its own port on the firewall. That way we reduce the need for internal > IPs. **** > > ** ** > > Any other options or any issues you may see?**** > > ** ** > > Anyone know what the real world impact will be of changing the IP subnet > in a small to medium size network ?**** > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<personal22cd6.jpg>>
<<g2_support_llp_new_small_220_50_white72ae.jpg>>
