Thanks for the long and detailed info Kurt. I think I will be learning about vlans VERY soon!
I do remember reading about helper addresses and will look into that further. Thanks, Jeff Johnson Systems Administrator 714-773-2600 Office 714-773-6351 Fax -----Original Message----- From: Kurt Buff [mailto:[email protected]] Sent: Thursday, December 17, 2009 4:42 PM To: NT System Admin Issues Subject: Re: Need more IP addresses Jeff, To expand a bit on Don and Glen's explanations: I'll assume for the moment that your switches are capable of doing VLANs. I'll also assume that your router understands VLANs, or that at least one of your switches is layer-3 capable. A layer-2 device (most switches, unless they are specifically layer-3 devices, which means that they are also routers), need a layer-3 device to get data from one VLAN to another VLAN on the same switch. This can be as simple as a one-armed router (aka router on a stick), which is a layer-3 device that understands VLANs, and has a single physical connection to the layer-2 device, or it could be a multi-port router to which all of the layer-2 devices are connected. Regardless, this layer-3 device gets packets that are tagged with the source VLAN info and which is destined for a different VLAN, retags the packets and sends them out to the intended VLAN. You can then configure your switches to have multiple VLANs carried on them, or if you have enough switches and ports, and have them all logically and physically segregated, each switch can be dedicated to a single VLAN. The second option, increasing your DHCP scope, is easier to implement, but has some definite drawbacks. The biggest drawback is broadcast traffic. Computers are chatty things, and frequently send out broadcast packets of various types. This broadcast traffic is one of the reasons why routers are in such demand - they separate broadcast domains, just like switches separate collision domains for Ethernet. There's also good reason why /24 (aka 255.255.255.0) is such a popular network size - after a certain point, the broadcast traffic on a network starts to affect the performance of the hosts on the network, because so much overhead is dedicated to processing the broadcast packets. So, while increasing the subnet mask for your network will work, if you choose it as a longer-term solution you'll want to make sure that the broadcast traffic isn't affecting network performance too much. All told, if you can, go with VLANs. Also, learn about helper addresses for DHCP as part of that learning about VLANs. Not a big deal, but it can bite you if you neglect it. HTH, Kurt On Thu, Dec 17, 2009 at 12:49, Jeff Johnson <[email protected]> wrote: > > I am in need of more IP addresses on my network. > > > > My current network looks like this: > > 192.168.1.x > > 255.255.255.0 > > > > I am using 248 IP’s currently, so I have very little expansion available. I > do see the potential to increase in the following year, so I had better get > my butt thinking about this soon. Plus I have Christmas and New Year’s > holidays that I could work with no one on our network for 3 full days. > > > > I am thinking about changing my subnet to something like 255.255.254.0 or > 255.255.252.0. Would this be a good way, or would I be better adding an > additional router and just creating a new 255.255.255.0 network on > 192.168.2.x? > > > > I guess my question is which is the “correct” way? > > > > Jeff Johnson > > Systems Administrator > > 714-773-2600 Office > > 714-773-6351 Fax > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
