Re: Change IP subnet for a site
- From: phawley77 <phawley77@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 16 May 2005 08:17:25 -0700
"Herb Martin" wrote:
> "phawley77" <phawley77@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:B398D1CE-A45A-44F4-96DE-785205B89329@xxxxxxxxxxxxxxxx
> > Would somebody be able to help me with the following scenario:-
> >
> > A number of sites in a small private distributed network (50 sites, 100
> DCs
> > - 2 per site, 10000 users) need to have their internal IP allocation
> changed
> > as they have outgrown their allocation (ie changing from a 10.0.1.0/24 to
> a
> > 10.2.1.0/23). The AD sites are controlled centrally at the datacentre and
> can
> > be changed centrally, but the changes onsite will be done by an engineer.
>
> You might be better served by adding additional subnets
> to the larger sites.
>
> Especially if only a relatively few sites have more than
> 250 clients.
>
> With the (low) cost of todays routers, and even switch-routers,
> it is uncommon to allow even 100 clients on the same broadcast
> domain (i.e., subnet.)
>
> Many people will not even go that high.
The only problem being that the network is part of a private network in the
hands of an another service provider that we as the managed service can't
change. ie we tell them a site needs a block of 512 instead of 256 and they
tell us the new allocation. There maybe a situation where not all of the
clients are connected, but I have to allow for the possibility that they are
all connected at once. If I said the client was in the education sector then
it may shed some light - they do weird and wonderful things!!
>
> > I was going to carry this out in the following manner.
> >
> > Engineer onsite:
> >
> > 1) Change the IP address, mask, gateway, Primary and secondary DNS
> > information on the first DC in the site, followed by the second one.
>
> The routers must understand this first.
The network provider would do this as we do our bit.
>
> > 2) Delete existing DHCP scope, create new one, change the exclusion range
> > and lease length, etc.
>
> I would probably disable (initially) rather than delete the scopes.
I agree.
>
> > 3) Recreate the reverse lookup zone for the new allocation. Reboot the
> > servers.
>
> Or just use a common (single) reverse zone.
>
> > 4) Have the engineer contact the datacentre to update sites and services
> > with the new subnet information
>
> Probably best done earlier if possible. Especially
> if you don't have to move subnets but just make them
> bigger. Again, though, I would try to avoid this by
> spliting the cable segments into multiple subnets.
This was the part where i wasn't sure whether to get this done ahead of
time, put like i said its likely we will be given a new subnet rather than an
extension of the old one.
>
> > 5) Perform ipconfig /registerdns on the two servers on the site to update
> > DNS to ensure proper DNS registration.
>
> This only works for Non-DCs and should happen right
> after changing the IP -- if you reboot it is automatic.
>
> > 6) Check Connectivity with the datacentre servers
> >
> > 7) Reboot clients to ensure they pick up a new IP address from the new
> range.
>
> Ipconfig /renew (works just as well.)
Dodgy hardware in places means this command doesn't 'always' work for this
client.
>
> You will also want to find all IP references to servers that
> will change addresses, DNS (including forwarder entries),
> WINS servers, routers, print devices, etc.
I am assure that all references to the servers are by DNS name so should be
OK.
>
> > All that said, given that this will be carried out during off hours, does
> > this method make sense or am I missing something? Also can steps 1 - 4 be
> > carried out normally, or do the servers need to be rebooted in Directory
> > restore Mode (a colleague thinks this may be necessary).
>
> You will want to double-check the DCs (replication etc.)
So presumably force a replication afterwards to a DC at the datacentre, and
back from the datacentre DC?
> and the DNS.
>
> Here are the general guidelines:
>
>
> --
> DNS for AD
> 1) Dynamic for the zone supporting AD
> 2) All internal DNS clients NIC\IP properties must specify SOLELY
> that internal, dynamic DNS server (set.)
> 3) DCs and even DNS servers are DNS clients too -- see #2
> 4) If you have more than one Domain, every DNS server must
> be able to resolve ALL domains (either directly or indirectly)
>
> netdiag /fix
>
> ....or maybe:
>
> dcdiag /fix
>
> (Win2003 can do this from Support tools):
> nltest /dsregdns /server:DC-ServerNameGoesHere
> http://support.microsoft.com/kb/q260371/
>
> Ensure that DNS zones/domains are fully replicated to all DNS
> servers for that (internal) zone/domain.
>
> Also useful may be running DCDiag on each DC, sending the
> output to a text file, and searching for FAIL, ERROR, WARN.
>
> Single Label domain zone names are a problem Google:
> [ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
>
Cool, so apart from the minor changes, and given the constraints, then the
process should be OK right?
>
> --
> Herb Martin, MCSE, MVP
> Accelerated MCSE
> http://www.LearnQuick.Com
> [phone number on web site]
>
>
>
.
- Follow-Ups:
- Re: Change IP subnet for a site
- From: Herb Martin
- Re: Change IP subnet for a site
- References:
- Change IP subnet for a site
- From: phawley77
- Re: Change IP subnet for a site
- From: Herb Martin
- Change IP subnet for a site
- Prev by Date: Re: security descriptor
- Next by Date: RE: user cannot add a gpo to an OU
- Previous by thread: Re: Change IP subnet for a site
- Next by thread: Re: Change IP subnet for a site
- Index(es):
Relevant Pages
|
