Re: Change IP subnet for a site
- From: "Herb Martin" <news@xxxxxxxxxxxxxx>
- Date: Mon, 16 May 2005 16:55:09 -0500
> The only problem being that the network is part of a private network in
the
> hands of an another service provider that we as the managed service can't
> change. ie we tell them a site needs a block of 512 instead of 256 and
they
> tell us the new allocation. There maybe a situation where not all of the
> clients are connected, but I have to allow for the possibility that they
are
> all connected at once. If I said the client was in the education sector
then
> it may shed some light - they do weird and wonderful things!!
>
If you have 10,000 users and they tell you something
that stupid (without trying to understand your problem
and service the account) then you might tell them you
are finding a new service provider.
But even if you continue with them, there is NOTHING
stopping you from using two subnets INSIDE your net;
you make the change from /23 to /24 at your router(s).
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
"phawley77" <phawley77@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:297A733A-054E-4F5F-9DE8-020236E4078A@xxxxxxxxxxxxxxxx
>
>
> "Herb Martin" wrote:
>
> > "phawley77" <phawley77@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> > news:B398D1CE-A45A-44F4-96DE-785205B89329@xxxxxxxxxxxxxxxx
> > > Would somebody be able to help me with the following scenario:-
> > >
> > > A number of sites in a small private distributed network (50 sites,
100
> > DCs
> > > - 2 per site, 10000 users) need to have their internal IP allocation
> > changed
> > > as they have outgrown their allocation (ie changing from a 10.0.1.0/24
to
> > a
> > > 10.2.1.0/23). The AD sites are controlled centrally at the datacentre
and
> > can
> > > be changed centrally, but the changes onsite will be done by an
engineer.
> >
> > You might be better served by adding additional subnets
> > to the larger sites.
> >
> > Especially if only a relatively few sites have more than
> > 250 clients.
> >
> > With the (low) cost of todays routers, and even switch-routers,
> > it is uncommon to allow even 100 clients on the same broadcast
> > domain (i.e., subnet.)
> >
> > Many people will not even go that high.
>
> The only problem being that the network is part of a private network in
the
> hands of an another service provider that we as the managed service can't
> change. ie we tell them a site needs a block of 512 instead of 256 and
they
> tell us the new allocation. There maybe a situation where not all of the
> clients are connected, but I have to allow for the possibility that they
are
> all connected at once. If I said the client was in the education sector
then
> it may shed some light - they do weird and wonderful things!!
>
>
> >
> > > I was going to carry this out in the following manner.
> > >
> > > Engineer onsite:
> > >
> > > 1) Change the IP address, mask, gateway, Primary and secondary DNS
> > > information on the first DC in the site, followed by the second one.
> >
> > The routers must understand this first.
>
> The network provider would do this as we do our bit.
>
> >
> > > 2) Delete existing DHCP scope, create new one, change the exclusion
range
> > > and lease length, etc.
> >
> > I would probably disable (initially) rather than delete the scopes.
>
> I agree.
>
> >
> > > 3) Recreate the reverse lookup zone for the new allocation. Reboot the
> > > servers.
> >
> > Or just use a common (single) reverse zone.
> >
> > > 4) Have the engineer contact the datacentre to update sites and
services
> > > with the new subnet information
> >
> > Probably best done earlier if possible. Especially
> > if you don't have to move subnets but just make them
> > bigger. Again, though, I would try to avoid this by
> > spliting the cable segments into multiple subnets.
>
> This was the part where i wasn't sure whether to get this done ahead of
> time, put like i said its likely we will be given a new subnet rather than
an
> extension of the old one.
>
> >
> > > 5) Perform ipconfig /registerdns on the two servers on the site to
update
> > > DNS to ensure proper DNS registration.
> >
> > This only works for Non-DCs and should happen right
> > after changing the IP -- if you reboot it is automatic.
> >
> > > 6) Check Connectivity with the datacentre servers
> > >
> > > 7) Reboot clients to ensure they pick up a new IP address from the new
> > range.
> >
> > Ipconfig /renew (works just as well.)
>
> Dodgy hardware in places means this command doesn't 'always' work for this
> client.
>
> >
> > You will also want to find all IP references to servers that
> > will change addresses, DNS (including forwarder entries),
> > WINS servers, routers, print devices, etc.
>
> I am assure that all references to the servers are by DNS name so should
be
> OK.
>
> >
> > > All that said, given that this will be carried out during off hours,
does
> > > this method make sense or am I missing something? Also can steps 1 -
4 be
> > > carried out normally, or do the servers need to be rebooted in
Directory
> > > restore Mode (a colleague thinks this may be necessary).
> >
> > You will want to double-check the DCs (replication etc.)
>
> So presumably force a replication afterwards to a DC at the datacentre,
and
> back from the datacentre DC?
>
> > and the DNS.
> >
> > Here are the general guidelines:
> >
> >
> > --
> > DNS for AD
> > 1) Dynamic for the zone supporting AD
> > 2) All internal DNS clients NIC\IP properties must specify SOLELY
> > that internal, dynamic DNS server (set.)
> > 3) DCs and even DNS servers are DNS clients too -- see #2
> > 4) If you have more than one Domain, every DNS server must
> > be able to resolve ALL domains (either directly or
indirectly)
> >
> > netdiag /fix
> >
> > ....or maybe:
> >
> > dcdiag /fix
> >
> > (Win2003 can do this from Support tools):
> > nltest /dsregdns /server:DC-ServerNameGoesHere
> > http://support.microsoft.com/kb/q260371/
> >
> > Ensure that DNS zones/domains are fully replicated to all DNS
> > servers for that (internal) zone/domain.
> >
> > Also useful may be running DCDiag on each DC, sending the
> > output to a text file, and searching for FAIL, ERROR, WARN.
> >
> > Single Label domain zone names are a problem Google:
> > [ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
> >
>
> Cool, so apart from the minor changes, and given the constraints, then the
> process should be OK right?
>
> >
> > --
> > Herb Martin, MCSE, MVP
> > Accelerated MCSE
> > http://www.LearnQuick.Com
> > [phone number on web site]
> >
> >
> >
.
- Follow-Ups:
- Re: Change IP subnet for a site
- From: phawley77
- Re: Change IP subnet for a site
- References:
- Change IP subnet for a site
- From: phawley77
- Re: Change IP subnet for a site
- From: Herb Martin
- Re: Change IP subnet for a site
- From: phawley77
- Change IP subnet for a site
- Prev by Date: Security on user accounts
- Next by Date: Re: How to get list of logged-in users?
- Previous by thread: Re: Change IP subnet for a site
- Next by thread: Re: Change IP subnet for a site
- Index(es):
Relevant Pages
|
