Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Changing network IP scheme for growing company 2

Status
Not open for further replies.

Aslan111

MIS
May 4, 2004
21
US
Howdy all,

I've been trying to decide what type of IP scheme to use for a client that is a growing company. My understanding of IP addressing, classed networks and the binary behind addressing is very good.

I'm planning on implementing a Class B network due to the fact that this company will be growing into a national company with branches all over the country in a year or two. We'll need the space for all the hosts as well as being able to define a branch subnet by the 3rd octet.

What I'm poring over currently is the ranges given for private networks are designated "non-routable". If private IP ranges are "non-routable", I'm presuming that communication between offices/routers is done simply via the routing table in the router's memory.

I was planning on using a 172.16/12 scheme. Could someone please let me know if I'm on the right track here? This is my first large-scale corporate network mapping and I don't want to screw it up.

Thanks in advance!
Aslan111
 
The Private IP Address Range you selected is a Class B range and should have 16 bits on in the subnet mask by default.

Do you mean 172.16.x.x/16?
 
My fault, sorry, slight typo there. Yes, that is what I meant - 172.16.x.x/16. And in fact, my intentions would be to subnet each campus in the range of 172.16.0.x/24, 172.16.1.x/24, etc. where the 3rd octet would indicate what campus/branch you're at.

I guess my main confusion was in regard to private IP blocks being called "non-routable". I was concerned that using these blocks would cause a problem with traffic between campuses. I was believing the interpretation of "non-routable" to simply mean that the IP's could not be visable to the outside Internet and would require NAT for any access to/from the Internet.

This particular company does not want to provide external Internet access to any campus directly, instead wishing to provide that access through the corporate network. We are likely looking at having an ISA server at each location to be able to restrict access based upon user/group membership.

So, the end result, am presuming, is that the Corporate router(s) will hold the routing table info for the remaining campus subnets for the flow of traffic between them.

Or perhaps I'm really barking up the wrong tree. :)

Thanks!
Aslan111
 
10, 172 and 192 are all acceptable internal address schemes. NAT would be required if accessing any sources external to your WAN.

Reamin positive. The affect on those around you will amaze.
 
Okay, well here is the issue. Private addresses are just that. Private. You can use them on your own Internal Private Network and you can not use them on the Internet.

Inside the Campus, you can use Private addresseing, on the Public interfaces you will need to have Public IP's. You will need NAT or some other Address Translation between them. Going from Campus to Campus depends on how you set it up. If you have to go though anything 'Public' once again you need unique addresses on those interfaces.

The block of 'B' addresses available in the Private range is from 172.16.0.0 thru 172.31.255.255. Each Network can have 65,534 (2^16-2) hosts on it, but there are only 16 Networks.

So, I guess what you have to look at is what kind of growth you are expecting.


Patty [ponytails2]
 
As long as you're ok with using a private addressing scheme, why not just use the 10.xxx Class A? If you're going nationwide, it would give you an extra octet to split up your subnetting scheme (give each region their own /16 network, and further subnet the branches from there).
 
Thanks to GrnEyedLdy and all for your valuable input.

I knew which IP blocks were considered private and non-routable. Again, I was mainly concerned with the label "non-routable" causing a problem between campuses - which I now understand to not be the case.

My plan was to implement a scheme where blocks reserved would look like so:

172.16.0.x/24 corporate offices
172.16.1.x/24 branch/campus 1
172.16.2.x/24 branch/campus 2
etc.
Corporate would be the hub for all branches with dedicated circuits connecting them - no external routable addresses or NAT required.

Lundah - this company has a rather streamlined concept where the issue of regional offices likely won't arise at least for the next 6-10 years. We don't anticipate having a scenario where any specific branch or campus would have more than 254 hosts at any location. If regions becomes an issue - we'd likely expand our network by changing the 2nd octet to 17 and up to account for regions.

Based on that information - would what I've proposed be a sound IP structure to work with? Other than growth beyond 254 hosts at any location can anyone anticipate a problem with that scheme?

Would a class C network be even more appropriate based on this model - would we even require the room that a class B would provide?

Thank you all!
Aslan111
 

Okay, I must be missing something here but if you use 24 bits of subnetting you are into the third Octect for Network and are no longer using a Private IP.

 
Perhaps I'm the one who's missing something. What would your suggestion be in this case?

Should I stick with a Class C in the 192.168.x.x range and use the 3rd octet for the network ID? As I mentioned, I don't see any scenario where each campus will require more than 254 hosts. I was using /24 previously to indicate that at each branch the subnet mask would be 255.255.255.0, even though the entire organization would be seen as /16, 255.255.0.0. I had thought that this could be done with the private range 172.16.x.x but I could be very wrong.

This company is a logistics company with relatively small offices at each branch location and a few dozen mail processing stations. Of course, I've taken in to account servers, network equipment, etc.

You can teach me how to read a clock if I'm going way off track here. :)

Thanks!
Aslan111
 
Private or not the IP can still be used as long as they keep those IP's private in terms of never using them to access other networks from their own or the internet.


In any case they need to access the outside world whether it be the internet or a customers WAN/LAN then they can NAT and PAT.
 
Thanks much. And that's what we intend to do as our ISP gives us a public IP with a /28 mask so that we have adequate NAT to reach DMZ or ISA servers. Otherwise, no other devices need to have any direct outside access except for browsing the web and other like activities.

The intention is to never have any campus other than corporate have direct internet access. All internet access will be provided over the corporate pipe.

Thanks to everyone for your input!

Aslan111
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top