Is our IP address causing too much network traffic?

[1665]

Hi, is our IP address causing too much network traffic? We have 250-300 PC and we use the the IP address scheme of 128.101.0.0/16. It's always been like this we have never changed it. It seems our netwok is slow much of the time and we have never bothered to look in to it. So what do you think?

Does this address cause more broadcasts as it's a 'public' address?

What tool can we trial to monitor the network and see whats taking up all the bandwidth etc?

I thank you in advance if you can help!

Andy

 

[ricpinto]

There's a security issue using public ip. It's easier for hackers to penetrate your network and do malicious things. Like flooding your bandwitdh, sending you trojans etc.

 

[1666]

But wouldn't our number of firewalls stop this?

Does this address cause more broadcasts as it's a 'public' address?

What tool can we trial to monitor the network and see whats taking up all the bandwidth etc?

 

[Whoheard]

First questions is: does this scheme, 128.101, belong to you?

If not, I would implement the recommended private network as suggested above.

bob

I know what I know and that's all I know. What I don't know I'll find out.

 

[jbud]

So what do you think?

I think you should:
1. transition to a private addressing scheme, as recommended above. If you're truly with the U of Minn, you've already advertised a good bit of info.
2. segment your network - if all of your 250-300 PCs are in the same broadcast domain, you're likely going to see traffic issues.

Does this address cause more broadcasts as it's a 'public' address?

No. But, since it's a public address space, it's relatively easy for outsiders to route traffic towards your PCs. Whether or not it's stopped at one of your firewalls is another matter.

What tool can we trial to monitor the network and see whats taking up all the bandwidth etc?

There are many choices depending on your environment - you'll want something for your OS and networking gear. A good, inexpensive start may be MRTG, again, depending on your environment. Using a search engine will generate many, many leads. If you have relationships with any IT consultants or vendors, I'm sure they'd be happy to demonstrate something.

 

[1666]

We have one domain, how would you segment it? We could change the address via our DHCP servers and update the NAT translations on the firwalls to point to the correct servers like Exchange.....good starting point?

BTW we are not U Minn as the whois shows, it was once a small network setup by someone who didn't know about IP addressing an it grew from there!

 

[1666]

Also, as we use a public addresses how can users route to our PC's if the addresses are 'hidden' behind the firewall. Our firewall uses public IP's owned by us when then NAT to our servers etc...

 

[Whoheard]

First off, change the address scheme to a private 10.1.0.0/16; or something else in the private range. You might be surprised at what that alone will fix. But, whatever you do, you should not continue to use an IP address scheme that is not yours. You could be causing problems for them as well.

Then, if you still have problems, break it down a little further: 2 networks using 10.1.1.0/24 and 10.1.2.0/24. But, you will need a router that is able to handle multiple addresses on an interface or a has two interfaces. Your firewall can do this for you as well; depending on the firewall type.

As for your firewall, it does not care what your address scheme is as long as it is configured properly.


bob

I know what I know and that's all I know. What I don't know I'll find out.