Lets say you have a network 192.168.1.x with a subnet of 255.255.255.0 and
want to increase the number of hosts from the 254 to about 510.  I know you
change the scope on the DHCP server from so that your subnet mask is now the
255.255.254.0 but what happens if you forget to change the subnet on items
with a static IP and subnet?

My assumption is that a device with a static IP of 192.168.1.x would just
not be able to communicate wth a device that has a 192.168.0.x but still be
able to communicate with any 192.168.1.x item regardless of the subnet mask.
Is this correct.

Yep, that's correct.

Show quoteHide quote

Answer:  You end up with a subnet that is 256 hosts too big.

Ehternet looses efficiency around 250-300 Hosts.  Never make Segments bigger
than that.  If you need more than 254 Hosts then create a new segment and
add a LAN Router between the segments.   Any business that has over 250
employees and runs that many PCs can afford to buy a simple LAN Router.

Smaller bit masks (subnets with more hosts) are for Supernetting over
Backbones. That is how the Internet works.  It is not for creating Host
Subnets.

How much are we talking here?  The majority of computers are GB and now it
is only in the rarest situations where you can tell the difference between
being on a 100 Mb line or a Gb line on the network.  Word, Excel and other
docs open fast, however a 100MB project is SolidWorks does make a
difference.

I am sure you are correct about the efficiency and that I should create
vlans on my switches to take care of the traffic better and join them with
LAN Routers but I just got about 65+ employees and their network equipment
dumped on me so I need to get stuff configured in the fasted way possible
for the time being..


Show quoteHide quote

It depends on how much you actually care about an effiecient running
network.  Obviously the slower the network to quicker it is noticed, so a
Gigabit LAN will still "appear" to be running fine to the "human eye" but
the problem is still there.  I said it starts to lose effieciency after
250-300,...I don't mean it comes to a grinding halt at 301.  But once you
start to go down the path of a bad design it can be very difficult to go
back and correct it.

Do it right the first time,...that is what good IT people are supposed to
get paid to do :-)

Once you build a Topology "wrong" it can be very difficult to "go back".
You can get a new device practically over-night.  All you need is a Layer3
Switch and it does not have to be a real expensive one.  HP Pro-Curves tend
to be priced well.    You could build a Windows/RRAS box as a router but by
the time you fool around and fight with that you could have just bought a
Layer3 Switch and been done with it.

1. Take the Switch and enable the Layer3 Routing.
2. Take half the switch ports and assign them to one VLan and branch your
existing LAN off of these,
3. ...take the other half and assign them to a second VLan and branch the
new segment off of those.
4. Configure the Router [L3 switch] to forward DHCP Queries to the DHCP
Server
5. On the DHCP Server add a new Scope for the new segment. No superscopes!!!
Just a regular separate normal scope.

That's pretty much it.

The last steps would be to configure all Hosts on the entire LAN to use the
LAN Router as the Default Gateway.  Then configure the LAN Router to use the
Firewall as it default gateway.

On the Firewall add the new IP Range to the Local Address Table (or whatever
it calls the equivalent of that).

...........and the Firewall will need a Static Rout to tell it to use the LAN
Router as the "path" to get to the new subnet.

It may seem like a lot when you first read this,...but it is not.  I rattled
all of that off from the top of my head and didn't even have to put much
thought into it.   Once the L3 Switch is in place everything could be
configured in about an hour or two with the time it takes to correct the
Gateway on your statically assigned hosts.  DHCP Hosts are covered by fixing
the DHCP Scope for the new Default Gateway.

Well Phillip, you never steered me wrong in the Proxy forums so I will
continue to take your advice and not go the quick and dirty way out. But I
have one more question.

Can I do this without adding another DHCP server to the network?  Lets say I
want a 192.168.0.x and a 192.168.1.x network.  I have a Win2000 server that
happens to have 2 NICs in it.  How do I get this DHCP server to issue the
right IP addresses to the right computers I want in each subnet?

Show quoteHide quote

Of course.

Not nearly that complicated.  Add a new scope to the DHCP Server to "server"
the new subnet.  No Superscopes,....just a plain old normal standard Scope.

Configure the new LAN Router (L3 Switch?) to forward DHCP Queries to the
DHCP Server's IP#.  Some routing devices call them "Helper Addresses",...so
just read the Docs.

No additional Nics!

That's it,...its that simple.
Where a DHCP Server "lives" has no bearing on what subnets it serves or how
many.   You could serve DHCP to a couple hundred subnets and not even have
the DHCP server sitting on any of those subnets.  Forwarding DHCP Queries to
a DHCP server has been one of the primary "jobs" of a LAN router ever since
TCP/IP was invented.  DHCP Servers are already designed to know what to do
with those forwarded queries from the routers,...there is nothing to
configure.

Although I agree with Phillip in principal, that's not carved in stone
for every situation. Network traffic, not the number of network hosts
(though they are usually proportional) determine when you need to
segment and route. Many companies (including our local hospital for many
years) run 500+ hosts on a flat 100Mb network with perfectly acceptable
performance. You'll get lots of ARPs and NetBios broadcasts, but
although high in frequency, the bandwidth usage is surprisingly small.
Of course that does add overhead because those broadcasts have to be
processed up the stack to at least layer 2 or 3, so it adds overhead in
spite of the low bandwidth usage. But performance should be your
yardstick, not just number of hosts.

Kurt

Phillip Windell wrote:
Show quoteHide quote

That's true. I probably should explain myself a little bit there.  I don't
mean to imply that when a Segment hits 301 hosts it will fall on its face.
That is just the estimated point where the degredation curve starts to drop
more noticably.  At least that was what the Cisco CCNA material claimed back
when I studied for the CCNA.  I would love to have a book/chapter/verse
reference to it but I don't. It was something the material mentioned "in
passing" along the way and wasn't the primary subject, so I have been unable
to find the reference.  But the college staff "preaches" the same thing so I
feel I am in good company.

Also the /24 bit mask makes a nice clean break with the segments that is
easy to maintain, document, and just simply "remember" without having to
refer back to the documantation all the time.

Anyway, I like to just stick with proper principles and encourage others to
follow good principles.  A LAN  is always much better that way than one that
didn't follow such principles and has gone "too far" the wrong way and the
Admin is faced with the very difficult task of correcting it after the bad
infrastucture/topology has to some extent become "set in stone" just by its
very nature.

Preventing is always easier than correcting.

Yep.

JN wrote:
Show quoteHide quote

Migrating to a new server
2 PCs networked- One connected the other not online-Help!
XP Pro SP3 workstations hang on "applying computer settings"
My Computer shows LAN disconnected, but it's really connected???
NT4 on a 2000 Domain
From Windows XP Home I have to enter login/password for W2K share
time sync
A Networking question say with the Internet
scheduled shutdown of PC's on my network
DNs for Server 2003