steve5088
(crrzzyy8s)
1
We are currently running DHCP & DNS on a Windows 2003 Server DC. We are also running out of IP’s and I need to recreate my scope.
I would like to know if there will be any issues and what steps I would need to take if I were to disable my current scope, setup DHCP on a new server with a larger scope, setup another DNS server and allow replication to happen. Delete my old scope and stop DNS on the current server.
I would like to do this on a Windows 2008 R2 server.
My domain is still 2003 with Exchange 2003.
I know I need to change all my static devices subnet mask since I will be going from a /24 to a /22. The reason we are resubnetting is because we will still only have the same amount of devices with maybe a growth of 20-30 more PC’s also…I dont know the first thing about VLAN’s, or switch routing. 
3 Spice ups
I would look into dividing your network into multiple subnets.
Especially If you will have the same amount of PC’s +20/30.
Also Assuming you have over 150 PC’s
steve5088
(crrzzyy8s)
3
Brian Steingraber wrote:
I would look into dividing your network into multiple subnets.
Especially If you will have the same amount of PC’s +20/30.
Also Assuming you have over 150 PC’s
We are currently at 110 and probably grow to 130 within the next year.
Sort of new to networking so dividing the network into mulitple subnets is something I am not sure how to do with my current network environment. and devices
You should be able to have more then enough IP Addresses for 130 computers within 1 subnet assuming you don’t have more then 120 IP addresses reserved for other network devices.
single subnet = 254 IP address
If you have your DHCP scope set to handout .100-.254 that gives you 154 leasable IP addresses.
Since you will only have up to 130 PCs’ you should probably be ok unless you have many many other devices eating up IP addresses.
I would set everything up on the new server and test a few non-essential devices before you disable anything on the old server. Your plan seems pretty solid other than that - as long as you are comfortable with DHCP scope setup.
Oh, you might want to get it all set up and flip the switch Friday at 5PM so you have the whole weekend for those “OH CRAP!” moments
I would shortern the least times to a few hours, switch one off last thing friday and switch the new one on, the pain of ip conflicts should resolve over the weekend
steve5088
(crrzzyy8s)
7
Brian Steingraber wrote:
You should be able to have more then enough IP Addresses for 130 computers within 1 subnet assuming you don’t have more then 120 IP addresses reserved for other network devices.
single subnet = 254 IP address
If you have your DHCP scope set to handout .100-.254 that gives you 154 leasable IP addresses.
Since you will only have up to 130 PCs’ you should probably be ok unless you have many many other devices eating up IP addresses.
Brian, I started off with 1-100 static with 101-254 for DHCP and eventually we ran out of static IP’s and began digging into our DHCP leases. Our company moved to digital security camerars that all required a static IP.
Stephen7712 wrote:
I would put the digital security camera’s on their own subnet using VLANs.
1 Spice up
steve5088
(crrzzyy8s)
9
No clue on how to create VLAN’s.
If this helps, I have a layer 3 switch hooked up to my servers and a few IT PC’s and a 4 - Layer 2 switches hooked up to my PC’s.
I’d go with Brian’s suggestion and put the cameras in a separate VLAN and use the layer 3 switch for inter VLAN routing.
I run two subnets at my office location (1 for public wireless that has access to the internet and 1 for our office devices) and here is how I did it.
I setup a Untangle firewall with a quad port NIC installed. This acts as the gateway between each subnet as well as the internet.
In the firewall I assign 1 port for our internet access (per ISP instructions) and assign a different IP to 2 other ports (192.168.200.1 / 24 and 192.168.201.1 / 24 for example.)
I then run a network wire from the firewall to 2 different switches (in my case 1 switch segmented via VLANs but you can accomplish the same with two different switches.) Be sure to NOT connect the two switches together.
Within the Untangle firewall I can specify to pass traffic from one subnet to another subnet based on certain rules such as IP address or range of addresses, port, protocol, etc. If you don’t specify any rules then by default each subnet only has access to itself and the internet.
Now there are a lot of other ways to accomplish this but for the size of company I work for (less than 50 people) this was the easiest and least expensive way. Also you don’t need to use Untangle, this was the firewall I choose but there are a lot of other solutions out there to choose from.
steve5088
(crrzzyy8s)
12
So seeing as the object would be to create a vlan can someone point me in the direction for vlans for dummies.
I need to create vlans and all of my PC’s need to see all of the servers. The cameras need to see 4 of the security camera servers and video equipment needs be accessible from an internet page.
