Switching subnet /24 to /23
-
We are running out of ip addresses for subnet .1.xx. I know DHCP is capable of performing super cope, or combine subnets. But I think I need to increase subnet mask as well to accommodate the increase IP address range.
What is the pros/cons for going /23 subnet? Should I go even lower? -
this isn't a huge ordeal unless you have tons of statically assigned devices that would need to communicate with the devices outside of the existing scope.
If you're only using DHCP and have a handful of static IP addresses, just update the Subnet and go on with life.
-
You can change it with no down time though for the most part just devices you haven't changed from /24 to /23 won't be able to contact the ones outside of the smaller scope until you fix it.
-
I have 80 devices (printers, phones, server) that is on statics. The rest are DHCP. Should I eleminate statics all together and use DHCP reservation instead?
If /23 will double the available range, then /22 should quadruple it right? would you recommend going /22 for future proofing? -
This is easy, you just have to plan it out. Note, you cannot "change" the scope of your DHCP server. You can choose to add another or wipe it and reimport it via PowerShell (what I typically do).
- Understand what your new range will be. Since you are on X.X.1.X/24. the new scope will be X.X.0.X/23.
- Update your router LAN IP to use the /23. If it was X.X.1.1/24, it is now X.X.1.1/23.
- Update your DC (asusming a WIndows network here) to use the new /23.
- Put a test device manually on X.X.0.X/23 and make sure you have internet and can ping the DC.
- Update all of your static devices to the /23.
- Export the DHCP Scope via PowerShell
Export-DhcpServer -ComputerName dhcpserver.contoso.com -File C:\exportdir\dhcpexport.xml - Edit the XML file to expand the scope. Here is an example of one I did this on a couple years ago. Basically change the ScopeID, SubnetMask, StartRange, and add an ExclusionRange for the entire X.X.0.1-X.X.0.255 initially. You can delete this exclusion in the GUI later when you are ready to use it.
- Delete your current DHCP scope from the GUI.
- Import the updated scope from PowerShell.
Import-DhcpServer -ComputerName dhcpserver.contoso.com -File C:\exports\dhcpexport.xml. - Refresh the GUI, enable the scope, restart the service, etc.
- Make sure all the settings migrated in correctly.
- Force a machine to DHCP renew and you are done.
-
@LAH3385 said:
I have 80 devices (printers, phones, server) that is on statics. The rest are DHCP. Should I eleminate statics all together and use DHCP reservation instead?
I would take this opportunity to move all the non 100% critical (aka the DC and the Hypervisor) to DHCP reservations.
-
@LAH3385 said:
I have 80 devices (printers, phones, server) that is on statics. The rest are DHCP. Should I eleminate statics all together and use DHCP reservation instead?
Yes, 80 devices with a static IP would be a nightmare if you needed to do any changes. Move as many as you can to DHCP. Do MAC address reservations to lock them to a specific IP address.
-
@LAH3385 said:
If /23 will double the available range, then /22 should quadruple it right? would you recommend going /22 for future proofing?
Not unless you really think you need it. Does it hurt? Not really, but are you realistically thinking to need this size of a range in the next 5ish years?
-
No real downside to /23 other than the effort to make the switch. These days I would pretty much always start with /23 when designing a fresh network or maybe /22. Not much reason to not be ready. If you use it, you needed it. If you don't then it didn't matter.
-
@JaredBusch said:
This is easy, you just have to plan it out. Note, you cannot "change" the scope of your DHCP server. You can choose to add another or wipe it and reimport it via PowerShell (what I typically do).
- Understand what your new range will be. Since you are on X.X.1.X/24. the new scope will be X.X.0.X/23.
I am abit confuse on the #1. x.x.1.x/24 to x.x.0.x/23. Do you meant x.x.1.x/24 to x.x.1.x/23 ?
-
@LAH3385 said:
@JaredBusch said:
This is easy, you just have to plan it out. Note, you cannot "change" the scope of your DHCP server. You can choose to add another or wipe it and reimport it via PowerShell (what I typically do).
- Understand what your new range will be. Since you are on X.X.1.X/24. the new scope will be X.X.0.X/23.
I am abit confuse on the #1. x.x.1.x/24 to x.x.0.x/23. Do you meant x.x.1.x/24 to x.x.1.x/23 ?
No I did not mean X.X.1.X/23. That is not were the scope of the network starts.
You always note a network with the beginning of the subnet. So your X.X.1.0/24 becomes X.X.0.0/23 -
Use this to see how it all works. http://www.subnet-calculator.com/cidr.php
-
@JaredBusch said:
@LAH3385 said:
I have 80 devices (printers, phones, server) that is on statics. The rest are DHCP. Should I eleminate statics all together and use DHCP reservation instead?
I would take this opportunity to move all the non 100% critical (aka the DC and the Hypervisor) to DHCP reservations.
I'd agree.. as long as you mean leaving the DC static haha.
-
Does the workstations need to be restart to take the new IP address?
-
@LAH3385 said:
Does the workstations need to be restart to take the new IP address?
It doesn't need a new one. Only a new subnet mask. And no, you can renew the lease.
-
@LAH3385 said:
Does the workstations need to be restart to take the new IP address?
It should renew itself at somepoint as the DHCP server would still be within the old scope. It will just update the subnet mask when it send a request for a renew (and they check well before they expire to make sure they still have the lease.)
-
@LAH3385 said:
Does the workstations need to be restart to take the new IP address?
To more fully answer, this. If you followed my instructions the entire new range will be excluded in the DHCP scope anyway.
The reason I told you to do that would be to have less impact on your systems in case you missed something.
By doing this, nothing will be in the new range initially.
Then as your devices renew their DHCP, you can have a test device manually placed in the new space and make sure it can ping them all.
At that point, delete the exlusion range that blocks the entire new section and just setup an smaller exclusion for whatever you desire.
-
Currently our DHCP server reside on an older DC. With all these configurations I want to move it to our new DC (failover cluster) at the same time. Can I skip step #8 and start #9 onward on the new DC?
Or at that point start fresh DHCP is better?
Same question for DNS as well. -
@LAH3385 said:
Currently our DHCP server reside on an older DC. With all these configurations I want to move it to our new DC (failover cluster) at the same time. Can I skip step #8 and start #9 onward on the new DC?
Or at that point start fresh DHCP is better?Moving to a new DHCP makes it easier. Just export, makes changes, move the file to the new DHCP server.
Then prior to import, unauthorized and stop the DHCP service on the original.
On the new server, just port and authorize.
Restart service and you should be good to go. -
@LAH3385 said:
Same question for DNS as well.
There is no moving DNS. If you made the new DC a DC properly, then it already has all of the DNS.
Now, if you are going to make this new DNS server the primary, then you do need to update that in the DHCP scope as well as in any static assigned devices.
