Best IP Addressing Scheme
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-25-2004 07:13 AM - edited 03-02-2019 03:55 PM
I am in the process of constructing a site-to-site VPN. We have 1 central location, and 7 branch offices. We are utilizing PIX firewalls.
My question pertains to the IP addressing scheme which would make the most sense; an addressing scheme which would allow for future growth - including VOIP/telephony - and which would most closely follow standard conventions.
At our central location, we have approximately 25 users, plus network printers and servers. At our two largest branch offices, we have approximately the same. The remaining branch offices are rather small,
with only 3-5 users.
Over the long run, we may do away with the VPN and implement a bona-fide private wide-area network, constructed and hosted by a telcom vendor.
A VOIP/Telephony solution would be implemented when
and if this comes to fruition. At the present time, lack of funding makes this impossible.
During the course of implementing the "here-and-now" VPN/data-only solution, I would like to implement an IP addressing scheme which makes the most sense, and which would allow for a smooth transition to the above-mentioned private WAN - including the VOIP-telephony-solution.
I'm debating between a :
192.168.1.x Central Office
192.168.2.x Branch Office #1
192.168.3.x Branch Office #2
192.168.4.x Branch Office #3 , etc.
addressing scheme ......
versus an
10.x.1.x Central
10.x.2.x Branch 1
10.x.3.x Branch 2
10.x.4.x Branch 3 , etc.
scheme, or even an
172.x.x.x
type scheme.
Which scheme would make the most sense.
And what about the subnet masks (255.255.255.0 versus 255.255.0.0 ).
Thank-you for your input.
Terry J. Terenzetti
- Labels:
-
Other Networking
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-25-2004 07:57 AM
Hello Terry,
You can use 192.168.0.0 for your corporation. Usually the central site grow faster than branch offices.
Think binary to divide your address space. You can divide in 4 the 192.168.0.0. Keep 1/4 for the central site and use the rest for the branch offices.
Give more addresses that you need for each site. That way, you will not have the re-address in a few years.
I always subdivide by a factor of 2.
HTH,
Nadine.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-26-2004 06:44 AM
Hello Terry,
please read rfc 1219 before you assign your addresses.
If you need not more than 254 addresses in each subnet all ranges are ok, for private addresses please use 172.16.x.x. in case of classB networks.
Subnet-mask 255.255.255.0 is the easiest one in your case.
Count host-addresses from the right and net-addresses from the left.
--------------------------------------
| subnet field | host field |
|-----------+-------------+------------|
| | | |
| 1's & 0's | 0's | 1's & 0's |
/\
||
Both hosts and subnets can
grow here
in your case use:
right 5 bits for hosts
binary 00000000 to 00011111
dec. 1-31
left 3 or 4 bits for networks
binary 00000000 11110000
dec. 16,32,48,64,80,96,112,128,144,160, ...
you reach a maximum of flexibility, room for growing and possibility for super-netting.
For instance:
192.168.64.0 255.255.555.0 for central location
192.168.144.0 255.255.555.0 for 1. branch office
192.168.160.0 255.255.555.0 for 2. branch office
192.168.176.0 255.255.555.0 for 3. branch office
192.168.192.0 255.255.555.0 for 4. branch office
192.168.208.0 255.255.555.0 for 5. branch office
192.168.224.0 255.255.555.0 for 6. branch office
192.168.240.0 255.255.555.0 for 7. branch office
kind regards Peter
