Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1922
Views
3
Helpful
10
Replies

Running out of IP addresses. What to do?

slade
Level 1
Level 1

‎07-27-2004 07:40 AM - edited ‎03-02-2019 05:20 PM

Hi, have a site using 192.168.0/24 as the primary LAN address space. There are only a handful of IP's remaining and they are expecting the addition of 100+ hosts in the coming months. Bandwidth / performance wise there is plenty of room for growth. This 192.168.0 lan connects in to a firewall interface also numbered on the same address space and there are various other nets (service nets, etc) addressed at 10.0.x/24 that are also serviced by the firewall on different interfaces. Whatever the choice, those other nets need to remain accessible and the customer needs room for IP growth. There are no remaining ports on the firewall to tie in a new network. Can anyone recommend ways to approach this?

Thanks much.

Labels:
0 Helpful
10 Replies 10

Georg Pauwen
VIP
VIP

‎07-27-2004 08:24 AM

Hello,

does the firewall supports secondary addressing ? If so, you could add another address that would provide the needed address space. Or you could place a router between the firewall and your LAN, with several interfaces, or use secondary addressing on the router interface...

HTH,

Georg

slade
Level 1
Level 1
In response to Georg Pauwen

‎07-27-2004 08:43 AM

The firewall does support secondary addressing. I am a little confused though. Say the fw interface is now 192.168.0.1/24. The LAN behind it is 192.168.0.*/24. I assign another address to the fw at 192.168.10.1/24 (same interface). How will 192.168.0 hosts contact 192.168.10 hosts? It is possible to just start assigning 192.168.10 addresses to machines on the same switch as the 192.168.0?

0 Helpful

peter.mainwaring
Level 1
Level 1
In response to slade

‎07-28-2004 01:22 AM

The 192.168.0 hosts will talk to the 192.168.10 hosts via the router/firewall, it's just that the firewall will physically send the data out on the same interface.

There shouldn't be any problem assigning 192.168.10 addresses on the same switch as long as the secondary address has been defined on the firewall (with the necessary rules of course).

Pete

0 Helpful

felixen
Level 1
Level 1

‎07-29-2004 12:55 AM

Can't you user supernets? Just change the subnetmask to 192.168.0.0/23 instead and you have room for another 254 hosts in your network.

Then you just need to send out the new subnetmask via the dhcp and you can reconfigure the firewall/router before applying the changes to the clients. Eaven if they have a 255.255.255.0 netmask they will still find the default router.

Regards

// Fredrik Månsson

0 Helpful

ferro
Level 1
Level 1

‎07-29-2004 01:59 AM

Hi,

U may change ur subnet mask make it /23 or even /16 to increase ur hosts number this will make u change nothing in ur network structure.

Regards,

Hani Farouk

0 Helpful

tekha
Level 3
Level 3
In response to ferro

‎08-02-2004 12:12 PM

If you need more then 250 host's in the same physical location, don't just expand the mask to /23.

By doing so you will have 1 broadcastdomain, with a possible 500+ hosts, BAD IDEA!

You should probably make a new logical subnet insteed.

0 Helpful

Tsasbrink
Level 1
Level 1
In response to tekha

‎08-03-2004 10:09 AM

I do not agree on this being such a bad idea,

because the given solution is plain switching in stead of routing.

The topic starter told us there was plenty of bandwidth to add 100 clients.

But as we do no nothing about the capacity of the firewall we can only guess with is best.

But based on my experiance supernetting to /23 has never been a problem in most situations but i can assure you it is a whole lot faster than routing.

RGZ.

Tom

0 Helpful

tekha
Level 3
Level 3
In response to Tsasbrink

‎08-03-2004 11:57 AM

I'm worried about broadcast. I've seen subnets with 200+ host, breaking down from sheer Windows broadcast.

But i guess if your not using Windows on any of the host, you will probably not have any trouble at all.

0 Helpful

Tsasbrink
Level 1
Level 1
In response to tekha

‎08-09-2004 01:08 PM

We are using more than 20 /23 nets in our lan with average 80% windows systems and scopes filled up to more than 90% and even bridge decnet across the entire routed ip network and have never seen any problem with the broadcast/multicast level.

If you have seen this being a problem it only raises questions about the true cause.

0 Helpful

msibythomas
Level 1
Level 1

‎08-20-2004 10:52 AM

A modification to my earlier message sent yesterday.

According to me there are three ways to deal with it.

Since we do not know whether the hosts have used all the ip address or not or whether the existing ip address is insufficient to satisfy the requirements, there are three workarounds:

1. if you feel that there are some ip address going waste then you can apply the VLSM to better manage and utilising the ip address.

2. If you can afford to spend some cash, then I would recommend you to buy a switch and configur the VLAN which would be best suited thus by solving the problem of large number of hosts in the single broadcast domain.

3. If you have financial constraints then you can go on to use the subnet/23.

Hope these may resolve the issue. As I said earlier, I am a fresher who have recently completed my CCNA. I do not have any industry experience so might be these suggestions are wrong. I would appriciate if you could let me know if there are bettter ways for solving this issue.

Regards

Mathew

0 Helpful
Customers Also Viewed These Support Documents