Flat Network Server Migration

xlgaqyp90 · ‎07-18-2012

I have a flat network where all devices are part of a class B subnet. For one reason or another I need to move the servers out of this subnet to a new subnet in a dedicated VLAN. As part of the migration I need to preserve the server's IP addresses in the flat network and translate the addresses to their new IP using NAT so I can track scripts/services that have been configured with an IP address instead of an FQDN and alter them (identified throught the NAT translations table).

What is the best way to accomplish this. I have access to a 1941 ISR G2 router for the NAT configuration. My initial thoughs are to configre secondary IP addresses that relate to the old server addresses on the interface into the old network and NAT those to the new IP, but I'm not sure how to get this to work?

Regards,

Andrew

darren.g · ‎07-18-2012

Andrew Gardner wrote:
I have a flat network where all devices are part of a class B subnet.  For one reason or another I need to move the servers out of this subnet to a new subnet in a dedicated VLAN.  As part of the migration I need to preserve the server's IP addresses in the flat network and translate the addresses to their new IP using NAT so I can track scripts/services that have been configured with an IP address instead of an FQDN and alter them (identified throught the NAT translations table).
What is the best way to accomplish this.  I have access to a 1941 ISR G2 router for the NAT configuration.  My initial thoughs are to configre secondary IP addresses that relate to the old server addresses on the interface into the old network and NAT those to the new IP, but I'm not sure how to get this to work?
Regards,
Andrew

Andrew.

The problem with what you want is that because the "old" IP addresses are still in the same class B subnet as the devices trying to conenct to them, they'll never get to the router, so it won't be able to NAT to the new addresses. As far as the originating connector is concerned, it's trying to talk to a device on the same network as it is, so it'll just spray the packets out without trying to route to them. The router will never get involved because the packets will be on the same network as its interface, so it'll ignore them and never pass them to the NAT process.

Rather than moving the servers out of the class B network, I'd keep the servers ONLY in the class B network and move everything else into another network. So move the class B network into your new VLAN and change the IP adderssing on your old VLAN to something different. That way your connection scripts/services will still be connecting to the same IP addresses. This is possibly (probably) more work, depending on the number of nodes - but at least you'd be able to genuinely route to the server devices..

Another alternative is to make the subnet smaller - if your servers are numbered in a section so that you can group them into a /24, then take that /24 and put it on your new VLAN and change your existing VLAN to a larger chunk of the /16 to fit the other devices - maybe a /20 if the addressing scheme is contiguous enough.

I can't think of another way to do what you want and avoid having to change the IP addresses of the servers.

Cheers.