I have a server that I need to move to another network whose IP address I can't change. For example, the server is on the 192.168.0.0/24 network with an IP of 192.168.0.100 and I need to move it to the 192.168.10.0/24 network. Each network has a gateway IP address of 192.168.x.1 and the routing is handled by a pair of Cisco 2951 routers.
Looking over the example Cisco configs, I see one using NAT that would allow clients to access a moved server at its old IP address. This of course depends on you being able to change the IP address of the server, so I guess what I'm looking for is something in reverse.
Is this something that can be acomplished by NAT or is there another technology that can be used?
@Richard Burts Actually, that sounds perfect. I could fairly easily work around the issue of a small number of IP addresses not being accessible, that shouldn't be a problem. What would be the best way to proceed in this instance? I have a lab set up in GNS3 where I plan on testing this out and then moving to a physical test before making the actual change.
If at all possible, could you explain this in a little bit more detail? There's quite a few moving parts here and frankly, this is way over my head already LOL. Thanks again for your help!
You have asked that I explain in more detail. So let me start by reviewing the issue and my proposed way to address it. You have a server in your network that is running some old software that needs to be moved to a new physical location. But that software requires that it still have its original address in the new location. The network/original subnet will continue to operate in your network after the server is moved, so just moving the entire network/subnet can not be done. The solution is to create a new small subnet at the new location that uses some of the addresses from the original network/subnet. You really only need 2 valid addresses in the new subnet (the original address for the server and an address for the router interface). Depending on the addresses used it might be sufficient to use a /30 subnet which would give you exactly two useable addresses. If the server address is really something that has 100 in the last octet than a /30 will not do because 100 would be the subnet address. In that case you would need a /29 subnet. You would configure the router address (perhaps as 192.168.0.99) as a secondary address so that this interface will support two subnets. The router would advertise both subnets to the rest of the network. The result is that the server is reachable from all devices in the network and continues to use its original address. Note that one impact of this approach is that any devices in the original network/subnet that have addresses in the new subnet will no longer be reachable.
My original suggestion had included using static address translation to make the server address reachable. As I wrote this explanation I realized that the address translation is not needed. All that we need is to have a small subnet at the new physical location that uses a few addresses from the original network/subnet.
In thinking about how to test this I realize that we do not know whether your network uses a dynamic routing protocol or uses static addresses. A dynamic routing protocol makes it easier and I will assume that this is what you do and I will describe testing using dynamic routing.
1) using router1 configure an interface for the original network perhaps 192.168.0.0 255.255.255.0
2) on router1 configure an interface that will connect to router2 with an IP address.
3) on router1 configure a dynamic routing protocol that processes these two interfaces.
4) on router2 configure an interface that connects to router1 with an IP address that is in the same subnet.
5) on router2 configure an interface for another network/subnet (perhaps 192.168.10.0 255.255.255.0)
6) on router2 configure on that interface a secondary address perhaps 192.168.0.96 255.255.255.248
7) on router2 configure the same dynamic routing protocol used on router1 and have it process the three subnets (the subnet used for connection, the primary subnet, and the secondary subnet).
8) you will need at least one more network/subnet to represent other users in your network who need to access the server. You might use another router for this or you might use additional subnets of either or both of router1 and router2.
When you want to put this into production it is really quite easy.
1) on the router interface at the new location configure the new secondary address.
2) make sure that the dynamic routing protocol on that router advertises the new subnet.
3) move the server.
In reviewing this I realize that I am making an assumption that needs to be verified. I am assuming that the old software must keep the original address but that the software would allow you to change the gateway address that the server uses.
@Richard Burts First, I would really like to thank you for all of your help. I've tested your solution and it worked perfectly. Unfortunately, as I went to test this on the network I realized it isn't going to work. It's entirely my fault as I failed to realize there are more devices below the server IP address that would still need to be accessible.
The network 192.168.0.96/28 gives me enough IP addresses, but there are other hosts on the old network that would have addresses in this space. Even though I only need to move 192.168.0.100 I would still have 2 hosts (192.168.0.98 & 192.168.0.99) that would need to be accessible on the old network. No matter what combination of subnets I try and calculate, I can't come up with one that would include 192.168.0.100 but exclude 192.168.0.99 and 192.168.0.98.
At this point I'm certainly open to suggestions, but is there really anything else that can be done?
So going back your gns topology I see a rtr at each site connecting into your wan - what are these device(s) in your live environment and are these devices that routes traffic between your sites ?
Can you post the configuration of these devices
@paul driver Yep, each router acts as the gateway for the local subnet, routing traffic over a simple L2 metro Ethernet connection provided by a local ISP. The routers are Cisco 2951 ISRs and behind each router is a Catalyst 4507+E switch running a mix of 6L-E and 7E supervisors. All devices are minimally configured and besides the vLAN on the WAN interfaces, the only other service configured is EIGRP.
I've attached the configs for the routers, if you'd like to see the config for the switches just let me know.
I am glad that you have tested my solution and that it works. I appreciate the problem that some devices in the original subnet still need to be accessible. You might try using a /31 subnet (255.255.255.254). That would include .100 and .101 but not include .98 or .99. I have seen this used on point to point serial links and it is fine. I have not tried it on Ethernet interfaces and so can not say for sure that it would work for you. But it is certainly worth testing.
After posting that response suggesting using a /31 subnet I realized that there is another solution that I am confident will work. On the router where you will be moving the .100 server go ahead and configure the secondary subnet with the 255.255.255.248 mask. Then configure a GRE tunnel between that router and the router where the original subnet is. Then configure two static routes for the .98 and the .99 which have the remote peer tunnel address as the next hop. If you do this then the result should be that the network will direct traffic for .98 and .99 to the router with the new secondary subnet and it will then forward the packets through the GRE tunnel to the original subnet, and those hosts should now be reachable in their original location while the .100 is reachable in the new location.