06-08-2017 05:12 AM - edited 03-08-2019 10:54 AM
Dear all,
I am writing with regard for the need to expand or add new subnet for serves inside data center.
Actually i have dedicate a class A /23 ipv4 with e maximum 510 hosts for all servers.
Gateway is configured directly into firewall interface which is use to separate data canter from other inside segments like user etc.
I have a request for additional 250 hosts to add in data center.
All the other subnets near class A /23 ipv4 are in use already.
I would like to request your help, share ideas and recommendations how can i resolve this issue.
I look forward to hearing from you.
Thank you in advance.
06-08-2017 05:35 AM
Just use another subnet, doesn't matter whether it is near the existing one or not.
Is the problem that you do not have a spare interface on the firewall or that you need the new servers to be in the same vlan as the existing ones ?
Jon
06-08-2017 07:04 AM
Ok, i will find another subnet /24.
I do not have a spare interface on the firewall.
Doesn't matter whether he new servers to be in the same vlan as the existing ones.
Bledi
06-08-2017 07:20 AM
If you do not have a spare firewall interface where are you planning to route the vlan/IP subnet ?
Jon
06-08-2017 07:25 AM
I have no idea
What do you recommend?
Bledi
06-08-2017 07:32 AM
If you need to firewall then perhaps use the same interface.
Jon
06-08-2017 07:47 AM
Correct, i need to firewall.
You mean to create a sub-interface on firewall?
Bledi
06-08-2017 07:56 AM
Yes that is the only way to do it if you need to use a new vlan/IP subnet assuming your firewall supports it and it would mean some downtime while you configured it.
The alternatives are to increase the subnet mask of the existing server subnet but you have said you can't do that, to use a new subnet big enough for all servers but that would mean readdressing all servers which is impractical or using the same vlan for the new servers with a different IP subnet but this would mean your firewall would need to support secondary addressing on the interface and I doubt it would.
The secondary addressing solution would be the least disruptive and it would mean all servers were in the same vlan. I tend to think of it as a temporary measure though rather than a permanent one..
Those are all the choices I can think of.
Jon
06-11-2017 11:36 PM
I totally agree with you to use a new subnet big enough for all servers.
This would be a permanent solution.
But in this, i have some ambiguity.
Currently i use x.x.x.x / 23 and normally tend go to one bigger y.y.y.y / 22
1) y.y.y.y / 22 -> What problems will i have with the broadcast ?
What are the measures to manage it?
2) y.y.y.y / 22 -> Same layer interaction, how it can be run to work in this case?
( this is my idea )
3) What else should i consider before i go to y.y.y.y / 22 ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide