Network setup for a small business (40-60 users)

[Transition]

Working on re-organizing a network for a small company to bring things up to par and was looking for some insight from you guys.

The network itself is screwy. The IP scheme falls in the range of 29.1.x.x which is odd. I'd like to hear some suggestions for what you guys would use as a corporate IP scheme. Keep in mind there is actually 6 branches. Right now Branch 1 uses 29.1.1.x, Branch 2 is 29.1.2.x, Branch 3 is 29.1.3.x, etc etc.. Clients are setup on a static IP scheme right now. I'd like to define a pool in each branch for DHCP and let all of the necessary periphials use statics.

My biggest concern is getting a good IP scheme going company wide and getting a policy to adhere to for adding new clients/periphials. Any insight as to what you guys would use is highly appreciated!

- RJ

 

[Garion]

Well, 29.0.0.0/8 is a class A, which means the whole block was assigned to someone - That happens to be the Department of Defense. This means you're probably pretty safe and won't have any overlaps with public Internet sites, but it's definitely NOT recommended. If you're up to re-IP'ing the whole network, use 10.0.0.0/8 - It's designed exactly for this purpose.

Designing an IP scheme is relatively easy. I've always done something like:

Host IP's Use
.1 - .15 Network devices (switches, routers, firewalls, etc.)
.20 - .40 Printers
.50 - .80 Servers
.100 - .130 Users with static IP addresses
.150 - .254 Users with DHCP addresses

It really doesn't matter how you assign addresses, as long as you come up with a standard and stick to it. Make sure your "buckets" account for all your device types and you should be good.

In terms of assigning subnets, ALWAYS give out more than you think. You never know what you might decide to do out there. For example, will you need a little firewall and a wireless network in each branch? That will chew through a couple of class C's.

- G

 

[Transition]

Thanks a lot for the info Garion!

 

[mboy]

NO offense, but if you arent sure what to use for a private LAN IP scheme, then you really need to hire a professional to straighten these guys out.
If you decide that you won't be doing that, then at least assign each office a different scheme in case you ever join the LAN's thru VPN tunnels. In addition if each office is a handful (up to 60) users, you are better off keeping the IP's static. WIll come in handy with most firewalls when it comes to selectively blocking who you want to have HTTP access to the WAN, websurfing monitoring, etc.