trying to setup a /23 .. times out..

[phaserx]

Hi all, i'm going to try and give as much detail as possible so people don't ask too many questions about why i'm trying to do what i'm doing or what equipment is being used. So please bear along with this post and hopefully you can help me.

The company network i'm on was setup about 10 years ago. The company was not expected to be large at all and was only expected to have 40 employees tops, so they only setup a /24 subnet. Now we have 65+ employees at this location, and another 20 at a different location that need to VPN in constantly to access our CVS repository. I've been assigned the task of expanding our /24 to a /23 .. Like a typical corporate environment, they care more about their product than they do about what serves their product, so there is no money spent on equipment to break the network into segments. It's just one giant segment, which i already know is bad and will cause more problems down the road, but we're going to work on that this year before it gets too bad. We already submitted the budget wishlist for all sorts of routers and bridges and switches to make this network somewhat pretty.

What i'm trying to accomplish is to leave all of the equipment with static IP's on the 192.168.200.0 portion of the network, this way i don't have to re-do DNS and shuffle IP's around. And then i'm going to configure DHCP to hand out IP's on the 192.168.201.0 portion of the network.

Anyways, so I'm trying to setup this /23 network. I changed the netmask on all of the equipment with static IP's (servers, workstations, switches, firewall) to 255.255.254.0, I also changed the broadcast address on all these pieces of equipment to 192.168.201.255 .. I configured DHCP to hand out IP's on 192.168.201.85 - 192.168.201.254 with the subnet mask of 255.255.254.0.

This all appears to work. DHCP hands out IP's flawlessly, I can talk to any IP on the 192.168.200.0 portion of the subnet and vice-versa. I can browse the windows domain flawlessly, check e-mail flawlessly and everything. *BUT*, I keep getting weird timeout issues that are causing some major problems. I've had to revert back to 192.168.200.0/24 until I can figure out what's causing this.

The problem is, if you are using DHCP and get handed a 192.168.201.XX IP, network connectivity is sporadic. For example, I can check my e-mail for an hour straight with no problems, and then all of the sudden it can't find any servers and i have no network connectivity. This was happening for everybody with a DHCP address the other day. People couldn't get to our web server, mail server, windows domain, etc.. There would be about 20 seconds of no connectivity, then all the sudden everything would work flawlessly again for about 10 - 15 minutes, and then it would lose connectivity. If you are on the 192.168.200.XX portion of the subnet, you never lose connectivity and can talk to everything with no issues. It's just the systems being handed a 192.168.201.xx IP.

Is there anything I should look for or try doing? Someone suggested that I try rebooting the Cisco Catalyst 2950G switches I have. After I set those up for a /23, I never rebooted them. I didn't think I would need to. Could this be causing the problem? Anything else I should look for? Any equipment I should have to make this work? As far as I know, I shouldn't need any additional equipment and everything should be setup to work fine as is. This is really boggling my mind.

Any help or suggestions is much appreciated.

Thanks,

JP

 

[Boscoh]

When in doubt, reboot.

Pick a time, and reboot those switches. Whether it actually helps or not, as a rule I always reboot any equipment after making a major configuration change to it.

See if that helps. If not, try looking at the logs on the switches when the problems occur and see if there are any error messages in the logs.

 

[phaserx]

I think I will give this a shot.

Another thing that someone mentioned to me is that cisco switches tend to have problems if they are assigned IP's.. I don't know how true this is, and if it depends on the version of IOS or the model hardware or not. I can't see how it would cause problems, Cisco is generally awesome hardware.

thanks,

jp

 

[spidey07]

let it keep running flaky like that and simply send an e-mail to your boss and say "its going to continue until we get a layer3 switch"

I do have a question...why do you need a /23. A /24 gives you 254 addresses.

 

[phaserx]

I'm aware of how many IP's a /24 gives me. We have a lot of servers here for what our shop does. And on top of that, 50% of the employees each have 2 computers. A desktop and a laptop. We are growing exceptionally fast as of late too, so now we're starting to get IP address conflicts in our DHCP pool and only have about 10 free IP's left in general on our /24 ..

Can you explain to me why we need a layer 3 switch to accomplish what i'm trying to do? What layer switching does the cisco 2950G do, layer 2 only?

I would love to say to my boss "in order to make this work, we need layer 3 switches", but he's going to ask why, and that I don't know.

Thanks,

JP

 

[spidey07]

I'm just saying 250 hosts on the same network can make things really sluggish because of broadcasts. and if your growing its important to do the network stuff first otherwise your stress levels will go thru the roof.

But something weird is going on if everythings is working and just decides to quit. You might have a proxy arp problem (some router or whatnot accepting all your traffic when you don't want it to)

the problem you describe really will take a lot of troubleshooting to figure it out. If this is a truly flat network (the 2950s are only layer2) and your problem only happens after the change in addressing then we're probably facing a layer3 problem. When the problem is occuring check your arp tables on a PC...then check them again when its working and see if any of the addresses changed (they should never change).

As a test you could just setup your machine with a 201. address and a /23 mask.

DOH! Just re-read your post. Did you change the mask on all the servers as well and all the routers attached to the network? If not then all kinds of weird stuff can happen.

 

[Kadarin]

Get some traces (Ethereal) in promiscuous mode both while the problem is occurring and while it is not, and take a good look at what you see. That should give you some good insight as to what's going on.

 

[ktwebb]

I agree. Sniff it and see if you see anything odd, specifically when it starts hosing up. Ethereal is not bad and a free download.

 

[phaserx]

Spidey: you do make a good point about the future expansion and what not. And in response to your question, yes, I changed the netmasks on ALL of the devices.. all routers, all switches, all gateways, all servers. But now that I think about it, I believe there were a few servers I forgot to change the broadcast on, so they still have a broadcast of 192.168.200.255 .. Could this potentially cause a problem if someone on the 192.168.200 portion of the subnet sends out a broadcast using a broadcast of 192.168.200.255?

And to the last couple of responses:

Yeah, i have tcpdump and ethereal on my pc here, but didn't even think to use that.. If I get a free moment, i'm going to try and toy with it today.

 

[spidey07]

phaser.

Yes, having hosts broadcast to 192.168.200.255 when the true broadcast address is 192.168.201.255 could cause some really weird stuff.

At layer2 it is a all ones broadcast - ffff.ffff.ffff so all hosts will pick it up but then it will be examined at layer3. Any hosts with a /23 will discard it because it is not intended for them.

 

[Buddha Bart]

If you have machines with the wrong broadcast address, that woud imply that no one is answering their arp requests, making them unable to figure out where to send traffic.

BTW, if you're going flat, why not just jump up to 172.16.x.x, aka a class B.