Hello. I'm working on an IT staff at my current company. As of this year, we started to run into issues with our available IP Addresses (mainly do to our increased staff numbers and additional Wireless Routers). We currently operate on a /24 subnet. Our company has several branches, but each branches' LAN is basically on it's own, with traffic tunneled direct back through our main branch via adtrans (of which we're moving on from next year).
Currently, the main branch in issue is set up simple a on 192.168.0.xxx/24 scheme. We were looking to move into a 255.255.254.0 subnet here so that we'd have the additional 254 addresses. Couple things up front:
-
The two main of us in IT aren't incredibly network efficient. Outside of basic DNS, Routing, ect... our skill set is a lot of trial and error. However, after looking up the process for this, it seemed something well within our ability. I have basic CISCO switch knowledge, but it's mostly from looking into the existing Switch setup myself.
-
I'm aware that vlanning it likely a better way to go, but that's currently above what we feel comfortable doing. We're also trying to avoid calling in an outside company if we can avoid it for the immediate time being.
This past weekend, the two of us came in with during off-business hours with attempt to make the switch over. However, we ran into an issue towards the end steps, and had to call it quits for that day. I'm looking to get some incite into making sure the process I believe is to be done to make this work is correct, and if so, if anyone has ideas as to what could be causing the problems we had.
Statement of what we're trying to achieve:
-
We want to expand out current subnet from to a /23, to open up to a total of 512 addressed.
-
In the end, we want to make it so that any DHCP device is given a .1.xxx IP (using a pool of .1.10 - .1.250 on our main domain controller). Any static devices will be kept using a .0.xxx (for the sake organization).
Process / Steps that we did in preparation:
-
1) We logged into every static device on our local network, and updated the IP Address with the new subnet mask of "255.255.254.0". This included all switches, physical and vm servers, copiers and printers, and physical PCs with static IPs. The only device that we did not update was the Default Gateway (a sonicwall device) since I believe that has to be the last one up change. Since we were expanding the subnet, there we no issues here as expected.
-
2) Over a previous night, we recreated the DHCP Pool on our main DC with the new subnet mask. Our original DHCP Pool ran from 192.168.0.10 - .0.170. For the new pool, for the sake of testing, we created the pool range from 192.168.0.10 - .1.250. However, I basically excluded our the ranges of 192.168.0.171 - .1.250 so that the computers, for the time being, would ONLY get IPs that were in the existing range. This way we could test with static .1.xxx IP addresses before making the full switch. Leases were given a very short time so they would update when changes were made before the work day started on Monday.
-
3) The morning that we came in to make the switch over on the Default Gateway, everything was checked to make sure. All static devices were up and working with the new subnet mask, and all the DHCP devices had taken the new IPs with subnets of 255.255.254.0 as well.
This is where we ran into problems. As soon as we changed the Default Gateway (192.168.0.254) from 255.255.255.0 to 255.255.254.0..... we started having a LOT of external network issues. I had set my computer statically to to IP = 192.168.1.99, SM= 255.255.254.0, DG = 192.168.0.254, while my other staff statically set in the .0 range so that we could test from both ends. From what I remember, here is generally a list of things that were happening:
-
For both of us, we seemed to maintain internal network fine; any RDP sessions stayed connected by Computer/Server Name. However, I believe we had ping issues. I could ping to him .1 to .0, but not vice versa.
-
For both of us, the Default Gateway was almost ALWAYS not available We would get disconnect, reload, ect errors when trying to get back into it. Sometimes we could get in for a couple minutes, while sometimes it was seconds before it dropped. Every time we would make this change, we made sure not to "save" the config, so that if we ended up completely locked out we could reboot the device and have it return with it's originally 255.255.255.0 configuration.
-
As for external network, there would be sporadic "spurts" of network. However, it would never last for long (after getting our hopes up), and would mostly stay down. Weird stuff was happening. From my PC (the .1 one), I had a constant ping going out to google.com. It would ping out fine for a couple minutes, and then being unavailable for another couple. However, 90% of the time google.com would not load in a web browser (DNS Probe or Connection Unavailable-type errors would show through Chrome). Even when the ping was going through.
-
Doing some quick research that day, there was mention that everything "in-line" should be restarted after changing the default gateway IP. Something about the devices needed to re-authenticate a handshake with the gateway? Other sources said it should matter.... regardless, I ended up restarting any switch in line to where both of our computers should have been affected. We also restarted our DNS server in case that had to update with any additional information. I even restarted my computer along with Disable and Enables of the Ethernet adapter just in case. No avail.
On paper, from any research that I had done prior to this attempt, I believe that we had all the steps correct. You first change any static devices to the new subnet mask. Also, you want to prep your DHCP Pool with the new information and make sure they have low lease times so they update with the changes. The LAST thing you want to update is the Default Gateway with the new subnet mask.... and that should be it.
There shouldn't be ANY overlap with any of the external branches or conflicting IPs, and we don't have any devices in the 192.168.1.xxx range already. Currently, our branch here is still "prepped" for the switch over. All devices EXCEPT our Default Gateway have a subnet mask of 255.255.254.0. It's just once we switch that over; external connections basically stop working.
Is there something that we are blatantly missing in the procedure? On paper, "should this work"? Any general advice on what we might be forgetting to do?
If not, then do anyone have any ideas what might be causing this issue? It seems like external connections are getting "confused" by something once we make the switch. Pings seems to get in and out from external sites, and we'll get blips of connect through the gateway (clearly, since I loaded google / facebook / youtube to test several times fine, only for it to complete drop out seconds later).
No comments:
Post a Comment