Mark Minasi's Reader Forum
Mark Minasi's Reader Forum
Home | Profile | Register | Active Topics | Active Polls | Members | Search | FAQ | Minasi Forum RSS Feed
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 General Forum
 Miscellany (Technical)
 changing LAN IP address		  New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

Polymath5
Honorable But Hopeless Addict

USA
2385 Posts
Status: offline
Posted - 06/26/2012 :  11:16:05 AM  Show Profile  Send Polymath5 an AOL message  Click to see Polymath5's MSN Messenger address  Look at the Skype phone address from Polymath5  Send Polymath5 a Yahoo! Message  Reply with Quote
Hi All,

We are going to have to change our LAN's IP address range from 192.168.1.xxx to another C range. Don't know it yet. But lets say it's 192.168.55.xxx.

We use DHCP for workstations, fixed IP for everything else. Lease times are 4 hours. 85 users. We don't have internal web or Exchange. Running 2003 as DC. Have 2 ESX hosts.

What would be a recommended procedure to follow to minimize impact on everyone. I would do it after hours.

Thanks!

Playwell
Honorable But Hopeless Addict

Netherlands
4819 Posts
Status: online
Posted - 06/26/2012 :  4:13:35 PM  Show Profile  Visit Playwell's Homepage  Click to see Playwell's MSN Messenger address  Reply with Quote
for which part?
'People who think they know everything are a great annoyance to those of us who do. '
Quote by Isaac Asimov
Go to Top of Page

Polymath5
Honorable But Hopeless Addict

USA
2385 Posts
Status: offline
Posted - 06/26/2012 :  4:19:13 PM  Show Profile  Send Polymath5 an AOL message  Click to see Polymath5's MSN Messenger address  Look at the Skype address for Polymath5  Send Polymath5 a Yahoo! Message  Reply with Quote
to change the entire LAN. Sorry if I wasn't clear. Basically re-IP the office. I know I have to change the DHCP scope/pool and I'm thinking that will be picked up by the workstations. Any gotcha's in there? Same with changing the Servers fixed IP. Anything in there and in DNS I have to be watching for?
Go to Top of Page

Isaac
Here To Stay

USA
208 Posts
Status: offline
Posted - 06/26/2012 :  4:52:57 PM  Show Profile  Reply with Quote
1) SuperScope in DHCP
2) Start distribution of new IP range
3) stop distribution of the old range
4) turn on Dynamic updates for the AD zone in DNS
5)setup a log on script with batch file to run "ipconfig /registerdns"

Go to Top of Page

Polymath5
Honorable But Hopeless Addict

USA
2385 Posts
Status: offline
Posted - 06/26/2012 :  5:09:54 PM  Show Profile  Send Polymath5 an AOL message  Click to see Polymath5's MSN Messenger address  Look at the Skype address for Polymath5  Send Polymath5 a Yahoo! Message  Reply with Quote
I've never used SuperScope. Any guidance on that? I'm reading the MS stuff and not finding any step by step help.
Go to Top of Page

anthony
Moderator

USA
2373 Posts
Status: offline
Posted - 06/27/2012 :  9:37:05 PM  Show Profile  Reply with Quote
I "think" he means change your subnet mask from 255.255.255.0 to 255.255.0.0 then do your changes. That way you can change your scope without effecting connectivity to the old stuff. By changing the the 3rd octet to 0, you allow your old subnet to see your new one (since to the new subnet mask 192.168.x.x is all one network), then you can transition as you see fit in a time frame of your choosing without trying to do it all in one swoop.
Go to Top of Page

Isaac
Here To Stay

USA
208 Posts
Status: offline
Posted - 06/28/2012 :  2:11:53 PM  Show Profile  Reply with Quote
We have done it in the past once or twice for whatever the reason.
1)Networking team adds the new subnet (192.168.345.x, Mask; 255.255.255.0 and gateway 192.168.345.999 ) to the same ports as current subnet. Basically we now have both, the old and new networks running on the same wire. No idea how it works, I could ask them for sample config from the cisco switch.

We test the network manually- assign a PC with new IP/gateway and see if it physically works.
-Can we ping PC in the other networks ?
-do file shares work ?
-does RDP still work between networks ( yes, our RDP stopped working after moving to a new network.

-Does internet work?
- Nope.
-Good.
:)

We, the server team do the following:

1) SuperScope in DHCP
http://technet.microsoft.com/en-us/library/cc784138%28v=ws.10%29.aspx
a)We move /recreate the already existing scope into it.
b)Create new scope here as well, the one we are moving to.

2) Start distribution of new IP range
a) Turn on both scopes, and and let your workstations pick up the IP addresses, with lease time of 2-4 hours.
b) 10% rule. We distribute only 10 % of new IP addresses, to test the waters, and see if everything works fine on the new network.

3) stop distribution of the old range
5-10 days later, and if no complains come in, we just stop distribution of the old IP addresses.
the 10% just became 100% rule. Distribute all/necessary number of IPs.

4) turn on Dynamic updates for the AD zone in DNS
This one is usually on by default, but does not hurt to check it out.
5) setup a log on script with batch file to run "ipconfig /registerdns"
this is to force the AD/DNS with its new up address

This is an overview of how we usually do it. I don't think I missed any steps here.
Edited by - Isaac on 06/28/2012 2:17:25 PM
Go to Top of Page

Polymath5
Honorable But Hopeless Addict

USA
2385 Posts
Status: offline
Posted - 06/29/2012 :  5:03:15 PM  Show Profile  Send Polymath5 an AOL message  Click to see Polymath5's MSN Messenger address  Look at the Skype address for Polymath5  Send Polymath5 a Yahoo! Message  Reply with Quote
Thanks Isaac. Is there anything wrong with on a weekend, just manually changing the ip on all the fixed devices, changing the ip scope and rebooting all the PCs? Taking 85 workstations.
Go to Top of Page

Isaac
Here To Stay

USA
208 Posts
Status: offline
Posted - 06/29/2012 :  10:55:25 PM  Show Profile  Reply with Quote
Weekends preferred of course. Do you have a DNS, file or print servers on site? If their IPs changing then don't forget to register those first. It's not as hard as you think :0, as long as you planning and testing ahead.
Go to Top of Page

anthony
Moderator

USA
2373 Posts
Status: offline
Posted - 06/30/2012 :  1:51:43 PM  Show Profile  Reply with Quote
We just did this a few months ago. We changed from a 128.1.0.x subnet to a 10.0.X.X subnet. I highly recommend that you do several scans of your network and keep a list of servers in Excel with the old IP in it. Then BEFORE you start, plan out which systems will have what IP, etc. and have that in Excel as well. As you change addresses, mark them off on the sheet, so you don't forget anything. PLANNING BEFORE IS KEY. We ended up going with a 255.255.0.0 subnet so we would not have to worry about doing it again for a very long time.

We did something like:

Servers: 10.0.10.0
Network Devices: 10.0.20.0
Printers: 10.0.30.0
Workstations (DHCP Scope) 10.0.40.0

That way we could have well over 250 devices before we would need to change the numbering scheme from the second octet. (for a company our size, the only thing that will ever come close MIGHT be workstations, and then we could do .41.0, .42.0, etc.

We pulled the trigger on a Friday night at 5pm, and were done by 10pm.

We made changes and re-booted everything though. On Monday ther were a few tiny things, but all in all - it went pretty smooth.
Go to Top of Page

Polymath5
Honorable But Hopeless Addict

USA
2385 Posts
Status: offline
Posted - 06/30/2012 :  7:19:52 PM  Show Profile  Send Polymath5 an AOL message  Click to see Polymath5's MSN Messenger address  Look at the Skype address for Polymath5  Send Polymath5 a Yahoo! Message  Reply with Quote
Thanks Anthony.

I have a complete list of all servers and printers. So that part is covered. I'm just wondering in DNS what needs to be changed so I don't miss anything.

Did you just change the scope in DHCP to the new scope, then reboot the workstations?
Go to Top of Page

Playwell
Honorable But Hopeless Addict

Netherlands
4819 Posts
Status: online
Posted - 07/01/2012 :  08:23:42 AM  Show Profile  Visit Playwell's Homepage  Click to see Playwell's MSN Messenger address  Reply with Quote
You have the firewall covered as well?
'People who think they know everything are a great annoyance to those of us who do. '
Quote by Isaac Asimov
Go to Top of Page

Polymath5
Honorable But Hopeless Addict

USA
2385 Posts
Status: offline
Posted - 07/01/2012 :  10:45:49 AM  Show Profile  Send Polymath5 an AOL message  Click to see Polymath5's MSN Messenger address  Look at the Skype address for Polymath5  Send Polymath5 a Yahoo! Message  Reply with Quote
I believe I do. Just need to change the settings to translate to the new IP settings. Basically change anything pointing to the old range, to the new range. Correct?
Go to Top of Page

Polymath5
Honorable But Hopeless Addict

USA
2385 Posts
Status: offline
Posted - 07/02/2012 :  1:05:19 PM  Show Profile  Send Polymath5 an AOL message  Click to see Polymath5's MSN Messenger address  Look at the Skype address for Polymath5  Send Polymath5 a Yahoo! Message  Reply with Quote
My big question is what needs to be updated in DNS specifically.
Go to Top of Page

Playwell
Honorable But Hopeless Addict

Netherlands
4819 Posts
Status: online
Posted - 07/03/2012 :  03:50:12 AM  Show Profile  Visit Playwell's Homepage  Click to see Playwell's MSN Messenger address  Reply with Quote
only the static entries, if there are any.
DC's update their srv/soa/a/aaa records after a 'net stop netlogon && net start netlogon'
'People who think they know everything are a great annoyance to those of us who do. '
Quote by Isaac Asimov
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Mark Minasi's Reader Forum © 2002-2011 Mark Minasi Go To Top Of Page
This page was generated in 0.45 seconds. Snitz Forums 2000