IP range usage question 4

[gman10]

Hello all-

I hope this is the right forum for this question, if not I'll post it where necessary.

Well, here goes:

I'm trying to work out the right IP scheme/CLASS for a 3 site assessment.
There are 3 buildings. each will have 500 users (total 1500 users) all will need a PC so all must have individual IP addresses and each building should be in different subnets (unless there's a better way, I've been told for management purposes 3 different subnets makes sense) anyway..
My question, what is the right CLASS/range to use for this scenario? I'm thinking maybe a CLASS "A" ie.

10.10.1.1-10.10.1.500/24 SITE 1
10.10.2.1-10.10.2.500/24 SITE 2
10.10.3.1-10.10.3.500/24 SITE 3

Would this do it? just curious ..

Thanks everyone for all the massive support!

gman

 

[aftertaf]

ohla.

STOP!!!

10.10.1.1-10.10.1.500/24
is not possible......
without going into technicalities.... you can have a maximum of 253 hosts... on a 24 bit mask

10.10.1.0 - 255 (0 and 255 not possible, 256-2=254)

to have 500 hosts per subnet, you need a custom mask
/23 or 255.255.254.0
this will let you have 1024-2 hosts....

3 subnets for 3 different sites does make sense....

the actual address scheme you should use, i'm working on it...
not my best strength!!

Aftertaf (david)
MCSA 2003

 

[aftertaf]

Correction time:
you need 500 hosts.
you can use a class B network and subnet

you can restrain the n° of hosts to 510 with a class B /23 subnetted network ID, but this doesn't allow for new additions...

better going for a class B /22 net
which allows 1022 hosts.

172.16.4.1-172.16.7.254/22 SITE 1
172.16.8.1-172.16.11.254/22 SITE 2
172.16.12.1-172.16.15.254/22 SITE 3

/22 = 255.255.252.0 as a mask.

Aftertaf (david)
MCSA 2003

 

[buddafish]

/23 = 510 hosts ... 255.255.254.0
/22 = 1022 hosts ... 255.255.252.0

 

[aftertaf]

or replace 172.16.--- with 10.10.
the class B allows you to have at most 33-64 subnets,
if you use class A, its between 8000+ & 16000+ . . .

or you ca go here

http://www.subnetmask.info

don't worry, its quite complicated when you're not used to it... ive been trying to get my head round it for months

Aftertaf (david)
MCSA 2003

 

[gman10]

Thanks sooooo much, I think this situation will be better off with a /23, I'm slightly high balling 500 users per site (actually will be around the 450 user range MAX per site. I said 500 because I had a feeling I'd run into these complexities in not be able to add more later.. Thanks again, you bot5h deserve a star!

gman

 

[gman10]

Aftertaf,

Thank you for your elaborate schemas and insights.. It shows that you've been delving into the IP schema world for quite some time. Why can't I find local yet helpful people like this.. I guess to each it's a "job security" thing..


gman

 

[aftertaf]

gman10:
don't forget, it's 0s + 1s...

binary address:
10101100.00010000.00000000.00000000
converted each octet back to decimal:
=172.16.0.0

/23=
11111111.11111111.11111110.00000000
/22=
11111111.11111111.11111100.00000000



Aftertaf (david)
MCSA 2003

 

[aftertaf]

delving into"
=
doing my head in trying to figure it out... seems to work a bit tho...
i gave you an anwser thx to my mcp prep books cos i cannont do it off the top of my head...

but an understanding of IP addressing and network masks, and how it all fits together is essential, otherwise its all chinese

Aftertaf (david)
MCSA 2003

 

[buddafish]

download the ip subnet calculator after you learn how to do it with pencil and paper...

http://www.wildpackets.com/products/ipsubnetcalculator

 

[gman10]

Hi Aftertaf-

Just a follow up.. so if I'm using a /23 subnet Class B
172.16.X.X IP range.. then what will my actual ranges be ?

172.16.x.x-172.16.x.254/23 SITE 1
172.16.x.x-172.16.x.254/23 SITE 2
172.16.x.x-172.16.x.254/23 SITE 3

Just want to be sure I achieve the right 3rd and 4th octet's in my ranges.. sorry, new to this.. still learning as a go.

gman

 

[aftertaf]

hehe was working on it...

172.16.0.1-172.16.1.254/23 SITE 1
172.16.2.1-172.16.3.254/23 SITE 2
172.16.4.1-172.16.5.254/23 SITE 3

you have to do it in binary then convert back to decimal - in any case, I do

Aftertaf (david)
MCSA 2003

 

[gman10]

Thx,

yes, I was just trying that, am getting the hang of binary to decimal conversions.. not easy at first but once you understand the format it flows nicely!

Your so helpful!! thanks again.. I'm sure you have a busy day and can't spend your time helping cruds like me all day. I appreciate it from everyone else as well. Thx also to BUDDAFISH, will download the IPSUBNET calc once I've nailed these concepts..

gman

 

[aftertaf]

binary
00000000
=decimal 0

binary
00000001
=decimal 1

binary
00000010
=decimal 2
_____________________________________
128 64 32 16 8 4 2 1
0 0 0 0 0 0 0 0
_____________________________________

when you subnet, you borrow one or more of these bits from the network portion of the IP address to use on the host part of the net ID

the subnet mask determines which part of an ip address is the network id and which is the host id, by using AND logic

take site A
172.16.0.1/23

10101100.00010000.00000000.00000001 - ip address
11111111.11111111.11111110.00000000 - subnet mask

10101100.00010000.0000000 = network ID part
0.000000001 = host ID part

the /23 means 23 1s in the mask...
so the 24th can be used for the host... which gives you
______________________________________
256 128 64 32 16 8 4 2 1
0 0 0 0 0 0 0 0 0
_______________________________________
nine bits to play with



Aftertaf (david)
MCSA 2003

 

[aftertaf]

I'm sure you have a busy day

it's friday, i'm going home in 1 hour... and i'm also scanning tektips to stop chainsmoking...

there are days where i dont have a lot to do... if i can help out, and learn at the same time.... everyone benefits



it's a pleasure.....
i dont have to have this knowledge where i work right now, it stops me from going rusty and forgetting..
so thx for having a problem too

Aftertaf (david)
MCSA 2003

 

[buddafish]

here is an informative site:

http://www.learntosubnet.com/

 

[gman10]

Thx guys!!

Both very informative.. Aftertaf! If you really smoke perhaps I can sway you to quit, I've been there and it's not so difficult to ween yourself off of nicottine.. You will conventionally gain massive urges (I've cheated afew times) but overall worth it.. "go home in one hour"? So the man works nights? or perhaps you only work when you want to.. kudos to ya eitherway.

Buddafish, thats an awesome learning site, you the best! I'll comb thru the videos!

thx all!
gman

 

[aftertaf]

actually, am in France
3:30 pm

Aftertaf (david)
MCSA 2003

 

[gman10]

Enjoy your evening Aftertaf!

Buddfish, talk about a well rounded learning site. wow!!

gman

 

[gman10]

Hello Buddafish,

Wondering is you could help me briefly with this access-list and what it truly means.

access-list 110 deny tcp any host 172.16.xx.xx eq 23 log

The way I see it interpreted: This ACL is saying to deny any traffic to host 172.16.xx.xx. thru port 23 ?? Is this right? what does log do?

If what i'm saying is incorrect then.. maybe it's telling me that this host 172.16.xx.xx will be denied tcp access outside via port 23? is that better?

If neither of my answers are right then I need to really vamp up studing!

thanks all

gman