"Sharing" IP subnet across different WAN-linked locations

Answered Question
Aug 14th, 2009
User Badges:

I have a situation where one of my remote sites will be relocated to a different physical location in the next few weeks.


Their current location is connected to mine via a T1 line across two 3640 routers.

Using fake private IP numbers, it would look like:


Main campus subnet (10.0.30.0/23)

Remote subnet (10.0.14.0/23)

T1 subnet(10.0.10.0/23)



Main 6506 SUP1(10.0.30.1)---(10.0.30.2)eth0/0 Main 3640

Main 3640 S0/0 (10.0.10.1)----- (10.0.10.2) S0/0 Remote 3640

Remote 3640 eth0/0 (10.0.14.1)----remote switches.



The new location connects via an 8oGHz wireless link to 3750E switches.

Since the new setup no longer involves routing, I plan to use the switches' layer 3 capabilities to allow retention of the remote site's subnet. That allows me to avoid reconfiguring servers, printers, etc.


Is there a way to "share" that subnet across the two remote locations via VLAN or some other mechanism?

The goal is to have the same subnet present at both locations simultaneously.

This will allow me to move the servers to the new location while maintaining the user's connectivity at the present site.

Once the move is made, the old remote link will be dismantled.


I'm trying to avoid having to reconfigure the servers with new IP addresses, security certs, etc.


Possible or pipe dream?

Correct Answer by paolo bevilacqua about 7 years 8 months ago

I think the real issue is the move overlapping your vacations. If you want, I can come over and make it for you, August in Hawaii must be magnificent :)


Anyway, if you could put two additional routers (anything would do), you could work out something like bridging over GRE, hoping the reduced MTU do not cause to many problems.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
paolo bevilacqua Fri, 08/14/2009 - 15:33
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

I did not quire understood how new location is connected exactly...


And, probably you require connectivity between old and new location during the move, right ?

GRANT GATHAGAN Fri, 08/14/2009 - 16:38
User Badges:

Thanks for the response, p.bevilacqua


The new site will be connected to the main site with a 80GHz wireless radio link.

These are Layer 1 devices so, in essence, the switches at the remote site are the same infrastructure as the main site.


Since I don't want to have to reconfigure all the devices with static IP's, I will be recreating the remote site's IP subnet by using VLANs and the 3750E's layer 3 capabilities to serve as a router.


You are correct regarding the connectivity.

The whole point of this is to allow me to move the servers to the new site prior to date that the users relocate.

Their move date overlaps my vacation and I will not be present for the move.


If this is possible, I can move the servers at an earlier date.

If it's not, I have to pre-configure the switches at the new location, shut them down, and hope everything works when that my coworkers move the server and fire everything up at the new site.


Correct Answer
paolo bevilacqua Sat, 08/15/2009 - 17:53
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

I think the real issue is the move overlapping your vacations. If you want, I can come over and make it for you, August in Hawaii must be magnificent :)


Anyway, if you could put two additional routers (anything would do), you could work out something like bridging over GRE, hoping the reduced MTU do not cause to many problems.



GRANT GATHAGAN Sun, 08/16/2009 - 12:54
User Badges:

Yeah, I get that response a lot over here :)


I'm not familiar with GRE, so I'll have to look into it.


Attached is a jpeg to illustrate the question, in case visuals help trigger anything.



Attachment: 
Jon Marshall Mon, 08/17/2009 - 08:25
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Grant


1) Do the servers that you move into the new site still need to communicate with servers on the same subnet in the old site.


2) Are there an users in the old remote site that need to talk to these servers or are all the users in the main site.


If either 1) or 2) (2 in the sense of users being at the remote site) then you need to bridge between the 2 sites ie. the old remote site and the new one.


For this you could look at GRE as Paolo suggested or L2TPv3 which allows you to extend a vlan across a routed network. Either way you would need a temporary router in new site as 3750 switches don't support GRE or L2TPv3.


If however all the users were in the main site and servers you moved didn't need to talk back to old remote site then you can simply use host specific routes at the main site ie. the subnet route points to the old site, whereas the host specific routes point to the new site.


Unfortunately i suspect this is not likely however especially if you are using certificates.


Edit - i'm assuming the old remote site and the new one are not near enough to each other that you could have a temporary link between the 2 that would allow you to simply bridge the vlan ie. all traffic would go to old remote site and then if server was in new site it would simply be switched across the temporary link.


Jon

GRANT GATHAGAN Mon, 08/17/2009 - 11:08
User Badges:

Thanks for the response Jon,

The answers:

1) No, both servers at the old site (one Linux Web server, one NetWare file server) would be at the new site.

2) Yes, all users are still at the old site.

You are also correct on the physical proximity. The two sites are about 10 miles apart.


The overall goal was to allow me to move the servers to the new site before the users actually move.

The certificates are part of Novell's eDir authentication and identity mechanism.


When it's all said and done, it's actually less work to just move everything to a new subnet and be done with it.


It's not that difficult to change the neccesary certs and settings in the servers to allow them to be moved.


There are a couple of additional steps related to firewall static NATs that will need to be changed, but it's not that big of a deal.


There are only 9 devices with static IP addresses, most of them being printers.

The users will be able to see the servers, and changing the static IP's on 7 printers is not that much work.

We also use VoIP phones but that's very easy to deal with.


I'll just consider this one solved by the traditional method.


Thank you to both Jon and Paolo.

paolo bevilacqua Mon, 08/17/2009 - 11:11
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

You are welcome, enjoy your vacations and please remember to rate useful posts with the scrollbox below.

Actions

This Discussion