Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
382
Views
4
Helpful
6
Replies

Moving to a new Address Class

gavin.mckee
Level 1
Level 1

‎11-27-2006 08:00 AM - edited ‎03-05-2019 01:02 PM

Hi,

I am planning to move about 150-200 servers to a new network environment. At present the IP address range is 172.22.x.x we are moving to 10.64.x.x. I need a way to decouple clients from the existing range. We provide many ways for clients to connect to our services. The internet, extranet via TNS and BT Radianz. Some of our properitary applications have IP address information hardcoded into them. I am thinking that I can use NAT to say if you are targeting say 172.22.150.1 you should be redirected to 10.64.1.1? Is this the best way to do this?

Should I employ a specfic device to do this.

Any help well rated.

Gav

Labels:
0 Helpful
6 Replies 6

ankbhasi
Cisco Employee
Cisco Employee

‎11-27-2006 08:17 AM

Hi Gavin,

NAT will going to be a good solution but provided all your servers to which clients will access are behind some router which supports NAT. I mean clients are seperated from servers subnet and there is some router between them.

If your network design has some routers between servers and clients configuring NAT will going to be a good solution I believe so.

Ankur

gavin.mckee
Level 1
Level 1
In response to ankbhasi

‎11-27-2006 08:26 AM

Thanks Ankur,

I think that I will be able to place a NAT device between the clients and our network.

We have a 6509 in the core/distrubtion of our network that supports NAT on the MSFC. I think we can build NAT tables here pointing outwards towards our new network.

:)

0 Helpful

scottmac
Level 10
Level 10
In response to gavin.mckee

‎11-27-2006 11:06 AM

NATing in the core is usually (at least by Cisco design standards) considered a bad design.

Given that you are migrating, consider using secondary addresses onthe server segment(s).

(original)

int fa0/1

ip addr 172.22.1.1 255.255.255.0

(with secondary addressing)

int fa0/1

ip addr 172.22.1.1 255.255.255.0

ip addr 10.1.1.1 255.255.255.0 SECONDARY

That way either address will work until you completely migrate the servers to the new block.

Servers that must remain hard-coded with the old address can remain on a separate subnet (172.22.x.x) or, worse case, NATed ... but you reduce the overall NAT processor / memory / table loads.

You can also (temporarily) put alias addresses in your DNS that tie back to the original address if needed. The DNS can also be set for address substitution, I believe.

SECONDARY addresses were created with the idea of easing migration problems. IMHO, it's the only real reason for using them.

Give it a try on a pilot system, I think you'll find it easier and less error-prone (think encrypted traffic) than NATing (especially in the core).

Good Luck

Scott

0 Helpful

eugene.beckett
Level 1
Level 1
In response to scottmac

‎11-27-2006 02:53 PM

you might also consider putting secondary addresses on the hosts that cannot have the ip address replaced -

0 Helpful

gavin.mckee
Level 1
Level 1
In response to eugene.beckett

‎11-28-2006 01:53 AM

Does secondary addressing not cause huge problems with routing?

We will need to maintain a fully functional production network while the migration is happening.

The new site will run OSPF. The current production sites are running RIPv2

0 Helpful

amit-singh
Level 8
Level 8
In response to gavin.mckee

‎11-28-2006 02:05 AM

Hi Gavin,

With OSPF enabled you might get into a lots of problem with secondry addresses as OPSF doesnot form adjacency over the secondry addresses. You have to really give it a big thought to get to the final plan.

-amit singh

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card