What's the best way to cope with IP address growth?
Each time we need more public IPs, we end up cashing in all existing addresses for a new, bigger, contiguous block. The bulk of our network must be migrated (a big job) merely to gain a few more public addresses.
Is there not a simple way to keep the old addresses in service while adding a new, unrelated Class C?
For example, could we put our server farm on the private range of 10.x.x.x, and then employ NAT (Network Address Translation) to port those private addresses to multiple Class C ranges delegated to us? I have found firewall boxes that can do NAT, but alas, they support only one public-side subnet. If I understand this correctly, we're back to a single contiguous block -- or, a router and pricey firewall box for each subnet. Argh!
I believe that our upstream provider does support what you describe, but because our small network is not setup to use multiple subnets, they ask us for the old IP block back. That's understandable.
So, for a growing host to support multiple subnets, which is the best, "future-proof" approach?
1.) Put your server farm on a large private network (a la 10.x.x.x) and employ NAT. Find a firewall appliance that supports NAT for multiple public (WAN-side) subnets (if such a thing exists). When IP address changes DO occur, fleets of servers can be migrated to the new addresses by a single NAT configuration change.
2.) Forget NAT. Use the addresses as given to you by your upstream provider. Insert a multi-subnet router into the network (behind firewall) and divide the server farm accordingly. Expect to fork out dollars for an additional hub/switch each time a new subnet is added. Moving servers to a new IP range will be laborious and disruptive.
Are these my only options?
Thank you so much for your advice. All input is greatly appreciated.
How are you connected to your provider? If they are just feeding you a Ethernet cable for your switch and can route you secondary subnets your switch should be able to handle multiple subnet on the same switch.
For example, say we have a customer with 10.0.0.1/24 and 192.168.0.1/24. We put 10.0.0.1 as the primary IP on the port that feeds their switch and 192.168.0.1 as a secondary. The customer's unmanaged switch can handle both subnet space on the same switch so one server can work with both the 10.0.0.X and 192.168.0.X subnet at the same time. No special configuration is needed. It does create an increase in broadcast traffic, but nothing performance hindering.
Does that help?
Mike @ Xiolink.com http://www.xiolink.com 1-877-4-XIOLINK
Advanced Managed Microsoft Hosting
"Your data... always within reach"