Announcement

Collapse
No announcement yet.

How does a complete internal IP restructure affect AD and DNS?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How does a complete internal IP restructure affect AD and DNS?

    I've inherited a network that is in many ways in disarray. For starters it's using a public IP scheme on the NAT side of things.

    Right now everything is 90.0.0.x which if it isn't already will likely cause routing problems.

    I want to reconfig our router to start handing out 10.x.x.x IPs, but what am I going to have to do with AD and the DNS settings to make this go smoothly?

    -A

  • #2
    Re: How does a complete internal IP restructure affect AD and DNS?

    I inherited a network using 150.150.150.0/24, I've ran it for three years with no issues. The only problem I will ever run into is if someone tries to get to a website using that address.

    If that's your only concern you don't need to trouble yourself renumbering your network. If you still want to do it, there's been plenty of questions here on changing a DCs IP so just search around.

    Comment


    • #3
      Re: How does a complete internal IP restructure affect AD and DNS?

      Using public ip addresses internally is unorthodox but it isn't wrong. Before RFC1918 everyone used public ip addresses internally. The reason for implementing RFC1918 wasn't security, it was to slow down the depletion of the IPv4 address space by reducing the number of routable IPv4 addresses required in a LAN. The security benefits were unintended.

      I inherited a network about 3 years ago that uses routable ip addresses and as far as I'm concerned I'm not going to change it until I get close to depleting the address space, if that ever occurrs.

      As far as renumbering your internal network is concerned, there shouldn't be any issues as long as you renumber everything at the same time. DNS will reflect the new addresses and everything should work normally after a few reboots. You don't need to take any special steps or precautions. Make sure that you creat a new reverse lookup zone for your new address space and you'll also need to change your DHCP scopes and options (if you use DHCP). Make a list of everything that needs to be touched and document your new address space before you start. I've done this before and everything worked fine after a few reboots.

      Comment


      • #4
        Re: How does a complete internal IP restructure affect AD and DNS?

        I've done a few renumbers and the one thing I would say is make sure you leave plenty of time to do it. There are always things that are missed and the longer you have to find them the better. Make a list of everything and then get other people to check as well. Some basic apps use static addresses within their data so they stop working for example. Printers are another good one. ACLs on switches. Firewall rules. Remote VPNs. It can be a big job.

        Do you have any problems with routing?
        cheers
        Andy

        Please read this before you post:


        Quis custodiet ipsos custodes?

        Comment


        • #5
          Re: How does a complete internal IP restructure affect AD and DNS?

          Thanks for all the replies. I think based on what I've read here I'll leave the IP scheme alone. Things as far as specifically the IP configuration are working, so as long as that continues.. I'm happy.

          Comment

          Working...
          X