Announcement

Collapse
No announcement yet.

AD Site and Services Subnet

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD Site and Services Subnet

    I'm getting ready to become the lucky individual of setting up a brand new domain and IP scheme between 2 merged facilities. Both are fairly large networks with 1000 network nodes a piece and 2 datacenters. In order to limit the amount of AD traffic across our WAN link, I decided to setup Sites with subnets inside of AD. My question is how specific do I have to get with my subnets?

    For instance facility A will be 172.17.0.0/16 as their base network. However, that is being split up into /24 mask subnets of 172.17.1.0/24, 172.17.2.0/24, etc.

    The facility B will be 172.16.0.0/16 as the base network and split into similar subnets with a /24 mask, the same way as facility A.

    Now, when I setup my subnets under Sites and Services, would I be able to put the base 172.17.0.0/16 network and assign that to the site...

    OR

    Would I have to assign each individual subnet, such as 172.17.1.0/24, 172.17.2.0/24, etc?
    MCITP:SA, MCSA 2003, MCP, CCNA, A+, Net+, Security+

  • #2
    Re: AD Site and Services Subnet

    AS long as there is no overlap, there should be no issues with using the /16 subnets in ADSS
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: AD Site and Services Subnet

      Hi,

      It's better to go with option 2 for better manageability and avoiding confusions latter

      assign each individual subnet, such as 172.17.1.0/24, 172.17.2.0/24, etc?
      Thanks & Regards
      v-2nas

      MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
      Sr. Wintel Eng. (Investment Bank)
      Independent IT Consultant and Architect
      Blog: http://www.exchadtech.blogspot.com

      Show your appreciation for my help by giving reputation points

      Comment


      • #4
        Re: AD Site and Services Subnet

        The point of creating sites and assigning subnets in AD is to control replication and where users authenticate;

        I would have 2 AD sites setup facility A and B and assign the seperate /16 subnet to each. Even though you will be having different subnets at each site they will be connected to each other by LAN speeds so there will be no replication latency issues.

        Comment


        • #5
          Re: AD Site and Services Subnet

          I've been using the "umbrella subnet" scenario that you describe for many years. I actually called MS support services before setting it up to make sure that it was a supported configuration and it is.

          Our corp is fairly large and the AD guys are a separate group from the network guys. It's worked very well because if the network guys want to setup a new network in one in one of the sites, as long as it falls under the umbrella, they don't have to call me to add AD Sites and Services. In fact, it's been pretty set it and forget it ever since I set it up.

          Comment

          Working...
          X