    Aloha, folks!

    I’m working with a non-profit client with a limited budget, and I’ve been exploring how to increase their performance and availability. The customer has a Win2K3 server – bought to be a DC – but AD hasn’t been enabled. Right now, the server does NOTHING but file sharing, and my goal is to bring their entire network up to standard, with a full-up AD controller, routers and network segments to relieve congestion.
    It was set-up as a flat network using static IPs for everything; the 2K3 box has four on-board NICs, and I’ve enabled three of them on separate subnets. Each subnet has (or will have) its own router.
    Right now, it looks something like this:
    [DSL Modem]
    [SonicWALL Firewall] - Core router,, Subnet Mask
    | | |
    [Win2K3 Server] – | |
    [Router 1] |
    --------------------------- |
    [Win2K3 Server] –[Network 1] 10.0.1.x |
    [Router 2]
    [Win2K3 Server] –[Network 2] 10.0.3.x

    There may be an additional router in the near future, but I plan to add it similar to the ones above.

    Right now, all the separate networks are able to ping across – each workstation on each network can ping through to the other, and Internet works …after I added some static routes for each internal network!

    The final goal here is to have a single domain, with separate subnetworks…I’m concerned at how BEST to implement all of the necessary services, ie, DHCP, DNS, file sharing, etc. The 2K3 server will be the DC, and each subnet should be able to see the entire domain (through network browsing). I want to have DHCP service each subnet separately, but that’s where I’m a bit concerned – what with all the documentation talking about multi-homed DCs and all.

    Thanks in advance for any suggestions!

    How many client PCs will be managed by this domain controller?


      Between 30 to 40 client PCs currently, projected to grow to to ~70 (plus 15 or so printers)


        Massive overkill. We obviously don't know everything regarding this situation so don't take this the wrong way but it sounds more like you want to play with the technology rather than provide a solution that would be cost effective or generally useful.
        Why do you need so many networks for 30/40 users even if they will grow? Have you already bought all of those routers? Maybe save on the routers and buy SBS to go on the server, you get exchange etc that way?

          As Andy said, you don't need more than one subnet for 70 PCs and a few printers. I thought we talk about hundreds of clients. The best think you can do for your company is to buy some good quality switches(you can think the network in 2 layers : one for backbone and servers(a 24 ports gigabit switch) and another one for access) and concentrate on DC configuration.


            Thanks to both of you, Andy and cielo - you're right-on about the numbers, but the agency has a few reasons why they need some segregation. Partly security, but mostly privacy issues, generated the organizations desire to have their traffic segmented.

            A couple of good switches, with VLAN capability, would do the job; however, as a non-profit, their funding just won't cover things...yet. So I used some cheap Linksys wireless routers to give them the coverage they needed ASAP, since their wired infrastructure is non-existent.

            It's a bit of trouble to ask them to dedicate limited funds right now, so I'm simply trying to give them the best solution with the equipment already on-hand. Future plans do involve upgrading and wiring a more permanent solution - til then I'd just like to get them by.

            I probably should've mentioned those constraints earlier - my bad.

            So, with those conditions in mind, any further suggestions?