Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

Migrating domain to a new IP scheme

  • Filter
  • Time
  • Show
Clear All
new posts

  • Migrating domain to a new IP scheme

    Hello guys!
    I have to migrate our entire network to a new IP scheme. The network is composed of:
    2 DCs (win2k3/AD)
    100 Workstations

    I am scared to death to miss something so if anybody have any advice for laying out a plan to make this happen.

    Thanks a zillion.

  • #2
    Re: Migrating domain to a new IP scheme

    This is not as scary as it sounds..

    1 Find all static address
    get a list of all devices that have static addresses. Routers, Firewalls, Wireless Access points, server and the like.

    2 Plan you Private IP range
    Use this opportunity to give your network space to grow in the future. Maybe choose a range like This will allow 2048 hosts with valid IP addresses of to (mask
    Now decide which static addresses you will use for the devices in the list compiled above.

    3 Set your PCs to use DHCP
    Make sure all PCS are DHCP enabled and reduce the lease time on the server to 1 day.

    4 Change static addresses (do this on a saturday)
    Have a PC with IP address of both old and new range so you can connect to devices and servers whether they have a new address or not.
    Now the fun begins. Change your routers and firewalls (don't forget the inbound NAT rules). Change your servers at the same time setting the right gateway and DNS/WINS addresses. Delete all DNS records pointing to old range and purge you WINS databases. Configure your DHCP server with new scope.

    5 Sit back and admire your handy work.
    Have a beer now because come monday morning there will something you have forgotton. Only messing. Once you have name resolution correct on the servers and all your inbound NAT rules work (like SMTP mail is still working) then the PCs should pick up the new address range from your DHCP server on monday morning. You might want to test things on sunday for a few PCs.

    I've done this before on a network with 253 devices (hence the change) and it was quite complicated with Unix Servers, Handheld wireless devices with Access points, Citrix, Exchange 2003, three firewalls, VPNs and RAS and I got it done in a weekend. I missed a few things but got them sorted by monday afternoon.


    • #3
      Re: Migrating domain to a new IP scheme

      Thank you Sharper for your valuable information. I am going to meditate about this so I can ask relevent questions about this scenario.
      The DNS part is the most frightening one. You mentionned to delete all the records concerning the old scope so what should be left after doing so ?
      Shall I create some records manually to point to the new servers ?

      Thanks Sharper


      • #4
        Re: Migrating domain to a new IP scheme

        Your servers should update the DNS servers automatically (check the DNS tab in the Advanced page of TCP/IP properties on each server, it should have 'Register this connection's addresses in DNS' checked). If you can't wait for the registration or if its not happening automatically just use the command

        ipconfig /registerdns

        and this will add the correct records in DNS.

        These two commands might be useful if you have name lookup problems

        ipconfig /flushdns

        (this removes cached lookups on the machine you ran command on so any further DNS lookups will be sent to the DNS server)

        arp -d

        (This will delete the ARP cache which hold IP address to MAC address tables. These will be created automatically)


        • #5
          Re: Migrating domain to a new IP scheme

          Don't forget about any Port Forwarding on the firewalls as they will be pointing to the old IP range.
          1 1 was a racehorse.
          2 2 was 1 2.
          1 1 1 1 race 1 day,
          2 2 1 1 2


          • #6
            Re: Migrating domain to a new IP scheme

            Thank you guys for your words of wisdom. It is really going to help me to put together a road map for this.
            I am wondering what are the latest recommandations concerning IP addressing in a network: Should the switches and routers be in range with static IP addresses ? and the servers (DCs and file print servers) between> static too for example ? Printers with dynamic IP addresses but reserved ?

            Sorry if those questions sounds trivial; I am sure I will be able to payback for this, explaining somebody how to use a floppy


            • #7
              Re: Migrating domain to a new IP scheme

              We have a scheme we use in the schools and the following may give you an idea or two..

              Router x.x.x.1
              Switches x.x.x.2 - 9
              Servers x.x.x.10 - 19
              Printers x.x.x.20 - 29
              Other x.x.x.30 - 39
              1 1 was a racehorse.
              2 2 was 1 2.
              1 1 1 1 race 1 day,
              2 2 1 1 2


              • #8
                Re: Migrating domain to a new IP scheme

                I visit different sites all the time and tend to see this config:

                router/firewall x.x.x.254
                servers x.x.x.1-10
                printers x.x.x.x (ie all over the shop)

                It doesn't really matter as long as you keep it fairly consistent over the whole network.

                Some people say that putting the router/firewall at the end of the range means that port scanners might give up before it gets to them but I think that's silly.

                Choose your IP layout and stick to it. Give room to grow, that's about it.