At my church, we have over 200 nodes on our network, and we have a /24 subnet. This means we have very few IP's to play with, especially considering the need for a decent DHCP range for new devices.
We have about 6 buildings connected to an unmanaged megabit network, all plugged into a security gateway that enforces antivirus, blocks bad websites, and scans incoming packets for viruses. (it is also our firewall and router)
Many people have told me it would be nice to have an IP structure that reflected building and node type, such as:
10.x.y.z where:
x = building
y = node type
Of course, you can't just chop up IP ranges wherever you'd like, you've got to do it along clean binary divions. (At least that's what I'm told.) So now I'm wondering if that means I should just grab a large chunk, such as: 10.0.0.0/12 and put everything under the same subnet, but use tagged VLANs to keep things separated.
(10.128.0.0/9 is already taken up by a wireless mesh network)
To accommodate the change, we have 4 managed switches (ProCurve 2848) with one of them being dedicated to the server rack to connect all other switches (managed or otherwise) to the gateway.
Any thoughts?
