Routing – Change of IP address range

ipip addresslanroutingsubnet

As part of a corporate project, I am responsible for changing the IP address range of remote sites.
I will show you a theoretical scheme of the network and explain the details of the migration.
My final question will be: should I think of everything and will the network function in an operational way?

enter image description here

This corresponds to the network of my site (in a simplified way).
The current network IP address is in 169.x.x.x / 16, and my wish is to switch it to 172.x.x.x / 24
There is in my network, a manageable switch, dynamic IP equipment (computers) or fixed IP equipement (printer, PABX, File Server …).

Here are some facts:

  • The network is managed by Microsoft tools (AD, SCCM)
  • No changes to be made to the DHCP, DNS servers and the data center(except the new DHCP range)
  • Printers are managed by DNS name, no changes to make for FAX

I am going to share with you an "action-list" that I have written and I hope you will be able to tell me what is good or bad:

  1. Disable the old DHCP scope
  2. Manually change the IP of the file server, domain controller. Then printers, Access Point and other equipment in fixed IP
  3. Change the IP of the switch (from here, the LAN should be able to work)
  4. Change the IP of the LAN interface of the router.
  5. Change the IP range of the firewall ACLs, and SCCM Boundaries

After that, I think we have to wait a few minutes for the tables to update, and the network should work. Do I forget important things that can cause problem after change?

I am available to answer questions to the best of my knowledge.

I apologize for my low level of English, but I have an excuse, I'm French!

Best Answer

Your list sounds reasonable enough for the site itself but don't forget :

  • to decrease the DHCP lease duration before you do the operation (make it something short like 30 minutes, or even less) so that when you update the DHCP settings all the devices move over quickly.
  • to route the new subnet on your WAN, and make sure it is routed explicitely anywhere you had a 169 route previously.
  • to update any firewalls rules which might depend on one of the old IPs, wherever that firewall may be
  • to update Active Directory site/subnet declarations
  • to update endpoint firewall/AV settings as well (sometimes you can have explicit rules)

I would also take this opportunity to make this easier for next time: instead of using fixed IPs for printers (or even APs) give them static DHCP assignments. That way if you ever need to change settings again (a new DNS for example) you'll have a mostly one-stop change to make.

Also, if you're afraid of breaking things or forgetting something, you can configure your router such that it has the new 172 IP as its primary, and the old 169 IP as a secondary IP. That way, any device you've forgotten will still be reachable until you remove the secondary IP. The new IP has to be the primary as that's what's used for DHCP relay (on Cisco HW anyway).

Related Topic