5

I have a network of about 90 PCs and about 25 network printers. In near future i will promote one server to DC. However, now PCs on my network have static IP addresses.

It is a real mess now with IP addresses. Printers are not statically assigned to on range for ex 192.168.1.50-75.

So my question: Is it reasonable to put all printers (and also APs) to another subnet for ex 192.168.2.0/24.

Thank you!

ysakiyev
  • 263
  • 1
  • 5
  • 12

4 Answers4

4

Is it reasonable to create complexity fo the purpose of simplifying ip address management? Not in my opinion. Putting the printers and AP's on another subnet means having to route traffic between the printer/AP subnet and the main production subnet. It also means having to create a different DHCP ip address pool for AP clients. It also means having to create VLAN's on your switches for each subnet and having to configure your router to route traffic between both subnets. That sounds like a lot of work and complexity relative to the problem.

If you need to better manage the ip address assignment of the printers then my recommendation would be to create DHCP reservations for the printers in your current DHCP ip address pool.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
3

you could do it that way if you wanted. i'm not sure it's worth the hassle. if everything is going DHCP, then let the printers get their addresses via DHCP, too.

and if you give them proper names in the network configuration, then they will show up in DNS with those names. then you don't have to care about what IP address they get because they will be addressable via DNS names.

longneck
  • 22,793
  • 4
  • 50
  • 84
  • oh yeah, i was thinking about that. but I need to see the squid stats and do traffic control. Thats why I need static addresses. Or could I do it with DNS names?? I would really get rid of the headache with IP addresses if I give proper names to all PCs. – ysakiyev Sep 24 '12 at 19:04
  • Get squid to log DNS names, and give all your machines names. Better yet, have squid authenticate and log users - but squid is not something that should keep you with the pain of static IPs – Tom Newton Sep 24 '12 at 19:13
  • "but squid is not something that should keep you with the pain of static IPs" That's actually one of the first requirements for my network - to control internet traffic(deny social networks etc for certain users, or i would say allow only for some). – ysakiyev Sep 24 '12 at 19:24
  • 1
    what you need is an authenticating content filter. this identifies the user to the content, not the PC. – longneck Sep 24 '12 at 19:31
  • + 1 to longneck. What happens when users know about the monitoring system? Two guys have a dispute, A goes to lunch while B sits at A's pc ploughing through porn for 30 mins. B then drops hints A has been breaching company policy....... – Robin Gill Sep 24 '12 at 21:17
2

Yes, It's perfectly reasonable to separate them out for security. Especially if you want to utilize Internet/ wireless printing.

HostBits
  • 11,776
  • 1
  • 24
  • 39
  • Will it create more traffic though? It will use a router to go all the way to the desired printer, because it is on another subnet. – ysakiyev Sep 24 '12 at 19:09
  • 1
    I agree with Cheekaleak, it could be good for security. With regards to traffic, More traffic? not really. More traffic through said router? Probably. If it drags down the performance of the router then layer 3 switching could be used fix that bottleneck. – Thomas G Sep 24 '12 at 19:20
0

You could do what i did at my old company.

DHCP Scope 192.168.1.100-254

Static Address Pool- 192.168.1.1-99

This way you have plenty of room for dynamic hosts and plenty of static addresses for printers, routers, APs etc.

Taylor
  • 1