Optimizing Remote Subnets

Here's how you can determine the number of subnets and IP addresses used by remote network segments in Windows Server 2022. There are a few different approaches depending on the level of detail and access you have:

1. Routing Table Analysis:
   • Open an elevated command prompt: Search for "cmd", right-click, and select "Run as administrator".
   • Execute 'route print' command: Type `route print` and press Enter.
   • Interpret the results:
     • Each network destination listed in the routing table with a subnet mask represents a potential remote network segment.
     • The subnet mask indicates the number of hosts supported on that subnet. For example, a subnet mask of 255.255.255.0 (/24) supports 254 usable hosts.
2. Network Discovery and Management Tools:
   • Windows Admin Center: If you manage your environment through the modern Windows Admin Center, it might have network discovery and inventory features that present this information in a more structured way.
   • Third-Party Tools: Numerous network scanning/mapping tools (Nmap, Advanced IP Scanner, etc.) can scan your network and report on subnets and device counts.
   • Infrastructure Querying: If you have access to network switches and routers, they often provide detailed views of connected subnets and device counts.
3. Documenting from Your ISP: If you are determining the number of subnets/IP addresses assigned to you by your Internet Service Provider (ISP):

• Check your documentation: They should have provided you with a subnet mask and an IP address range when your connection was established.
• Contact your ISP: They can definitively tell you how many subnets/IP addresses are allocated to your account.

Important Considerations

• Internal vs. External: The methods above focus on identifying remote network segments, which likely means networks outside your local network. Determining subnets used internally within your network might involve similar tools but aimed at your internal infrastructure.
• IPv4 vs. IPv6: These methods assume you're using IPv4. If you're using IPv6, subnet calculations involve different prefix lengths.

Remote networks require special consideration when you develop an IP addressing scheme to ensure that traffic is properly routed and that Internet access is maintained.

1. Private point-to-point Connections: For private point-to-point connections, such as dedicated 56 kbps leased lines or T1 connections, a separate subnet is required for each point-to-point connection. Each point-to-point connection requires two IP addresses to support dynamic routing protocols as illustrated below.
   

   

2. Multi-point Connections: For multi-point connections, such as an X.25 or other packet-switched private networks, one subnet is sufficient for all connections. An IP address for each connection or virtual circuit is required in the multi-point connection. A packet assembler-disassembler (PAD)^[1] is used on X.25 networks to connect computers to the X.25 network Cloud as shown below. The X.25 Cloud is a world-wide private network that consists of a bunch of network devices that separate PADs.
   

   

Because no public addressing scheme can see point-to-point and multi-point connections, you can use private addressing to create each subnet. If the addresses used for point-to-point or multi-point subnets are allocated from the range of addresses used by other devices on the private network, VLSM or CIDR is recommended to conserve IP addresses.

To connect to a VPN client, each VPN server requires a public address. This address becomes one end of the communications tunnel. The VPN client receives an address from the VPN server either via DHCP or from a static address pool configured on the VPN server. When communicating over the VPN connection, the VPN client uses the address assigned by the DHCP Server for the VPN interface to access intranetwork resources. Any IP addressing design must account for the public address and the range of private network addresses required by the VPN server design. A private network address is required for each VPN client that simultaneously accesses the intranetwork.
The next lesson examines QoS.

[1]Packet assembler-disassembler (PAD): A network device used on X.25 internetworks.