Stupid networking/subnet question

[TubsAlwaysWins]

OK this is really dumb and I should know the answer to this but im not firing on all 4 brain cells today.

I am making a set of networks for a building. They are as follows: 192.168.0.0/24, 192.168.10.0/24, and 192.168.20.0/24. The 0.0 is for their local PCs, any office computers, staff wifi, etc. 10.0 is for A/V equipment (Sound boards, lights, etc), and 20.0 will be for the guest network. All of these are going to be controlled by Server 2019, and I will have 2 DNS servers. One hosted on 192.168.0.20 (primary) and one on 192.168.0.25 (Secondary). I intend to use the default gateway of 192.168.0.1 for all 3.

Here are my questions:

1. Can I use my 192.168.0.1 as DFGW even though the 2 other networks are on a different subnet, or will I need to configure a 10.1 and 20.1 DFGW as well?

2. Do I need to tag my VLAN ID on WS2019? 

3. Does it make sense to put 0.0 on VLAN 1, 10.0 on VLAN 10, and 20.0 on VLAN 20? I know typically your managment and infrastructure goes on VLAN 1, but there isnt enough equipment to justify that so I will have it all on 0.0

4. Should I ditch the secondary DNS server and use dns.google.com as my alternate? (Both DNS servers would point to 8.8.8.8, 8.8.4.4, and 1.1.1.1)

 

Thoughts? 

[Electronics Wizardy]

3 minutes ago, TubsAlwaysWins said:

192.168.0.0/24

Id stay away from this subnet as it conflicts with many home networks if you ever use vpn or simmilr

 

3 minutes ago, TubsAlwaysWins said:

All of these are going to be controlled by Server 2019,

So is server 2019 the router? Don't use windows server as a router.

 

5 minutes ago, TubsAlwaysWins said:

1. Can I use my 192.168.0.1 as DFGW even though the 2 other networks are on a different subnet, or will I need to configure a 10.1 and 20.1 DFGW as well?

Each subnet has a different gatewy IP

 

5 minutes ago, TubsAlwaysWins said:

2. Do I need to tag my VLAN ID on WS2019? 

 

IDK, are you using tagged packets? Depend son how its wired here

 

6 minutes ago, TubsAlwaysWins said:

. Does it make sense to put 0.0 on VLAN 1, 10.0 on VLAN 10, and 20.0 on VLAN 20? I know typically your managment and infrastructure goes on VLAN 1, but there isnt enough equipment to justify that so I will have it all on 0.0

Id skip 0, but yea that namin makes sense. Id stay awawy from the 0.0. Or use the 10.0.0.0/8 range

 

6 minutes ago, TubsAlwaysWins said:

4. Should I ditch the secondary DNS server and use dns.google.com as my alternate? (Both DNS servers would point to 8.8.8.8, 8.8.4.4, and 1.1.1.1)

Why are you using your own dns servers? Are you running AD? 

[TubsAlwaysWins]

1 minute ago, Electronics Wizardy said:

Id stay away from this subnet as it conflicts with many home networks if you ever use vpn or simmilr

You arent wrong, they were previously set up on a 0.0 network and I dont want to try and guess every device on the network that has a static right now. They are looking at upgrading switches and APs, if they go with it I will probably move them to a different scope

Quote

So is server 2019 the router? Don't use windows server as a router.

No my bad on the way I phrased it. Their router is currently a Watchguard T30 something (I think), we might keep it, might move them to Sophos XG

Quote

Each subnet has a different gatewy IP

Thats what I figured but I wanted to check. 

Quote

IDK, are you using tagged packets? Depend son how its wired here

I do not believe I will need to tag any packets, but I do know their current switches all need to be tag/untag/exclude 'manually'

Quote

Id skip 0, but yea that namin makes sense. Id stay awawy from the 0.0. Or use the 10.0.0.0/8 range

OK I can skip 0.0. I would prefer to move them out of the 192 range all together but we will see

 

14 minutes ago, Electronics Wizardy said:

Why are you using your own dns servers? Are you running AD? 

I am using AD but am unsure of if it is still needed or how much longer it will be. They are switching primarily over to macs and most of what I need AD to do can be done on a Synology

[Electronics Wizardy]

5 minutes ago, TubsAlwaysWins said:

You arent wrong, they were previously set up on a 0.0 network and I dont want to try and guess every device on the network that has a static right now. They are looking at upgrading switches and APs, if they go with it I will probably move them to a different scope

Quote

Makes sense if there already using it/

 

5 minutes ago, TubsAlwaysWins said:

No my bad on the way I phrased it. Their router is currently a Watchguard T30 something (I think), we might keep it, might move them to Sophos XG

Quote

Ok that makse much more sense.

 

6 minutes ago, TubsAlwaysWins said:

I do not believe I will need to tag any packets, but I do know their current switches all need to be tag/untag/exclude 'manually'

Quote

Does the server 2019 box need to be able to access all the different subnets? Id probalby just put it on one subnet, and let the router give it access to other subnets if needed.

 

6 minutes ago, TubsAlwaysWins said:

I am using AD but am unsure of if it is still needed or how much longer it will be. They are switching primarily over to macs and most of what I need AD to do can be done on a Synology

Id then put all the dns though the win server box for subnets that need ad.

[TubsAlwaysWins]

10 minutes ago, Electronics Wizardy said:

Does the server 2019 box need to be able to access all the different subnets? Id probalby just put it on one subnet, and let the router give it access to other subnets if needed.

Id like it to be able to just for the sake of troubleshooting. Are you talking about putting server 2019 on say the 0.0 and then using the router to access the 10.0 and 20.0 or putting all 3 subnets together into say a /22 or something? 

 

[Electronics Wizardy]

11 minutes ago, TubsAlwaysWins said:

Id like it to be able to just for the sake of troubleshooting. Are you talking about putting server 2019 on say the 0.0 and then using the router to access the 10.0 and 20.0 or putting all 3 subnets together into say a /22 or something? 

 

Yup, id put the server system on one subnet, and then your router can handle routing between subnets.