so my boss wants me to test a bunch of new things, but he wants me to operate off the production network but he also realizes that I need internet for the testing and he wants me to set up a test domain on a new subnet. How would I go about doing that
How to set up a test domain on a network
This really depends on what you have available to you. How I'd personally do it from my Windows 10 Pro desktop,
Install Hyper-V either via PowerShell or the Turn On Windows Features setting screen.
Create 1 Internal Network and 1 External Network
Create a VM and attach 2 NIC one to each Network
Download pfSense ISO from pfSense
Install pfSense to act as the router. Give it an IP for your VM Network and an IP for your Local Network
Download Windows Server Evaluation ISO from Microsoft
Download Windows 10 Pro ISO from Microsoft
Create as many VM's as needed and attach 1 NIC to each them and put them on the Internal Network
This depends of course on your hardware but it's not that demanding for any desktop i5 really. If you don't have Windows 10 Pro my next choice would be VMware Player.
Another option is doing it with actual hardware and put it all behind a router with it's WAN port hooked up to your normal network.
There really are a lot of ways of doing this so without more information that's the easiest way I'd do it.
This will depend on a couple of different requirements:
First, What are the resources available to you to do this?
Second, What are you trying to test?
By knowing are you limiting yourself your desktop machine with 4GBs of RAM and 256GBs Windows machine. You may find yourself not able to run more than just a couple VMs with your virtualization technology.
You need find what you are trying to test or prove before trying to configure a testing network.
If you're just needing a separate network to test stuff on, you can just configure a different VLAN on your switch, place all the ports of your testing device on that separate vlan. Create a new scope for DHCP for the new VLAN.
You'll you setup a default-gateway for your test network. Block access to your production network using ACL's or firewall rules.
Let us know what are the requirements are and what you have available to setup your test network.
I am the computer tech at my Dad's CPA firm and he has me working on a Windows 2016 server that is a hyper V host that is currently running one 2012 r2 server core on it that I haven't configured for anything yet and I am planning on installing some Linux machines on there for different purposes. He wants me to create a test network under a new subnet that is cutoff from the production network but has access to the internet and he wants me to essentially use this test network as my playground for all my test machines and anything that isn't a production server yet he wants me to use in this test net to ensure that it works perfectly and that all that has to be configured is configured and then once I am done testing and ready to add it to the production network, then I just move it over to the production network. Storage Capacity and Memory are not an issue due to the size capability of my server.
If you're running Hyper-V on your 2016 network.
You could just create another virtual switch. attach all of the VMs to that virtual switch.
You'd need to work out internet connection by attaching that new virtual switch to another nic on your server to a different default-gateway at your router.
You could use ACLs to prevent traffic from crossing from your test environment to your production environment.
This is just one of many different possibilities, maybe others will post some more elegant or better solutions that what I posted above!