In switched environment - how big subnet is too big?

Answered Question
Aug 18th, 2008

Is there a practical limit to the number of hosts that should be allowed on a subnet on a single VLAN in a switched environment? In the past I've typically subnetted to a maximum of say a /23 with 510 hosts. But I was thinking I don't have a logical reason for that. The one issue I can think of is more hosts on a subnet on a VLAN means a broadcast gets forwarded to more ports. Are there other conserations in choosing number of hosts per subnet? Thanks.

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 8 years 3 months ago

Hello Michael,

you have already listed the most important reason to limit size of subnets: broadcasts.

Vlans are broadcast domains they confine broadcast traffic and routers are broadcast firewalls (unless converting with helper-address in something else).

With 65000 hosts in the same network the probability that some host is doing ARP or something else that involves broadcast will make the network resources and host CPU resources (because broadcasts must be processed) are wasted.

Reducing broadcast impact is one of the key elements in network performance increase and also helps stability.

On the other hand, in a switched network creation of a new Vlan has no cost because it is a built-in capability (there are some limits on STP scalability on smaller platforms).

Routers allow for creation of Vlan subifs and routing protocols are now classless.

So /23 is a reasonable max size.

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.7 (3 ratings)
Loading.
Jon Marshall Mon, 08/18/2008 - 12:15

Michael

As a general rule a /24 is a good starting point but there are many factors that can influence this

1) broadcast traffic as you say which is very dependent on the applications themselves.

2) How your users are organised within the company can have an effect on your vlan sizes ie.

you may have a finance dept based on one floor that need to have access to certain servers that no one else should have access to. Having them in their own vlan makes it easier to apply security rules.

3) If you decided to deploy a L3 routed access-layer then each vlan would be isolated to a specific switch and this may influence how big your vlans are.

I usually start with /25 subnets.

Jon

Correct Answer
Giuseppe Larosa Mon, 08/18/2008 - 12:25

Hello Michael,

you have already listed the most important reason to limit size of subnets: broadcasts.

Vlans are broadcast domains they confine broadcast traffic and routers are broadcast firewalls (unless converting with helper-address in something else).

With 65000 hosts in the same network the probability that some host is doing ARP or something else that involves broadcast will make the network resources and host CPU resources (because broadcasts must be processed) are wasted.

Reducing broadcast impact is one of the key elements in network performance increase and also helps stability.

On the other hand, in a switched network creation of a new Vlan has no cost because it is a built-in capability (there are some limits on STP scalability on smaller platforms).

Routers allow for creation of Vlan subifs and routing protocols are now classless.

So /23 is a reasonable max size.

Hope to help

Giuseppe

ivarth Tue, 08/19/2008 - 01:38

I agree with Giuseppe. /23 is a reasonable size. It's the largest subnet I use in my network.

Actions

This Discussion