Best Practice Number of Devices per VLAN

Unanswered Question
Apr 7th, 2009

Just wondered what best practice is regarding the max number of devices per vlan. Our network uses a /20 mask which I think is too small . We have one particular vlan which contains 1120 devices (inc servers) and spans multiple switches. I've recommended we try not to add any more devices to this vlan and try and redesign the network so each switch stack is assigned one vlan.

Does anyone think we are heading for problmes if we continue with our present design?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
spreed Tue, 04/07/2009 - 06:45

Hello,

Although this is not an definitive answer to your design question here are a few observations we reviewed when redesigning our network.

1. The larger the number of devices on a VLAN the higher the volume of broadcast traffic. Every device on the VLAN has to process that broadcast traffic which of course takes CPU cycles. Thus the local net that these devices are on becomes noisy. In this case less is better (at least to a point.)

2. The larger the VLAN in number of devices and pure geography of the network, then the larger the failure domain is. This means that any device that malfunctions on the at VLAN can negatively effect every other device sharing the same layer 2 domain. This makes it quite difficult to troubleshoot since you may be unsure where to start looking when a problem occurs. From our own experience this can be a very real, time-consuming issue.

Hope these brief comments provide you with further perspective.

glen.grant Tue, 04/07/2009 - 14:42

I'll second the /24 size . This gives you 254 host addresses. This has worked for us for years in a very large corporate setting. Unless you have some real heavy users this should never be a problem . A /20 is wayyyyyyyyy too big imho .

Leo Laohoo Tue, 04/07/2009 - 15:01

I agree with the /24 subnet. In my situation, we segmented each floor by giving it a VLAN address. IN PAPER, each floor was given a /23 but each switches were configured with a /24. Should we require more IP Addresses, it's as easy as configuring another /24 secondary address.

Hope this helps muddle up the water.

How about printers?  What would be the maximum amount of printers on each dedicated printer VLAN?  Should I use /23 or /24 mask?

I have 848 printers that I need to move to a dedicated VLAN(s).  Need to ensure printer VLAN is not shared with unlike devices.

References:

STIG-ID: NET-VLAN-023 and NET-VLAN-024

Thank you.

Joseph W. Doherty Thu, 03/21/2013 - 10:24

Disclaimer

The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.

Liability Disclaimer

In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.

Posting

On a switched VLAN, even a /22 might be fine for your printers.  This assuming all the traffic will be between GW and individual printers; should be little broadcast traffic.

Actions

This Discussion