Best Practice Number of Devices per VLAN

Unanswered Question
Apr 7th, 2009
User Badges:

Just wondered what best practice is regarding the max number of devices per vlan. Our network uses a /20 mask which I think is too small . We have one particular vlan which contains 1120 devices (inc servers) and spans multiple switches. I've recommended we try not to add any more devices to this vlan and try and redesign the network so each switch stack is assigned one vlan.

Does anyone think we are heading for problmes if we continue with our present design?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
spreed Tue, 04/07/2009 - 06:45
User Badges:

Hello,

Although this is not an definitive answer to your design question here are a few observations we reviewed when redesigning our network.

1. The larger the number of devices on a VLAN the higher the volume of broadcast traffic. Every device on the VLAN has to process that broadcast traffic which of course takes CPU cycles. Thus the local net that these devices are on becomes noisy. In this case less is better (at least to a point.)

2. The larger the VLAN in number of devices and pure geography of the network, then the larger the failure domain is. This means that any device that malfunctions on the at VLAN can negatively effect every other device sharing the same layer 2 domain. This makes it quite difficult to troubleshoot since you may be unsure where to start looking when a problem occurs. From our own experience this can be a very real, time-consuming issue.


Hope these brief comments provide you with further perspective.

glen.grant Tue, 04/07/2009 - 14:42
User Badges:
  • Purple, 4500 points or more

I'll second the /24 size . This gives you 254 host addresses. This has worked for us for years in a very large corporate setting. Unless you have some real heavy users this should never be a problem . A /20 is wayyyyyyyyy too big imho .

Leo Laohoo Tue, 04/07/2009 - 15:01
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

I agree with the /24 subnet. In my situation, we segmented each floor by giving it a VLAN address. IN PAPER, each floor was given a /23 but each switches were configured with a /24. Should we require more IP Addresses, it's as easy as configuring another /24 secondary address.


Hope this helps muddle up the water.

How about printers?  What would be the maximum amount of printers on each dedicated printer VLAN?  Should I use /23 or /24 mask?


I have 848 printers that I need to move to a dedicated VLAN(s).  Need to ensure printer VLAN is not shared with unlike devices.


References:

STIG-ID: NET-VLAN-023 and NET-VLAN-024


Thank you.

Joseph W. Doherty Thu, 03/21/2013 - 10:24
User Badges:
  • Super Bronze, 10000 points or more

Disclaimer


The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.


Liability Disclaimer


In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.


Posting


On a switched VLAN, even a /22 might be fine for your printers.  This assuming all the traffic will be between GW and individual printers; should be little broadcast traffic.

Actions

This Discussion