Justifying Routing at the Edge

Answered Question
Mar 16th, 2010
User Badges:
/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

We are currently creating all our VLANS on our core (6513 sup2 720). One of our VLANS has over 19 class c subnets on it. Last week after a power outage, the core's processor went up to 92% until I looked on the wire and saw that DHCP was going mad! We restarted the DHCP service and all was well again.


The DHCP server is in the VLAN that has all those subnets. I'm trying to convince my boss that it is wise to move all the vlans out to the edge onto the distribution switches and have a set of VLANS per building.


I'm sure my preferred scenario would have stopped this problem, which I think was a massive broadcast storm.


Would you all agree?


Jamie

Correct Answer by Jon Marshall about 7 years 3 months ago

jhancockuwic wrote:


Hi Jon,


Yeah that makes sense to me. That is the scenario I would like to put in place, it's just convincing my colleague now!!

Jamie


So, 1 /24 VLAN per floor, then you split that VLAN into 2 /25. I missing something again here, if you create the vlan on the 6500 "ip address 192.168.1.1 255.255.255.0. How are you then splitting this up into 2 /25?


Sorry to be a pain.


Jamie


Jamie


Jamie


Sorry, posted before you edited this post.


You don't create the vlan ip address of 192.168.1.1 255.255.255.0. Instead you would have for example 2 vlans per floor - vlan 10 & 11. On the 6500 switch


int vlan 10

ip address 192.168.1.1 255.255.255.128


int vlan 11

ip address 192.168.1.129 255.255.255.128


Don't get too sidetracked with /24 vs /25. There is nothing wrong with a /24 and a lot of networks use this as standard.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jamie Hancock Tue, 03/16/2010 - 10:31
User Badges:



/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Hi Jon,


Yeah I thought so, unfortunately I'm the new kid so it's not always easy to get my point across.



Going to try and put my point across tomorrow.


Oh, and yeas we have layer 3 capable switches at the distribution.


Jamie

Jon Marshall Tue, 03/16/2010 - 10:27
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

jhancockuwic wrote:


We are currently creating all our VLANS on our core (6513 sup2 720). One of our VLANS has over 19 class c subnets on it. Last week after a power outage, the core's processor went up to 92% until I looked on the wire and saw that DHCP was going mad! We restarted the DHCP service and all was well again.


The DHCP server is in the VLAN that has all those subnets. I'm trying to convince my boss that it is wise to move all the vlans out to the edge onto the distribution switches and have a set of VLANS per building.


I'm sure my preferred scenario would have stopped this problem, which I think was a massive broadcast storm.


Would you all agree?


Jamie


Jamie


It would be a very good idea not to have such large vlans ie. 19 class C subnets, as that is the root cause of your problem and not where the inter-vlan routing is being done.


However If you have multiple buildings interconnected via the core 6500(s) then yes it would be a good idea to have each buliding use it's distribution switch(s) to do the inter-vlan routing assuming of course that you have L3 capable distribution switches in each building ?


Jon

Giuseppe Larosa Tue, 03/16/2010 - 10:39
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Jamie,


having 19 IP subnets /24 sharing the same L2 broadcast domain is a bad idea as you have seen on that outage.


When a broadcast is sent it needs to be processed by all devices including those that actually are not interested on it.

also cpu usage on user PCs suffer from this.

There is a relationship between number of hosts and broadcast level in a vlan/L2 broadcast domain.


You should have a one to one corrispondence between one IP subnet and one vlan/L2 broadcast domain.


if the total number of vlans is high and you cannot scale moving the L3 boundary towards access is a wise step.


if you have only few vlans you can create more vlans easily and you move users to them


Hope to help

Giuseppe

Jamie Hancock Tue, 03/16/2010 - 10:42
User Badges:

Hi Giuseppe


Thanks for your help.


We have over 20 vlan's per site.


Can you explaine this point please "if you have only few vlans you can create more vlans easily and you move users to them"?


Jamie

Giuseppe Larosa Tue, 03/16/2010 - 10:58
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Jamie,

you are right I haven't explained what is behind that sentence:


low end cisco switches have limitations in the number of STP instances that they can run and also limits on the max limit of Vlans that can be present at the same time in the vlan database.

These two limits can bwe different.

For example some device like a C2950 could have a limit of 64 STP instances and 128 vlans in VTP DB.


This fact causes a scalability limit it is not possible to have more then 128 vlans in VTP database.


STP limits can be handled with appropriate manual control of list of vlans on each trunk link both sides using allowed vlan command

switchport trunk allowed vlan x,y,z


so moving from 20 vlans to 400 vlans may be not possible in a campus if some devices don't support so many vlans will:

- move to VTP transparent mode automatically to protect themselves

- disable STP instance for vlans in excess of first limit.


the second can be handled with manually configured trunks, the first has impact only if you use VTP.


Moving routing to distribution is wise (if a distribution layer exists in your campus or if you introduce it), moving it to access can be a solution too nowdays.


Hope to help

Giuseppe

Jamie Hancock Wed, 03/17/2010 - 01:38
User Badges:
/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Thanks for your help guy's.


I take it from reading various threads that one thing I should change as soon as possible is the 19 secondary IP address we have in a particular VLAN.


I take it the easiest way is to create a VLAN and use a subnet mask like 192.168.0.0 /21 which would give us 2048 IP address.


Would this have stopped the problem of the CPU overload?


Jamie.

Jon Marshall Wed, 03/17/2010 - 02:04
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

jhancockuwic wrote:


Thanks for your help guy's.


I take it from reading various threads that one thing I should change as soon as possible is the 19 secondary IP address we have in a particular VLAN.


I take it the easiest way is to create a VLAN and use a subnet mask like 192.168.0.0 /21 which would give us 2048 IP address.


Would this have stopped the problem of the CPU overload?


Jamie.


Jamie


Probably not because the issue is with that many clients on the same vlan all broadcasting at roughly the same time. However you should still look to get rid of the secondary IP addresses if you can.


As Giuseppe noted having a vlan that size can cause many problems, you really need to try and get down to a vlan per class C or thereabouts if possible.


Jon

Jamie Hancock Wed, 03/17/2010 - 02:12
User Badges:



/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Hi Jon,


The trouble is having over 3000 pc's + peripheral devices it would mean having 12 VLANS all for the same purpose, or am I missing something?


Plus, administering that would be a nightmare.


The only thing I can see that would have helped with this problem would have been having the VLANS distributed to the edge. So if the problem was coming from a particular VLAN it would have only affected that building.


Also, having the DHCP servers in the server farm would have helped, I think?


Does this make sense? Would the links still have got saturated?

Jon Marshall Wed, 03/17/2010 - 02:37
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Jamie


The trouble is having over 3000 pc's + peripheral devices it would mean having 12 VLANS all for the same purpose, or am I missing something?

Plus, administering that would be a nightmare.


Put bluntly, yes you are missing something   Best practices says you should use a /24 per vlan or perhaps a /23 if needed. I use /25s often. It doesn't matter if they are all for the same purpose, having that many devices in one vlan means a huge amount of broadcast traffic within that vlan. Every time a broadcast happens in that vlan every single device has to process that broadcast.


If i started at a new company and found a vlan with 3000 devices in it i would view that as a quick win to split it up, wouldn't matter whether i was the new boy or not. And you may well find that performance improves for the end users. From my experience you will find that using /24's etc. for vlans is common practice and what you have is the exception.


As for adminstering it and it being a nightmare, i can't see how. 12 vlans is nothing in terms of administration as most of the devices will be using DHCP to obtain their IP addresses. You may need to readdress some devices with static IPs but once done that is it.


Jon

Jon Marshall Wed, 03/17/2010 - 02:39
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Jamie


A quick follow up -


The only thing I can see that would have helped with this problem would have been having the VLANS distributed to the edge. So if the problem was coming from a particular VLAN it would have only affected that building.


This seems to contradict what you are saying because here you seem to be suggesting breaking up the one vlan into many or am i misreading ?


The key point is the size of the vlan not the location. Moving it out of the core as it is will protect the core but not where you move it to.


Jon

Jamie Hancock Wed, 03/17/2010 - 02:53
User Badges:



/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Hi Jon,


Thanks for your help with this.


My point about the VLAN administration is this. If we have lots of /24 VLANS, it would mean changing all the switch ports to suit. How would we mange what switch ports had what VLANS? If we set more than 255 switch ports for a particular VLAN we could run out of I address.


For instance, in Block A we have 2 wiring closets with 3 access layer switches in each closet. So, total number of ports would be 288, would we assign 255 ports to VLAN 2 and the rest to VLAN 3? Can you see my point, or am I still missing something?


Does that make sense?


Jamie

Jon Marshall Wed, 03/17/2010 - 03:53
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Jamie


My point about the VLAN administration is this. If we have lots of /24 VLANS, it would mean changing all the switch ports to suit. How would we mange what switch ports had what VLANS? If we set more than 255 switch ports for a particular VLAN we could run out of I address.


You allocate a /24 to each vlan but that doesn't mean you then go and allocated 254 ports to that vlan on a switch at the same time. A way to separate it up is to have vlans per floor of a building unless of course you have 3000 users on one floor. There is no requirement to fill every single vlan, you can actually have more vlans than you need so there is some slack in each vlan for new users.


Last place i worked we had multiple buildings within a MAN. An average building had 5 floors so we allocated a /24 to each floor and then split the subnet into 2 x /25. One side of the floor got one /25 and the other half the other /25. Then we simply allocated ports on that floors closet switches into either vlan when needed and any unallocated ports were put into a non-routed "dummy vlan" to be used if new users moved onto the floor.


The floor access-layer switches connected via fibre back to the main LAN room for that building. The uplinks were L2 trunks and the inter-vlan routing was done on a pair of 6500 switches in the main LAN room.


Basically managing ports, allocating them into vlans etc. is a standard part of a network administrators job. The setup will take some time but once setup you are really only having to do minor changes from there on in.


Jon

Jamie Hancock Wed, 03/17/2010 - 04:24
User Badges:
/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Hi Jon,


Yeah that makes sense to me. That is the scenario I would like to put in place, it's just convincing my colleague now!!

Jamie


So, 1 /24 VLAN per floor, then you split that VLAN into 2 /25. I missing something again here, if you create the vlan on the 6500 "ip address 192.168.1.1 255.255.255.0. How are you then splitting this up into 2 /25?


Sorry to be a pain.


Jamie


Jamie

Correct Answer
Jon Marshall Wed, 03/17/2010 - 04:36
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

jhancockuwic wrote:


Hi Jon,


Yeah that makes sense to me. That is the scenario I would like to put in place, it's just convincing my colleague now!!

Jamie


So, 1 /24 VLAN per floor, then you split that VLAN into 2 /25. I missing something again here, if you create the vlan on the 6500 "ip address 192.168.1.1 255.255.255.0. How are you then splitting this up into 2 /25?


Sorry to be a pain.


Jamie


Jamie


Jamie


Sorry, posted before you edited this post.


You don't create the vlan ip address of 192.168.1.1 255.255.255.0. Instead you would have for example 2 vlans per floor - vlan 10 & 11. On the 6500 switch


int vlan 10

ip address 192.168.1.1 255.255.255.128


int vlan 11

ip address 192.168.1.129 255.255.255.128


Don't get too sidetracked with /24 vs /25. There is nothing wrong with a /24 and a lot of networks use this as standard.


Jon

Jamie Hancock Wed, 03/17/2010 - 04:43
User Badges:



/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

ahh, that makes more sense now, I read it that you were allocating 1 vlan per floor and not 1 subnet.


Makes perfect sense, wish me luck!


Jamie

colinkiely1 Wed, 03/17/2010 - 04:47
User Badges:

I think Jon is saying that you allocate a /24 block to the floor, then cut it in half and assign the /25 mask to the users


So if he decided to use 192.168.1.x then it would look


192.168.1.0 network

192.168.1.1 - 192.168.1.126 hosts

192.168.1.27 broadcaset


192.168.1.28 network

192.168.1.29 - 192.168.1.254 hosts

192.168.1.255 broadcast


I have a question, and sorry to hijack a little Jamie! I thought a vlan to ip subnet was always a 1-1 correlation? I guess I never thought about it as being anythign else but you obviously mention having 19 ip subnets per vlan?

Jon Marshall Wed, 03/17/2010 - 05:01
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

colinkiely1 wrote:



I have a question, and sorry to hijack a little Jamie! I thought a vlan to ip subnet was always a 1-1 correlation? I guess I never thought about it as being anythign else but you obviously mention having 19 ip subnets per vlan?


Colin


The recommendation is to have one subnet per vlan but there is nothing to stop you having multiple subnets per vlan and using secondary IP addresses on the vlan interface. Secondary IP addresses were more common before L3 switches came along and before 802.1q trunking because with routers there was a physical limit to the amount of interfaces available. So with a L3 switch there really is very little reason to use secondary IP addressing these days.


Just for completeness you can also have one IP subnet with 2 vlans. You would see this when you use devices such as the FWSM (Firewall Service Module) and ACE (Application Control Engine - load-balancer basically) in transparent mode. With transparent mode the device acts as a L2 device so you need to the same subnet on both sides. But you can't use the same vlan on both sides as you would get an STP loop so you use 2 vlans and effectively "join" the vlans together with the transparent device.


Jon

Jamie Hancock Wed, 03/17/2010 - 05:21
User Badges:



/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

I guess you have your DHCP servers in the server farm and use IP HELPER on the

vlan interface to get over the broadcast boundary?


Jamie

Jon Marshall Wed, 03/17/2010 - 05:29
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

jhancockuwic wrote:




I guess you have your DHCP servers in the server farm and use IP HELPER on the

vlan interface to get over the broadcast boundary?


Jamie


Jamie


Yes you do. You really only need 2 DHCP servers for redundancy and then on each L3 vlan interface you would configure an ip helper-address.


Key to doing this well is to get the planning correct. Take your time planning it and look for any gotchas. Key things to be aware of


1) do any of the devices in your vlan at present need L2 adjacency ie. they need to be able to broadcast to each other for an application to work. This is rare these days and it can be worked around but something to check.


2) Hardcoded IP addresses. Hopefully you haven't got them but it needs checking ie. some device has a hardcoded IP so it knows which server etc. to talk to. Again, rare these days but still needs checking.


Having said that if you stick with the current addressing but just split it up most of the IP addresses could stay the same on the devices. The only issues you may get is where the IP address of an existing device suddenly becomes the broadcast address for example of your new smaller subnet. If you make sure when you get these that it is a PC rather than a device with a hardcoded address you should avoid problem 2 above.


Jon

Jon Marshall Wed, 03/17/2010 - 04:33
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Jamie


So I guees in your privious job you created the /24 VLANS on the 6500's? To splint the address int /25's I guess you configure the clients with a /25 subnet depending on what side of the building they were on?

Yes exactly. The vlans were created on the 6500 switches and these switches were VTP servers. The access-layer switches were VTP clients. The L3 SVI's were on the 6500 switches.


DHCP scopes were setup for /25's and so the client would get an IP from the /25 with the correct subnet mask and default-gateway.


I appreciate that it is never easy to try and make big changes when you are new as others may see your recommendations as critcisms of the current network but it really would benefit your network administrators and more importantly your users if you could do this.


Jon

Jamie Hancock Wed, 03/17/2010 - 04:35
User Badges:

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Sorry Jon I changed my post last minute


So, 1 /24 VLAN per floor, then you split that VLAN into 2 /25. I missing something again here, if you create the vlan on the 6500 "ip address 192.168.1.1 255.255.255.0. How are you then splitting this up into 2 /25?


Sorry to be a pain.


Jamie

Jon Marshall Wed, 03/17/2010 - 04:38
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

jhancockuwic wrote:


Oh I see from the DHCP server, is that correct?


Jamie


Jamie


Not sure what you mean. The DHCP scope IP range and subnet mask must match the L3 SVI on the 6500 in terms of an IP from that range and the same subnet mask.


Jon

Jamie Hancock Wed, 03/17/2010 - 05:48
User Badges:



/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Ok, thanks Jon.


I want you to know that I really appreciate your help with this. Giving up you time to help other people (me) is rare these days.


Kind regards,


Jamie

Jon Marshall Wed, 03/17/2010 - 05:52
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

jhancockuwic wrote:




Ok, thanks Jon.


I want you to know that I really appreciate your help with this. Giving up you time to help other people (me) is rare these days.


Kind regards,


Jamie


Jamie


No problem, glad to have helped.


That's what good about NetPro and why i continue to use it in that there a lot of people on these forums with great knowledge and experience who are only too happy to share that with other people.


Any other questions/problems don't hesitate to come back.


Jon

Actions

This Discussion