05-29-2010 04:44 PM - edited 03-06-2019 11:20 AM
Hi ,
Just want the advise, can multiple vlans belongs to one large subnet. For example Vlan 2 to Vlan 30, network 172.16.0.0/16 ( All hosts on vlan 2 to vlan 30 will have the IP addresses from that range).
Vlans hosts only need DHCP assigned addressess and internet access. No inter-vlan routing is required but hosts within a vlan should be able to talk to each other.
Is that a better design to have a DHCP Pool created for each Vlan (so 30 DHCP Pools) on Cisco 3550 switches or just a one DHCP pool would do the job. I have around 300 hosts on network divided on 30 vlans which spread over on four Cisco 3550 switches.
Would there be a network performance issuess such as large amount to broadcast and slow response time ?. According to my understanding there will be a broadcast domain for each vlan so network performace should not be effected ?
Thanks for the help.
Regards
Salman
05-29-2010 06:02 PM
Hi Salman,
Although 300 is not a big number, I would not put all my users in one vlan. It is common to have a /24 subnet per vlan. It is also common to devide the number of vlans per department, ie one for engineering and one for business development, and etc....
On the other hand, putting 10 users per vlan is not very good idea unless you really have to.
HTH
Reza
05-29-2010 09:27 PM
Hi ,
Just want the advise, can multiple vlans belongs to one large subnet. For example Vlan 2 to Vlan 30, network 172.16.0.0/16 ( All hosts on vlan 2 to vlan 30 will have the IP addresses from that range).
Vlans hosts only need DHCP assigned addressess and internet access. No inter-vlan routing is required but hosts within a vlan should be able to talk to each other.
Is that a better design to have a DHCP Pool created for each Vlan (so 30 DHCP Pools) on Cisco 3550 switches or just a one DHCP pool would do the job. I have around 300 hosts on network divided on 30 vlans which spread over on four Cisco 3550 switches.
Would there be a network performance issuess such as large amount to broadcast and slow response time ?. According to my understanding there will be a broadcast domain for each vlan so network performace should not be effected ?
Thanks for the help.
Regards
Salman
Hi Salman,
You can use but better recommendation says divide the different subnet and assign to vlans in order to troubleshoot for future problems,for multiple dhcp pool configuration on switches check out the below link:-
http://www.cisco.com/en/US/docs/ios/12_1/iproute/configuration/guide/1cddhcp.html#wp1000999
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
05-30-2010 06:00 PM
Guys,
Thanks for your replies.
How would I make sure that PC's gets ip address from its corssponding vlan pool ?
WIth multiple DHCP pool,do I need to creat a vlan interace for each vlan?
Does IP helper-address command under the each vlan interface will be required?
Is the IP address of 'default-router' will be the vlan interface IP of the respective vlan?
Does sample config looks ok to you guys.
ip dhcp pool VLAN2
network 172.16.2.0 255.255.0.0
default-router 172.16.2.1
!
ip dhcp pool VLAN3
network 172.16.3.0 255.255.0.0
default-router 172.16.3.1
!
int vlan 2
ip address 172.16.2.1 255.255.0.0
!
int vlan 3
ip address 172.16.3.1 255.255.0.0
Regards
Salman
05-30-2010 07:01 PM
Salman,
Q. "How would I make sure that PC's gets ip address from its corssponding vlan pool ? WIth multiple DHCP pool,do I need to creat a vlan interace for each vlan? Does IP helper-address command under the each vlan interface will be required ?"
A. Yes
Q. "Is the IP address of 'default-router' will be the vlan interface IP of the respective vlan?"
A. Yes
Q. "Does sample config looks ok to you guys"
A. Looks good but remember to use "ip dhcp excluded-address" under each pool to specify addresses that should not be assigned to clients... e.g. vlan interface IPs 172.16.2.1 and 172.16.3.1, addresses that are statically assigned to your servers, WAPs etc....
Why 30 VLANs for only 300 clients? If it's a security concern then I understand......
DD
05-31-2010 12:03 AM
Hi Salman,
subnet mask is a bit of concern here
ip dhcp pool VLAN2
network 172.16.2.0 255.255.0.0
default-router 172.16.2.1
!
ip dhcp pool VLAN3
network 172.16.3.0 255.255.0.0
default-router 172.16.3.1
!
int vlan 2
ip address 172.16.2.1 255.255.0.0
!
int vlan 3
ip address 172.16.3.1 255.255.0.0
subnet mask is /16, i.e. 3rd octet doesnt matter so end point in VLAN 2 will also be allocated 172.16.3.X. I donnt see it happening this way number hosts are very less but other way around VLAN 3 end point can have IP Address of 172.16.2.X range
- using /16 i.e 255.255.0.0 subnet mask will increase the volume of broadcast on all your VLANs. If a packet comes in for desstination 172.16.3.45 and switch is not aware about the port where 172.12.3.45 (no ARP entry), this will fall in broadcast range 172.16.X.X so broadcast will be sent on all the VLANs.
** though I am not pretty sure about it, but you should get some conflict error while configuring IPs on VLAN interface with /16 subnet mask
Crux of the matter is you need chage the subnet mask of VLAN interface from 255.255.0.0 to 255.255.255.0 for good.
Hope to help
Kind Regards,
05-31-2010 12:04 AM
Guys,
Thanks for your replies.
How would I make sure that PC's gets ip address from its corssponding vlan pool ?
WIth multiple DHCP pool,do I need to creat a vlan interace for each vlan?
Does IP helper-address command under the each vlan interface will be required?
Is the IP address of 'default-router' will be the vlan interface IP of the respective vlan?
Does sample config looks ok to you guys.
ip dhcp pool VLAN2
network 172.16.2.0 255.255.0.0
default-router 172.16.2.1
!
ip dhcp pool VLAN3
network 172.16.3.0 255.255.0.0
default-router 172.16.3.1
!
int vlan 2
ip address 172.16.2.1 255.255.0.0
!
int vlan 3
ip address 172.16.3.1 255.255.0.0Regards
Salman
Hi Salman,
Yes you need to configure ip helper address under vlan interfaces but just for information By default, the ip helper-address command forwards also some other broadcast protocols in addition to the DHCP (BOOTP) protocol. It forwards by default the following eight UDP broadcast protocols:
* UDP 37 (Time protocol)
* UDP 49 (TACACS)
* UDP 53 (DNS)
* UDP 67 (DHCP Server)
* UDP 68 (DHCP Client)
* UDP 69 (TFTP)
* UDP 137 (NetBios)
* UDP 138 (NetBios Datagram service)
If you want to remove soem of the protocol you can also do that by no ip forward
RouterA(config)# no ip forward-protocol udp 137
As DD suggested configure the exclude ip address also ..
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: