cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
13712
Views
0
Helpful
6
Replies

Multiple VLANS within the same Subnet ?

s.nasheet
Level 1
Level 1

Hi ,

Just want the advise, can multiple vlans belongs to one large subnet. For example  Vlan 2 to Vlan 30, network  172.16.0.0/16 ( All  hosts on vlan 2 to  vlan 30 will have the IP addresses from that range).

Vlans hosts  only need DHCP assigned addressess and internet access. No inter-vlan routing is required but hosts within a vlan should be able to talk to each other.

Is that a better design  to have a  DHCP Pool created for each Vlan (so 30 DHCP Pools) on Cisco 3550 switches or just a one DHCP pool would do the job. I have around 300 hosts on network divided on 30 vlans which spread over on four  Cisco 3550 switches.

Would there be a network performance issuess such as large amount to broadcast and slow response time ?. According to my understanding there will be a broadcast domain for each vlan so network performace should not be effected ?

Thanks for the help.

Regards

Salman

6 Replies 6

Reza Sharifi
Hall of Fame
Hall of Fame

Hi Salman,

Although 300 is not a big number, I would not put all my users in one vlan.  It is common to have a /24 subnet per vlan.  It is also common to devide the number of vlans per department, ie one for engineering and one for business development, and etc....

On the other hand, putting 10 users per vlan is not very good idea unless you really have to.

HTH

Reza

Ganesh Hariharan
VIP Alumni
VIP Alumni

Hi ,

Just want the advise, can multiple vlans belongs to one large subnet. For example  Vlan 2 to Vlan 30, network  172.16.0.0/16 ( All  hosts on vlan 2 to  vlan 30 will have the IP addresses from that range).

Vlans hosts  only need DHCP assigned addressess and internet access. No inter-vlan routing is required but hosts within a vlan should be able to talk to each other.

Is that a better design  to have a  DHCP Pool created for each Vlan (so 30 DHCP Pools) on Cisco 3550 switches or just a one DHCP pool would do the job. I have around 300 hosts on network divided on 30 vlans which spread over on four  Cisco 3550 switches.

Would there be a network performance issuess such as large amount to broadcast and slow response time ?. According to my understanding there will be a broadcast domain for each vlan so network performace should not be effected ?

Thanks for the help.

Regards

Salman

Hi Salman,

You can use but better recommendation says divide the different subnet and assign to vlans in order to troubleshoot for future problems,for multiple dhcp pool configuration on switches check out the below link:-

http://www.cisco.com/en/US/docs/ios/12_1/iproute/configuration/guide/1cddhcp.html#wp1000999

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

Guys,

Thanks for your replies.

How would I make sure that PC's gets ip address from its corssponding vlan pool ?

WIth multiple DHCP pool,do I need to creat a vlan interace for each vlan?

Does IP helper-address command under the each vlan interface  will be  required?

Is the IP address  of 'default-router'  will be the vlan interface IP of the respective vlan?

Does sample config looks ok to you guys.

ip dhcp pool  VLAN2
   network 172.16.2.0 255.255.0.0
   default-router 172.16.2.1
   !
ip dhcp pool VLAN3
   network 172.16.3.0  255.255.0.0
   default-router 172.16.3.1
!
int vlan 2
ip address 172.16.2.1  255.255.0.0
!
int vlan 3
ip address 172.16.3.1  255.255.0.0

Regards

Salman

Salman,

Q. "How would I make sure that PC's gets ip address from its corssponding vlan pool ? WIth multiple DHCP pool,do I need to creat a vlan interace for each vlan? Does IP helper-address command under the each vlan interface  will be  required ?"

A. Yes

Q. "Is the IP address  of 'default-router'  will be the vlan interface IP of the respective vlan?"

A. Yes

Q. "Does sample config looks ok to you guys"

A. Looks good but remember to use "ip dhcp excluded-address" under each pool to specify addresses that should not be assigned to clients...  e.g. vlan interface IPs 172.16.2.1 and 172.16.3.1, addresses that are statically assigned to your servers, WAPs etc....

Why 30 VLANs for only 300 clients? If it's a security concern then I understand......

DD

Hi Salman,

subnet mask is a bit of concern here

ip dhcp pool  VLAN2
   network 172.16.2.0 255.255.0.0
   default-router 172.16.2.1
   !
ip dhcp pool VLAN3
   network 172.16.3.0  255.255.0.0
   default-router 172.16.3.1
!
int vlan 2
ip address 172.16.2.1  255.255.0.0
!
int vlan 3
ip address 172.16.3.1  255.255.0.0

subnet mask is /16, i.e. 3rd octet doesnt matter so end point in VLAN 2 will also be allocated 172.16.3.X. I donnt see it happening this way number hosts are very less but other way around VLAN 3 end point can have IP Address of 172.16.2.X range

- using /16 i.e 255.255.0.0 subnet mask will increase the volume of broadcast on all your VLANs. If a packet comes in for desstination 172.16.3.45 and switch is not aware about the port where 172.12.3.45 (no ARP entry), this will fall in broadcast range 172.16.X.X so broadcast will be sent on all the VLANs.

** though I am not pretty sure about it, but you should get some conflict error while configuring IPs on VLAN interface with /16 subnet mask

Crux of the matter is you need chage the subnet mask of VLAN interface from 255.255.0.0 to 255.255.255.0 for good.

Hope to help

Kind Regards,

Guys,

Thanks for your replies.

How would I make sure that PC's gets ip address from its corssponding vlan pool ?

WIth multiple DHCP pool,do I need to creat a vlan interace for each vlan?

Does IP helper-address command under the each vlan interface  will be  required?

Is the IP address  of 'default-router'  will be the vlan interface IP of the respective vlan?

Does sample config looks ok to you guys.

ip dhcp pool  VLAN2
   network 172.16.2.0 255.255.0.0
   default-router 172.16.2.1
   !
ip dhcp pool VLAN3
   network 172.16.3.0  255.255.0.0
   default-router 172.16.3.1
!
int vlan 2
ip address 172.16.2.1  255.255.0.0
!
int vlan 3
ip address 172.16.3.1  255.255.0.0

Regards

Salman

Hi Salman,

Yes you need to configure ip helper address under vlan interfaces but just for information By default, the ip helper-address command forwards also some other broadcast protocols in addition to the DHCP (BOOTP) protocol. It forwards by default the following eight UDP broadcast protocols:

    * UDP 37 (Time protocol)
    * UDP 49 (TACACS)
    * UDP 53 (DNS)
    * UDP 67 (DHCP Server)
    * UDP 68 (DHCP Client)
    * UDP 69 (TFTP)
    * UDP 137 (NetBios)
    * UDP 138 (NetBios Datagram service)

If you want to remove soem of the protocol you can also do that by no ip forward

RouterA(config)# no ip forward-protocol udp 137

As DD suggested configure the exclude ip address also ..

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco