Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1742
Views
0
Helpful
5
Replies

Is anyone using private VLANS in an ISP environment

d-fillmore
Level 2
Level 2

‎06-29-2010 08:10 AM - edited ‎03-01-2019 02:19 PM

Hi, In order to avoid IP address wastage for customers we sell hosting services for, I want to implement private VLANs on our network. It seems this is the ideal time to use private VLANs, but I can't find much discussion or anything about actaully using them in a real world environment.

Is ther anyone who uses them as way to conserve IP addressing and are there any pros and cons to using them for this purpose?

Many Thanks in advance

Dom

Labels:
0 Helpful
5 Replies 5

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎06-29-2010 11:58 PM 

Hi, In order to avoid IP address
wastage for customers we sell hosting services for, I want to implement
private VLANs on our network. It seems this is the ideal time to use
private VLANs, but I can't find much discussion or anything about
actaully using them in a real world environment.
Is ther anyone who uses them as way to conserve IP addressing and are there any pros and cons to using them for this purpose?
Many Thanks in advance
Dom

Hi Dom,

If you want to use private address scheme in your lan and to have internet access you need to have public ip with private ip natted with one of the real ip address to have communication over the internet.

We used to implement private ip address and do routing stuff for private address in in local to oure network and configure natting with the available public ip address for internet connectivity or hosting a specific server in internet.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

0 Helpful

mwdatacisco
Level 1
Level 1
In response to Ganesh Hariharan

‎07-09-2010 07:27 AM

One way we have utilized VLAN's is to disallow inter-client communication.  We have vlans setup on our customers that drop into ip un-numbered vlan subinterfaces.  Has worked very well, but is a bit more administrative work to intially set up.

0 Helpful

d-fillmore
Level 2
Level 2
In response to mwdatacisco

‎07-09-2010 07:32 AM

Hi, thanks for your post - Can you elaborate on the way you are doing this?

Are you using private VLANs?

Maybe I should have described my issue better - we have been allocated a range of 24 public addresses and I don't want to keep wasting 5 addresses for every colo/hosting deployment (1 subnet, 1 broadcast, 2 interface and 1 HSRP address)

Cheers, Dom

0 Helpful

mwdatacisco
Level 1
Level 1
In response to d-fillmore

‎07-09-2010 07:37 AM

Not really, it's a fairly basic setup.  I have a DSLAM configured for vlans on each customer port.  I then have a 802.1q trunk connected to the DSLAM and a trunk connected to the VLAN router.  On my vlan router I have the below configured:

interface FastEthernet0/1
ip address 192.168.2.1 255.255.255.0 secondary
ip address 192.168.1.1 255.255.255.0
no ip redirects
no cdp enable
!
interface FastEthernet0/1.2
encapsulation dot1Q 2
ip unnumbered FastEthernet0/1
no cdp enable
!
interface FastEthernet0/1.3
encapsulation dot1Q 3
ip unnumbered FastEthernet0/1
no cdp enable
!
interface FastEthernet0/1.10
encapsulation dot1Q 10
ip unnumbered FastEthernet0/1
no cdp enable

Of course this is on the public side but I changed the IP scheme for security purposes.  Hope this helps!

0 Helpful

d-fillmore
Level 2
Level 2
In response to mwdatacisco

‎07-09-2010 07:43 AM

Thanks for sharing

Looks like an intuitive way of getting the benefits of private VLANs on a router.

Cheers, Dom

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents