Subnet Question

Unanswered Question
Jul 20th, 2010

I have a subnet 10.xxx.0.1/22 (10.xxx.0.1 to 10.xxx.3.254)

now i would like to take a portion of the network for some Mac users, 10.xxx.0.1 - 10.xxx.0.126.

how would that look

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
David Salazar Tue, 07/20/2010 - 11:27

You can have a network address like 10.x.0.0/22 (10.x.0.0 - 10.x.3.255 -> 1024 IPs Address)

And you can do a subnetting according to your needs, for example for MAC users you can use 10.x.0.0/25 (10.x.0.0-10.x.0.127)

the other way is using PRIVATE VLAN where you can use all the network segment  and use COMMUNITY VLAN segment the network at Layer2 for MAC Users.

Example:

Vlan 100 -> name Primary (Private Vlan - Primary)
Vlan 110 -> name SecMACUsers (Private Vlan - Community)
Vlan 111 -> name OtherUser  (Private Vlan - Community)

And you can assign ip number with/without sequence.

I hope you helpful

David Salazar Tue, 07/20/2010 - 14:46

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Tabla normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

steps to the private VLAN configuration:

1) Create VLANs on Layer 2 and make specific VLAN mapping.



vlan 200

name SERVERS-A

  private-vlan primary

  private-vlan association 220-222

!

vlan 220

name SERVERS-COMMUN-A

  private-vlan community

!

vlan 221

name SERVERS-COMMUN-B

  private-vlan community

!

vlan 222

name SERVERS-COMMUN-C

  private-vlan community

!

2) Create SVI Interface (Layer 3)

MBO-SW-01#sh run int vlan 200

Building configuration...

Current configuration : 348 bytes

!

interface Vlan200

description +++ Vlan Servidores / CPS MBO +++

ip address 192.168.5.1 255.255.255.0

private-vlan mapping 220-222

end

SW-01#



3) Configure Network Interface Devices for Community Vlan.

SW-01#sh run int g5/12

Building configuration...

Current configuration : 166 bytes

!

interface GigabitEthernet5/12

description SVR-BL02 LAN

switchport private-vlan host-association 200 220

switchport mode private-vlan host

load-interval 30

end

SW-01#sh run int g5/13

Building configuration...

Current configuration : 166 bytes

!

interface GigabitEthernet5/13

description SVR-BL03 LAN

switchport private-vlan host-association 200 220

switchport mode private-vlan host

load-interval 30

end

SW-01#sh run int g5/14

Building configuration...

Current configuration : 166 bytes

!

interface GigabitEthernet5/14

description SVR-BL04 LAN

switchport private-vlan host-association 200 220

switchport mode private-vlan host

load-interval 30

end

This type of setup allows you to save the amount of IPs, since they do not spend for subnetting IP addresses,

Practically no matter if you assign IP addresses sequentially, it is important to belong community since the broadcast is limited to those communities.

At the same time that you force all traffic going to the default gateway which allows for increased security or control over the network.

Actions

This Discussion