07-20-2010 10:52 AM - edited 03-04-2019 09:07 AM
I have a subnet 10.xxx.0.1/22 (10.xxx.0.1 to 10.xxx.3.254)
now i would like to take a portion of the network for some Mac users, 10.xxx.0.1 - 10.xxx.0.126.
how would that look
07-20-2010 11:27 AM
You can have a network address like 10.x.0.0/22 (10.x.0.0 - 10.x.3.255 -> 1024 IPs Address)
And you can do a subnetting according to your needs, for example for MAC users you can use 10.x.0.0/25 (10.x.0.0-10.x.0.127)
the other way is using PRIVATE VLAN where you can use all the network segment and use COMMUNITY VLAN segment the network at Layer2 for MAC Users.
Example:
Vlan 100 -> name Primary (Private Vlan - Primary)
Vlan 110 -> name SecMACUsers (Private Vlan - Community)
Vlan 111 -> name OtherUser (Private Vlan - Community)
And you can assign ip number with/without sequence.
I hope you helpful
07-20-2010 02:46 PM
steps to the private VLAN configuration:
1) Create VLANs on Layer 2 and make specific VLAN mapping.
vlan 200
name SERVERS-A
private-vlan primary
private-vlan association 220-222
!
vlan 220
name SERVERS-COMMUN-A
private-vlan community
!
vlan 221
name SERVERS-COMMUN-B
private-vlan community
!
vlan 222
name SERVERS-COMMUN-C
private-vlan community
!
2) Create SVI Interface (Layer 3)
MBO-SW-01#sh run int vlan 200
Building configuration...
Current configuration : 348 bytes
!
interface Vlan200
description +++ Vlan Servidores / CPS MBO +++
ip address 192.168.5.1 255.255.255.0
private-vlan mapping 220-222
end
SW-01#
3) Configure Network Interface Devices for Community Vlan.
SW-01#sh run int g5/12
Building configuration...
Current configuration : 166 bytes
!
interface GigabitEthernet5/12
description SVR-BL02 LAN
switchport private-vlan host-association 200 220
switchport mode private-vlan host
load-interval 30
end
SW-01#sh run int g5/13
Building configuration...
Current configuration : 166 bytes
!
interface GigabitEthernet5/13
description SVR-BL03 LAN
switchport private-vlan host-association 200 220
switchport mode private-vlan host
load-interval 30
end
SW-01#sh run int g5/14
Building configuration...
Current configuration : 166 bytes
!
interface GigabitEthernet5/14
description SVR-BL04 LAN
switchport private-vlan host-association 200 220
switchport mode private-vlan host
load-interval 30
end
This type of setup allows you to save the amount of IPs, since they do not spend for subnetting IP addresses,
Practically no matter if you assign IP addresses sequentially, it is important to belong community since the broadcast is limited to those communities.
At the same time that you force all traffic going to the default gateway which allows for increased security or control over the network.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: