cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1401
Views
13
Helpful
3
Replies

VLAN design question

gastonbrown
Level 1
Level 1

                   Currently we are using a flat network schema for our LAN.  Due to adding a new Cisco VoIP phone systems and some design limitations we are looking to move to using VLAN's and changing our internal IP scheme. 

I am looking at basically using a 10.200.x.x/16 (This falls inline with how our sister companies are setup as they are using 10.167 and other 10.x.x.x networks below that)  setup and each network under the 10.200 is it's own VLAN.  This would make it easy for converting IP's to VLAN's for reference.

We have about 450 devices on the LAN now across 3 and soon to be 4 locations so being able to designate networks to locations would be great as well.

Any drawbacks to using a design like this or should I look at something else?

3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

What you have described so far sounds good. You do want to implement something that is consistent with sister companies. And being able to identify locations by address used is certainly helpful.

HTH

Rick

HTH

Rick

darren.g
Level 5
Level 5

gastonbrown wrote:

                   Currently we are using a flat network schema for our LAN.  Due to adding a new Cisco VoIP phone systems and some design limitations we are looking to move to using VLAN's and changing our internal IP scheme. 

I am looking at basically using a 10.200.x.x/16 (This falls inline with how our sister companies are setup as they are using 10.167 and other 10.x.x.x networks below that)  setup and each network under the 10.200 is it's own VLAN.  This would make it easy for converting IP's to VLAN's for reference.

We have about 450 devices on the LAN now across 3 and soon to be 4 locations so being able to designate networks to locations would be great as well.

Any drawbacks to using a design like this or should I look at something else?

I've done similar in the past - make the second octet of the 10.0.0.0/8 address space a "site" identifier, assign the relavent /16 to the site, and then subnet the /16 down to /24's (or smaller) as required.

You could go one step further, since you've spread across several sites. Second octet (10.200.0.0) is the "Company ID", the first group of 32 subnets from the third octet (10.200.0.0 through 10.200.31.0) are Site A broken into /24's, the second group of 32 subnets (10.200.32.0 through 10.200.63.0) are Site B and so on.

Gives you heaps of address space per site (32 * /24 ranges, each in its own VLAN if you like), and room for more sites (8 groups of 32 subnets per site) if you need them. Keeps it logical, and you can immediately look at a subnet and say "That's at Site X".

Cheers

nikolasgeyer
Level 1
Level 1

To meet your requirements, I would agree with a schema like darren.g has posted.

A practical example of how you could break it up (working under the assumption you had 100 desktops and 100 phones at each site - extrapolate to meet your requirements) could look like;

10.200.0.0/16 becomes the company wide subnet. Break this up into /20's and allocate one to each site, for example;

  • 10.200.0.0/20 becomes the subnet for Site-A
  • 10.200.16.0/20 becomes the subnet for Site-B
  • 10.200.32.0/20 becomes the subnet for Site-C
  • 10.200.48.0/20 becomes the subnet for Site-D

Once each site subnet has been allocated, break it down into individual subnets to meet the site's requirements, ensuring you remain consistent across sites. For example, use the first subnet for workstations and the second subnet for phones;

  • 10.200.0.0/24 becomes the workstation subnet at Site-A
  • 10.200.1.0/24 becomes the phone subnet at Site-A
  • 10.200.16.0/24 becomes the workstation subnet at Site-B
  • 10.200.17.0/24 becomes the phone subnet at Site-B
  • Repeat the same for Site-C and Site-D

A nice hierarchical subnet schema provides many benefits including route aggregation/summarization and reducing complexity for network administration (e.g. staff now know anything at 10.200.0.0/20 belongs to Site-A, anything 10.200.16.0/20 belongs to Site-B and so on).

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco