Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VLANs and subnet broadcasts.

Correct me if my concept is wrong in this scenario.

Scenario:

1 Router

1 Switch

6 VLANS

VLAN 10 = 10.0.10.0/24

VLAN 20 = 10.0.20.0/24

VLAN 30 = 10.0.30.0/24

VLAN 40 = 10.0.40.0/24

VLAN 50 = 10.0.50.0/24

VLAN 60 = 10.0.60.0/24

1. Broadcasts are not contained in each VLAN because they are on the same subnet. Am I right or wrong?

2. If I am wrong, changing the subnetting scheme to VLSM will contain the broadcasts in each VLAN? Am I right or wrong?

Question

A. How will I contain broadcasts in a VLAN using the IP scheme above? Is there some sort of access-list configuration for each vlan? If there is, can you give me the configuration commands for it? The only command I know is allowing ALL VLANs to connect to the trunk.

  • LAN Switching and Routing
Everyone's tags (5)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Purple

Re: VLANs and subnet broadcasts.

   Thats incorrect , each vlan is its own broadcast domain. The broadcast boundary stops at the router interface . So if you have 6 vlans on the switch going to a router you run a trunk from the switch to the router  each encapsulated with its own vlan id .  So say a broadcast in vlan 10 will not be seen in say vlan 20 .   Subnetting has nothing to do whether its broadcast is contained in its own subnet.  What you are showing is router on a stick and each vlan you show would be in its own broadcast domain.

Hall of Fame Super Blue

Re: VLANs and subnet broadcasts.

jlajuarez wrote:

Ooooh. Ok. So having VLANs is already a good basic way to contain broadcasts and that i do not need any configuration to contain broadcasts on vlans. However I would still like to know the configuration commands to prevent a vlan from communicating another vlan.

If you didn't want a vlan to communicate with anything else then simply don't create a L3 vlan interface for that vlan then it can't be routed.

If however you wanted the vlan to communicate with some but not all vlans then use acls eg. from your example -

vlan 10 can talks to vlan 20 & 50 but not vlans 30,40 & 60

access-list 101 deny ip 10.0.10.0 0.0.0.255 10.0.30.0 0.0.0.255

access-list 101 deny ip 10.0.10.0 0.0.0.255 10.0.40.0 0.0.0.255

access-list 101 deny ip 10.0.10.0 0.0.0.255 10.0.60.0 0.0.0.255

access-list 101 permit ip 10.0.10.0 0.0.0.255 any

int vlan 10

ip access-group 101 in

Jon

8 REPLIES
Purple

Re: VLANs and subnet broadcasts.

   Thats incorrect , each vlan is its own broadcast domain. The broadcast boundary stops at the router interface . So if you have 6 vlans on the switch going to a router you run a trunk from the switch to the router  each encapsulated with its own vlan id .  So say a broadcast in vlan 10 will not be seen in say vlan 20 .   Subnetting has nothing to do whether its broadcast is contained in its own subnet.  What you are showing is router on a stick and each vlan you show would be in its own broadcast domain.

New Member

Re: VLANs and subnet broadcasts.

Ooooh. Ok. So having VLANs is already a good basic way to contain broadcasts and that i do not need any configuration to contain broadcasts on vlans. However I would still like to know the configuration commands to prevent a vlan from communicating another vlan.

Hall of Fame Super Blue

Re: VLANs and subnet broadcasts.

jlajuarez wrote:

Ooooh. Ok. So having VLANs is already a good basic way to contain broadcasts and that i do not need any configuration to contain broadcasts on vlans. However I would still like to know the configuration commands to prevent a vlan from communicating another vlan.

If you didn't want a vlan to communicate with anything else then simply don't create a L3 vlan interface for that vlan then it can't be routed.

If however you wanted the vlan to communicate with some but not all vlans then use acls eg. from your example -

vlan 10 can talks to vlan 20 & 50 but not vlans 30,40 & 60

access-list 101 deny ip 10.0.10.0 0.0.0.255 10.0.30.0 0.0.0.255

access-list 101 deny ip 10.0.10.0 0.0.0.255 10.0.40.0 0.0.0.255

access-list 101 deny ip 10.0.10.0 0.0.0.255 10.0.60.0 0.0.0.255

access-list 101 permit ip 10.0.10.0 0.0.0.255 any

int vlan 10

ip access-group 101 in

Jon

New Member

Re: VLANs and subnet broadcasts.

Jon,

Thank you so much for that input. Do you happen to have a complete list of those configuration commands? I've been scouring the web but i don't find the ones i am looking for. I mean, i did find vlan configuration commands, but i do not think i have come across the access list command that you showed. Do you have a copy of those commands or do you know where i could find them?

Hall of Fame Super Blue

Re: VLANs and subnet broadcasts.

There are configuration guide and command references for all types of switches and also standard IOS configuration guides and command references on the Cisco web site.

Which switch are you using, and i will point you to the config and command references for this device ?

Jon

New Member

Re: VLANs and subnet broadcasts.

Oh I'm sorry. I was just practicing in packet tracer. Wait so you mean to say some switch have different configuration commands? I am not very keen on the technology of switches and routers. I mean, i just finished ccna 2 and will be proceeding with ccna 3. I do not have much knowledge when it comes to the products that cisco manufactures let alone the features of the ios. But i am reading a lot in order to learn more. Thank you so much for that input.

Hall of Fame Super Blue

Re: VLANs and subnet broadcasts.

jlajuarez wrote:

Oh I'm sorry. I was just practicing in packet tracer. Wait so you mean to say some switch have different configuration commands? I am not very keen on the technology of switches and routers. I mean, i just finished ccna 2 and will be proceeding with ccna 3. I do not have much knowledge when it comes to the products that cisco manufactures let alone the features of the ios. But i am reading a lot in order to learn more. Thank you so much for that input.

Well some switches can run an OS called CatOS (eg the 6500 can run this) and that is a whole different set of commands.

However most switches run IOS (and the 6500 can run pure IOS too) and so the commands are often the same. However you are often configuring different things on a router than a switch eg. on a switch it is far more common ot configure vlans, switchports, spanning-tree etc. whereas on routers this is a lot less common (unless the router has an inbuilt switch).

But there are significant differences sometimes between the same thing on a switch or a router. QOS is a very good example. Routers use a standard QOS command set because routers generally do all things in software. Switches however do a lot of things in hardware and have dedicated ASICs to do this. This can have a significant effect on how things are implemented. QOS on switches is to be perfectly honest, a pain to configure as not only does QOS vary between switches and routers, it also varies from switch model to switch model as each switch has different capabilities.

Having said that, most of the commands between switches are the same ie. if you know how to setup vlans and inter-vlan routing on a 3560 then you can set it up on a 6500.

Jon

New Member

Re: VLANs and subnet broadcasts.

Ok. thank you so much for your time, Jon.

2799
Views
10
Helpful
8
Replies
This widget could not be displayed.