1. It seems like the 10.16.1.1-20 and the 10.16.1.21-40 fall within the same 255.255.0.0 IP subnet. In this case saparating these ip addresses with a vlan would totally isolate isolate the machines from one another.
vlan 1 10 .16 .1. 1-20
vlan 2 10 .16 .1. 21-40
these are the same ip subnet.
2. If you meant the subnet 10.16.0.1-20 and
10.17.0.1-20 then they would be seperate broadcast domains but unable to talk to one another without a layer 3 interface for routing. So the answer is no you still wouldnt have full connectivity.
I have done something similar to this, but not exactly what you are looking at.
I use Bay Networks Baystack 350T switches to seperate my vlans behind the router. Normally, I only vlan seperate subnets, but it should also work for vlans inside a subnet. We use this to run a single line into a building and seperate the tenant traffic via vlans to a single interface on a cisco router. I have never gotten a cisco catalyst switch to do the same thing I have seen with Baystack switches. I am not sure if this is because of functionality or inexperience on my part with catalyst switches (probably the latter of the two.)
I would NOT recommend taking this path however. If you want to seperate the 2 networks, I would recommend routing the two segments of the network between two interfaces on a router in two seperate networks. I just believe in presenting all options ;c)
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...