Different subnets on the same switch

Basher · 6 Apr 2007 at 10:52

Hi guys, I have a quick question about the above. Say, for example, I have a simple wetup whereby I have a switch connected to a router. Would it be possible for the devices on my switch to be in different subnets, or would I need a seperate switch for each subnet?

Kind Regards,

James

dangermouse · 6 Apr 2007 at 11:54

You can have different subnets on the same switch

Basher · 6 Apr 2007 at 11:59

In that case, what are the advantages of using a management VLAN on devices rather than a management subnet?

Cheers,

James

csmager · 6 Apr 2007 at 12:17

(I think!) If the switch supports VLANs, it will be able to route between them (or not route, depending on the config)

A bog standard dumb Layer-2 switch (which won't support VLANs) would not be able to route any traffic between the subnets.

Basher · 6 Apr 2007 at 12:25

Yeah i realise that, but say you have a network in a data center and you want the traffic for production systems and traffic for network management, so, SNMP, KVMoIP, iLO, that sort of stuff seperate. I can see two options here, two vlans on a switch, one for production, one for management, or two subnets for the same purpose. What would one offer over the other? Do they not both reduce the broadcast domain or does one offer more/less than the other?

Regards,

James

mdjmcnally · 6 Apr 2007 at 12:33

In a datacenter then you would not be able to have people snoop the management traffic if they were connected to the other VLAN. It also means that packet captures can be smaller as will only get the raw data for the subnet that you are interested in.

If you have broadcast traffic then the traffic will not arrive at all of the devices, just the devices in the same VLAN. All that happens if a broadcast arrives on a different IP subnet is that that NIC grabs the packet, decides is not for itself and then forgets about it. Depending upon the load then this may or may not impact on the devices performance.

It will also reduce the workload on the management interface of the switch as the switch will have to look at all traffic on vlan1 to see if the traffic is for the switch itself or just needs too be forwarded. I have actually had switches become unmanageable from this.

Unless the switch is a layer3 switch it will not route between the two subnets. I have a managble layer 2 switch (dlink) which supports VLANs so just because a switch supports VLANs it doesn't mean that it has the ability to route between them.

Basher · 6 Apr 2007 at 12:43

Hi, yeah I realise the importance of management VLANs got lots of info on this

As for routing between subnets and VLANs this is not required at this switch level as there's a router above to do that.

I'm thinking, like you said the main reason to choose VLAN is that cisco devices listen on the management vlan which is, by default 1. If production traffic is not vlan'd it will also be using vlan 1 so the switch will have to process all of that unneccessery traffic. Soooo either production or management will have to have a seperate VLAN to avoid this, and obviously doing it to management will be much more straight forward.

Does this make sense!?

Cheers,

James

mdjmcnally · 6 Apr 2007 at 12:45

Yes it does.

Basher · 6 Apr 2007 at 12:46

Super duper, perhaps more importantly, is it right!?

Cheers for all the help.

BoomAM · 7 Apr 2007 at 02:28

VLANs annoy me. Not because i dont like them though.
Its because one of the contractors we use for quotes ALWAYS specs VLAN implementation on our network, no matter what we ask for, even if its just to buy a new switch off them! Very annoying.
/rant.