VLAN Advice

hybrid

hybrid

hybrid

Associate
Joined
18 Nov 2003
Posts
1,311
Location
Newcastle
Not sure how many people here have much exprience with VLANs but here goes...

Basically we have a network which we need to be split into 3 seperate VLANs. Is it best to give each network a totally different IP range and subnet, or keep the subnets the same? From time to time traffic will need to access different VLANs to retrieve data from another server.

We have layer 3 switches (HP 5308XL's) so im hoping this can safely route the traffic between the networks.

Any help would be great. :)
 
Different subnet for each vlan is the only logical way to do it, especially given that you are going to want inter-vlan access.
 
Thats the way i was going to start doing them. But then reading on the HP website on one of the PDFs it states...


name "VLAN100"
ip address 10.10.100.1 255.255.255.0


name "VLAN200"
ip address 10.10.200.1 255.255.255.0

Seems like in that example they have them both on the same subnet too.

Confusing that part. :S
 
hybrid said:
Thats the way i was going to start doing them. But then reading on the HP website on one of the PDFs it states...


name "VLAN100"
ip address 10.10.100.1 255.255.255.0


name "VLAN200"
ip address 10.10.200.1 255.255.255.0

Seems like in that example they have them both on the same subnet too.

Confusing that part. :S
Click to expand...

They are different subnets!
 
You have to ask yourself though, do you want to implement vlan's if you don't really understand the addressing side of it? They can become troublesome.

How many hosts on each network segment? Do you have to use a /24 mask?
 
your going to need a router to allow communication between the vlans arn't you? or do layer 3 switches provide that? e.g sub-interfaces and trunking.
 
brocksta said:
your going to need a router to allow communication between the vlans arn't you? or do layer 3 switches provide that? e.g sub-interfaces and trunking.
Click to expand...

Layer 3 switches will route. Trunking and sub interfaces aren't needed for routing between vlan's.
 
1. Well on one VLAN we will have roughly ~340 machines.
2. On the other we have 20 for admin use.
3. Then another for a wireless DMZ.



At present they are all using the same DHCP server so we hope to seperate these so all 3 VLANs have their own independent DHCP servers.

The IP Structure at the moment is using the 172.16.0.x range and the subnet of 255.255.0.0.

What would be the best IP structures for all seperate VLANs?
 
Its entirely your call, it really is down to preference.
Assuming you dont have any networks that clash at the other side of a VPN, stick with the 172 ranges, so for example:

172.16.1.x/24
172.16.2.x/24
172.16.3.x/24

As the others have said, you need to understand ip addressing/subnetting before embarking on something like this to be fair.

You will need a layer 3 device to do inter-vlan routing as pointed out above, and yes the layer 3 switch you have should do nicely.

You also dont necessarily need a DHCP server for each subnet. Cisco kit has a feature called "ip helper" which basically acts as a relay for DHCP traffic. Maybe the HP kit has the same thing?
 
VLAN1 is going to have more than 254 hosts though. It should be alright to use 172.16.1.x/22 for this one wouldnt it?

I'd rather keep this so we have a nice amount of room for expansion.

But would it work?

Also, we were thinking about giving each VLAN a different IP range altogether to distinguish the networks easily from each other. Would this cause any problems even if they were on totally different ranges and subnets?

Yes i know this is the deep end but any help is mostly appreciated.
 
The range 172.16.1.x/22 would give you 1022 hosts so plenty of room for expansion.

Have you considered Supernetting?
 
You could go whole hog and give them a /16 if you really wanted, although i would say that is overkill.

The reason i went for contiguous ranges is for the purpose of route summarization further down the line, but thats going to complicate the discussion i think.

Yes you could use 172.16.1.0/22 but remember that you are now making 172.16.2.x and 172.16.3.x unavailable for your second and third Vlans and will need to readdress accordingly.
 
Yup thats not a problem. :)

Thanks very much for the help Rich.

The way I am wanting to do it with different IP ranges and subnets would this make inter-vlans more difficult to setup at all?

So for example...
VLAN1 = 172.16.1.x/22
VLAN2 = 172.16.4.x/24
VLAN3 = 10.0.0.x/23

There will be quite a bit inter-vlan communication between VLAN1 and VLAN2.

Layer 3 routing in our switches should be able to handle those inter-vlans configs fine shouldnt it?
 
I would have thought so (it would be silly if it didnt), but im a Cisco guy, not HP, so im not best placed to comment on that im afraid!

Good luck!


Edit: Yes the different Vlans numbered as you posted will be fine, and will be no different to using contiguous ranges.
 
Easier not to split up the 300+ network if he wants them to communicate with each other easily.

Why do you want to use different size subnets? As rich said, I would just keep it simple and use:

VLAN1 = 172.16.1.x/22
VLAN2 = 172.16.4.x/22
VLAN3 = 172.16.8.x/22

Subnet mask of 255.255.252.0 will allow you 1022 IPs per network

Have fun
 
Why exactly are you proposing to split the network into 3 vlans? Also if you have a large number of hosts communicating between vlans then its more than possible that the layer 3 switch will be a bottleneck. You might want to consider a backlan using multihomed servers for those machines in vlan 1 which need to communicate with vlan 2.
 
You must log in or register to reply here.
Back
Top Bottom