Solved: Re: VXLAN - Vlans above 255 on into the thousands, best subnets to use

CiscoBrownBelt · ‎08-10-2018

Just trying to find best practices.

So for VXLAN, if I have let's say vlan 600, what is best subnet IP to use for the SVIs or routing?

Obviosly can't do 172.16.600. I want things to flow so I was thinking 172.16.6.X for 600,

but what is good idea if it was for let's say VLAN 1000 or 6000? I can no longer match 3 octet with VLAN.

Any advice guys?

Ben Walters · ‎08-10-2018

The problem with setting things up logically like this is the inherent waste of addressing and VLANs. You can be super efficient with your subnets and have VLSM networks for everything but it won't be pleasing to look at.

However if you don't always need a /24 for the subnet you can break them down into /27 (8 subnets) or /28 (16 subnets) and fill in the VLAN gaps if you wanted to.

I will give you both examples based on VLAN 256

The base subnet would be 10.0.25.x if you wanted to use /27 subnets to fill in the gaps it would look like this, but you couldn't get right to 259 this way.

10.0.25.0/27 - 250

10.0.25.32/27 - 251

10.0.25.64/27 - 252

10.0.25.92/27 - 253

10.0.25.128/27 - 254

10.0.25.160/27 - 255

10.0.25.192/27 - 256

10.0.25.224/27 - 257

Optionally if you wanted to use /28 subnets to fill in the gaps it would look like this but you wouldn't utilize the entire /24 address space.

10.0.25.0/28 - 250

10.0.25.16/28 - 251

10.0.25.32/28 - 252

10.0.25.48/28 - 253

10.0.25.64/28 - 254

10.0.25.80/28 - 255

10.0.25.96/28 - 256

10.0.25.112/28 - 257

10.0.25.128/28 - 258

10.0.25.144/28 - 259

View solution in original post

Ben Walters · ‎08-10-2018

I don't know of any best practices guides on subnet and VXLAN assignment but if you are looking to set a standard within your team or company you can come up with something that makes sense logically.

Personally if you are talking VLANs in the thousands I would move to the 10.x.x.x private range and only use VLANs in increments of 10

Starting with VLAN 10

10 - 10.0.1.x

20 - 10.0.2.x

...

990 - 10.0.99.x

1000 - 10.1.0.x

This would give you 99 VLANs in the range of 10-990, then increment the 2nd octet and start again in the 1000 range.

Each time you increment the 2nd octet it would give you another 100 VLANs to use and if you go up to 10.255.100.0 that would be 25,600 VLANs that you could use all logically segmented, which seems like more than you would ever need.

Here are some examples

10.15.25.x - VLAN 15250

10.0.15.x - VLAN 150

10.255.97.x - VLAN 255970

You could even break those /24 subnets into smaller ones and fill in the other subnets in the range from 0-9 adding even more VLAN possibilities.

If you are dead set on using the 172.16 range then you could use a similar method but it wouldn't be as obvious just by looking at the subnet or VLAN id

Hopefully this has been helpful or at least gave you some information to consider to come up with a system that works for you.

CiscoBrownBelt · ‎08-10-2018

Awesome this is great!

If 10.0.15.X could be for VLAN 150, what about let's say VLAN 256?

If VLAN 10 = 10.0.1.x what could I use for VLAN 11?

I am trying to think of a way so I don't waste at least too much ip space and having difficulty?

Ben Walters · ‎08-10-2018