cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5221
Views
15
Helpful
13
Replies

When calculating number of hosts for subnetting, should I include in that number routers and switches?

b52429
Level 1
Level 1

Hello,

I have to design a network for an assessment, just to be clear I am not looking for the answer given there are umpteen ways to skin a network cat just need to get some clarity in my head with regards counting how many IP addresses I need per subnet.

 

I understand subnetting but what is driving me crazy in is when I work out how many IP addresses I need per subnet (I have to be careful not to be wasteful with my IP addresses) depending on number of users and things such as switches and routers.

 

So say I have a building with 4 VLANS and 20 users per VLAN, and 1 switch per VLAN would I have to include in how many IP address I need the number of switches. So 20 IP address per host, plus 1 IP address per Switch and IP addresses for my router?

 

I have my topology worked out based on what I have to work with in regards to switches and routers etc. So as I said just clarification.

1 Accepted Solution

Accepted Solutions

luis_cordova
VIP Alumni
VIP Alumni

Hi @b52429 

 

At times, the hosts indicated include the IP of the switch and the router interface that is used as the gateway.

But, if you have 20 PCs, then the sum would be something like this:

20 PCs = 20 Host
1 Switch = 1 Host (this IP will be used to manage the L2 switch through a vlan interface).

1 router interface = 1 Host (this IP will be used to be the gateway of this network).

 

The total would be 22 Host = Valid IPs.

 

Regards

View solution in original post

13 Replies 13

luis_cordova
VIP Alumni
VIP Alumni

Hi @b52429 

 

At times, the hosts indicated include the IP of the switch and the router interface that is used as the gateway.

But, if you have 20 PCs, then the sum would be something like this:

20 PCs = 20 Host
1 Switch = 1 Host (this IP will be used to manage the L2 switch through a vlan interface).

1 router interface = 1 Host (this IP will be used to be the gateway of this network).

 

The total would be 22 Host = Valid IPs.

 

Regards

Thanks for the quick answer it is what I was thinking given I will assign an IP to my router and switches.

This has put my mind at rest.

omz
VIP Alumni
VIP Alumni

Hi 

where is inter-vlan routing .. switch or router?

how do 4 switches connect to the router .. direct on 4 interfaces?

There are layer 3 switches in the mix to allow inter-vlan routing. But thanks for the response. I'm new to this and feeling a bit stupid about it all. Anyway back to work.

When you have L2 switches hosting multiple VLANs, generally they only needs one IP to manage them (often your choice of which VLAN network to use, which might include a "special", or dedicated, VLAN just for management of network devices). I.e. you don't need an IP from every VLAN hosted by the L2 switch.

L3 switches or routers providing gateways to user VLANs need an IP, per VLAN, for that purpose (as already noted in the other posts). Additionally, though, both might also too have a "special" or dedicated IP just for management (generally using a loopback interface), that doesn't use an IP from any of the VLANs. BTW, the network prefix address block for these addresses can be an /32.

A L3 switch or router, of course, might have IPs on "routed" links (which could be VLAN based), often (at least logically) p2p which might be able to use a /31 prefix address block or (historically) a /30 prefix address block.

Hi thanks for answering.

 

So just to be clear, my L3 switch (Sw1) into which I have two L2 switches connecting into, Sw2 = Vlan 10 and Sw3 = Vlan 20

It is there (Sw1) that I would have my IP addresses for each Vlan.

E.g. Vlan 10 - 172.16.0.1 255.255.255.192, beginning of first subnet

       Vlan 20 - 172.16.0.65 255.255.192, beginning of the second subnet

 

On the other side of the L3 switch is a router to connect to an L2 switch which connects to the router which allows access to the outside world. Is this overkill? Shall I just connect the L3 switch straight to the aforementioned L2 switch?

 

 

Yes, assuming you have SVI defined on the L3 switch, SW1, that's where the gateway (one IP addresses, i.e. your .1 and .65) would be defined for VLANs 10 and 20.

As to the router and 3rd L2 switch, that depends how secure you want to be. Assuming this switch is on the Internet side of the router, the router probably offers better security than the L3 switch.

But I'm stuck with IP overlap now. 

Subnet 1 is from 172.16.0.1 to 172.16.0.62 useable with a 255.255.255.192 mask

Subnet 2 is from 172.16.0.65 to 172.16.0.126 useable with a 255.255.255.192 mask

Blue is my IP range for the router to the outside world L2 switch 172.16.2.32 / 29

My Gig0/1 IP is as shown but when I try to assign my VLAN10 and VLAN20 Ip addresses I get told they over lap with Gig0/1

This is confusing me. Should Gig0/1 sit outside of both VLAN10 and 20, also should the router attached to L3 switch be in the blue subnet?

 

NetworkCapture.PNG

 

 

Your diagram shows your L3 switch's g0/1 with 172.16.0.3, which does overlap with VLAN 10's network.

Normally yes, g0/1, assuming its a routed p2p link IPs should be "outside" VLANs 10 and 20. You can use a /30 or /31 in a different IP prefix block (e.g. 172.16.0.128/30 or /31). Also the blue subnet would not normally be attached to the L3 switch, unless you don't need router1.(?) (For the latter, your L3 switch could take the place of router1, assuming router1 is only connecting the two shown links and isn't doing anything special on it [like running the firewall feature set]).

Thanks for helping. I will practice with this. However for the time being I have changed tack. I appreciate all the help I have received so far.

 

My topology changed so I have got rid of the L3 switches, gone to L2 switches and router on a stick for each building, (I understood setting that up better to be honest and I have a deadline) each buildings VLANs work great, all hosts in each building can talk to each other inter-VLAN.

 

The final part is I have an L2 switch connected to my main router to the outside world, then each buildings router connects into this L2 switch. The main router, the main switch and the ports on each buildings router connecting to the main switch are in their own small subnet.  Of course each buildings router can ping each other just fine, but I can ping between hosts from different buildings. I get a "Destination host unreachable". I suspect this is due to my L2 Main Switch. Should I just change this for an L3 switch or do I have to make the Main Switch and Main Router a super router on a stick to get everything to talk? That last one seems to me to be problematic.

NetworkCapture1.PNG

BTW, for most modern LANs (100 Mbps or gig), small routers only offer a (sometimes very) small fraction of the throughput capacity on most L3 switches. I.e. Generally, I would keep the L3 switch (replace the central 2960 with it and also eliminate all the branch routers). However, if have lots of VLAN to VLAN traffic within the branches, and the hub to branch link is "slow", using small routers at those branches might be better. (Don't know if that's the case here.)

As far as your topology having issues, what you have should work just fine (logically). Are your routers all running a routing protocol (with all network defined attached to each router)? If not (if you're using static routing), all the routers need to have static routes (and a default) defined for all the non directly attached networks.

Each buildings network is a router on a stick and they are working really nicely so don't want to get rid of them, don't want to fix what isn't broken. So it is the getting them to the outside world.

The routers have the IPs address assigned to each port as required.

I was looking at an L3 switch to replace the 2960 but got confused when looking at how to set it up.

 

My understanding is that each building connecting to the L3 3560 switch would be treated as its own VLAN, so building 1, VLAN 5, building 2 VLAN 6 so on and so forth, which would then be more straight forward to connect to the core router to the outside world. Am I correct in this?

If you want, you can configure a L3 switch as just a L2 switch, or L2 and L3. I.e. it can replace your shown 2960 and operate just as it would and allow you to start to incrementally use it as a "router".

Yes, if you have the L3 switch in the "hub", you could run just a single VLAN to each spoke, or if there's a switch there that supports VLANs, you can "trunk" (i.e. have multiple VLANs) to each spoke (somewhat like your router on a stick).

Unless your 4331 is doing something the L3 switch cannot, you might be able to have a L3 switch do it all.

To get to the "outside" world, each router will need a default route toward the "outside".

If you have networks across more than one router, then the routers need static routes to those distant (i.e. on the other side of the next router) networks.

e.g.
192.168.1.1/24 [rtr1] 192.168.2.1/30 <> 192.168.2.2/30 [rtr2] 192.168.2.5/30 <> 192.168.2.6/30 [rtr3] 192.168.3.1/24

rtr1:
ip route 192.168.2.4 255.255.255.252 192.168.2.1
ip route 192.168.3.0 255.255.255.0 192.168.2.2
rtr2:
ip route 192.168.1.0 255.255.255.0 192.168.2.1
ip route 192.168.3.0 255.255.255.0 192.168.2.6
rtr3:
ip route 192.168.2.0 255.255.255.252 192.168.2.5
ip route 192.168.1.0 255.255.255.0 192.168.2.5