07-23-2011 11:12 AM - edited 03-04-2019 01:04 PM
Dear Forum Members,
I have a simple query, hopefully some one can answer.
Is the mapping between Vlan and the subnet one-to-one (unique) or one-to-many i.e. can we have one vlan id (say for example 2217) mapped to multiple subnets (physically on different switches) or it must be mapped to one unique subnet in the whole network.
Regards,
07-23-2011 11:25 AM
It should be one to one.
07-23-2011 01:09 PM
It is best practice to map one vlan to one subnet but there are occasions where that may not be the case -
1) multiple IP subnets mapped to one vlan with secondary ip addressing on the vlan interface. This is usually a temporary measure when for example you are migratng your IP address range or merging with another company. It is generally not a good long term solution
2) 2 vlans mapped to the same IP subnet. This is used when you are running a FWSM (Firewall Service Module) or ACE (Application Control Engine) for example in transparent mode. In transparent mode the device is not a L3 device so the IP subnet on both sides of the device is the same. But you can't use the same vlan on both side because you then get a loop in your network which would cause issues with STP. So you use one vlan one side and one vlan on the other but use the same IP subnet.
But as already mentioned a one-to-one mapping is best practice and makes it easier to manage.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide