Buy or Renew
Buy or Renew
Join the Catalyst Center Onboarding Ask Me Anything event happening now!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
563
Views
0
Helpful
3
Replies

200 Subnets

tpopejr
Level 1
Level 1

‎10-02-2005 06:38 AM - edited ‎03-05-2019 11:38 AM

I'm building the network for a retirement community that may eventually provide internet access to each of the 200 resident suites. To ensure that one resident cannot see any other resident's LAN, I was thinking of breaking each room into a separate subnet but I’m not too versed in ‘supernetting’ and would love an example of how it could be used here.

Also, could a single DHCP server (PIX or Windows Server) be configured to provide addresses to that many subnets? Is that wise?

Currently the system is 100 % catalyst switches with a PIX 515e providing PAT internet for both the staff subnet (inside interface) and the future resident subnet (dmz interface).

Any suggestions?

Thanks,

Tom

Labels:
0 Helpful
3 Replies 3

Georg Pauwen
VIP
VIP

‎10-02-2005 10:25 AM

Hello Tom,

200+ subnets does not sound really scalable, an easier solution would be to configure all the user ports on the switches as protected ports, and hence keep them from accessing each other. Check if the command 'switchport protected' is supported on your Catalyst switches...

Regards,

GP

0 Helpful

tpopejr
Level 1
Level 1
In response to Georg Pauwen

‎10-02-2005 07:38 PM

So...

If I enable the switchport protected on all ports on the 'resident' vlan, they won't be able to see each other but still be able to get an IP address from the PIX DHCP service, right?

That's COOL!!

Will this work across several switches (same VLAN)?

Thank you very much,

Tom

0 Helpful

Georg Pauwen
VIP
VIP
In response to tpopejr

‎10-03-2005 10:35 AM

Hello,

sorry for my late response...the protected port feature limits traffic between ports on the same switch only. I guess that is still better than one separate network per user; you would only need 1 subnet per switch. If you want to use that feature, just make sure that no trunk ports connecting the switches are configured as protected ports, and also not the ports where the DHCP server is connected to...

Regards,

GP

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card