Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1315
Views
0
Helpful
6
Replies

Advice on Subnetting an Existing Network

robertotron007
Level 1
Level 1

‎09-19-2012 03:58 PM - edited ‎03-07-2019 08:58 AM

Hey Guys,

I need some advice on subnetting a network. I work for a medium sized organization and we are experiencing difficulty with broadcasts. We only use vlan 1 so we can hear every broadcast that every device does. We do have vlans used to totally separate some services but we do not subnet the servers, printers, departments, etc. We are using a 10.10.64.0/19 address space and we have to keep that range as we are part of an MPLS network. But we still have a lot to work with.

Does anyone who has subnetted a organization of this size or bigger have any advice? I dont need a how-to because I know how to do all the work. I'm just trying to make a plan to do it and know if it is even feasible.

Would it be be easier to subnet by closet? Should all the printers and wireless APs be in their own subnet? Should a company of this size even subnet?

The network is a little more complicated than below but that is the basic idea.

Thanks in advance!Subnet.jpg

Labels:
0 Helpful
6 Replies 6

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎09-19-2012 05:20 PM

Disclaimer

The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.

Liability Disclaimer

In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.

Posting

A rough rule of thumb remains being careful of host subnets larger than a Class C, or /24, because of broadcasts.  You seem to have sufficient hosts, that yes, subnetting your /19 might be beneficial.

As to how to divide your hosts into subnets, unless I have a functional need to keep certain hosts within the same subnet, I prefer to subnet (and VLAN segmentation) based on physical topology.

PS:

BTW, looking at your topology snippet, I'm also wondering whether some of your "broadcasts" might actually be unicast flooding.

0 Helpful

robertotron007
Level 1
Level 1
In response to Joseph W. Doherty

‎09-19-2012 05:38 PM

You are right but it seems to be the same four servers that keep doing it. The four servers are connected to the same switch. Hundreds of ARP requests and replies per second which cause our network to crash. It doesnt happen very often but often enough to cause problems. I see a lot of SVI interfaces with no ip route-cache on them too.

The problem is the unicast flooding. The broadcasts seem to be legitimate.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to robertotron007

‎09-20-2012 02:02 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

See if the info in http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00801d0808.shtml, especially cause 1, to further confirm.  If this is the situation, can often be mitigated by topology design or ARP/MAC-adr-table timer sync.

0 Helpful

robertotron007
Level 1
Level 1
In response to Joseph W. Doherty

‎09-20-2012 06:06 AM

I dont think these packets are going out to another vlan and coming back. The server is requesting an IP on the same subnet and the servers are all connected to the same switch. Thanks for the info though, it was a good read.

Has anyone else ever subnetting an existing envronment before?

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to robertotron007

‎09-20-2012 06:23 AM

Disclaimer

The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.

Posting

I dont think these packets are going out to another vlan and coming back. The server is requesting an IP on the same subnet and the servers are all connected to the same switch.

Oops - right you are!

I've subnetting existing environments, but the issue you face is subnetting an already in use subnet.  The problem is, new subnets will use valid IPs of the larger existing subnet for their broadcast (and network) subnet IPs.

A couple of ways you might deal with this include: 1st re-IP existing IP hosts into a subnet that also ends on the /19 boundary, i.e. top half of subordinate /20 or top /21, etc.; then allocate smaller subnets in the bottom part of the /19 and re-IP hosts again.  Or, you might, if your equipment supports it, migrate to a "new" subnettted /19 address space that's in a separate VRF while using two-way NAT between the old and new /19 allocations.

0 Helpful

robertotron007
Level 1
Level 1

‎10-03-2012 07:56 AM

Well I figured out one cause of broadcasting. None of the access ports on our network were defined on the switches so everytime a link went up or down it would cause a spanning treee change and the network was flooded. I configured all ports as host ports and that broadcasting has stopped.

What does make this tough is the fact that we have to use the same subnet. If we changed it, I think it would cause a lot of work either way because all of our external partners who rely on our local network via mlps would all have to change their routes to us amongst other things.

Should we even subnet this place? There are over 1000 devices on the network in the same vlan.

I was thinking of making the follow subnets/vlans at least:

  • Server environment vlan
  • Printer vlan
  • Wireless AP vlan
  • I would make a vlan per switch rather than per department. its almost the same thing anyway.

Let me know what you think!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card