cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1103
Views
8
Helpful
5
Replies
Highlighted
Beginner

CIDR and /24 Network

Hello Gents,

Question with IP addressing on a small network. I have a small switch network which was setup by a predecessor. He used 10.155.11.0/24 for the management network on VLAN 1 using SVI's on the 3750 switches and for a couple of other devices (firewalls).

I know this is a class A address with C subnet. Why would the IP scheme been chosen if any reason?

i need to change the management VLAN from 1 to something else, as well as the native VLAN to something else. (cisco best practice)

The problem im anticipating is when the network grows larger than 254 hosts, I will run out of IP's. There is a plan to have switches cross connected to each other in USA, London and Dublin with at least 25 switches in every location.

Am I worried about nothing? If not
How can I address this issue properly? Currently there are only 4 IP's i would need to change if required during a maintenance window.

Can I use CIDR or is this totally off tangent?

Thanks in advance!

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Hello Amar,

the main reason for having separated management Vlans is to have better control so speaking of network becoming bigger may be out of context.

taking multiple IP subnets from 10/8 simply means:

for example

10.10.100.0/24 for Dublin

10.10.101.0/24 for London

10.10.102.0/24 for New York

but this  may be fine or not.

A good addressing plan calls for assigning address blocks to each location, the management IP subnet of each location can be taken from that block OR it can be part of a dedicated block used for the locations like in the example above.

The routing protocol allows for both options to be used, so it is left to you to decide if it is better to use a subnet taken from location's block or ot use a subnet taken from a management IP address block.

Hope to help

Giuseppe

View solution in original post

5 REPLIES 5
Highlighted
Hall of Fame Master

Hello Amar,

the choice of a /24 IP subnet is typical also when using private IP address taken from RFC 1918.

I would rather think of using a different management IP subnet for each location, instead of using a larger /23 or /22 IP subnet.

If you are not using a very old routing protocol like RIPv1 or IGRP you can use subnets with different subnet mask (VLSM). CIDR is the supernetting used in internet routing but the concept is the same the ability to use different subnet masks.

It makes sense to have a management Vlan/IP subnet for each campus network, otherwise you need to extend the vlan over the WAN links.

I agree that nowdays with the wide availability of EoMPLS or VPLS services this vlan extension is not difficult to achieve but network segmentation and broadcast control is a value also for network management traffic.

Example: if an issue arises in dublin with multiple ip subnets it is confined there otherwise the risk is to fill WAN links with the results of a broadcast storm.

If the network has become bigger and you have multiple locations I would use multiple /24 IP subnets taken from 10/8 one for each location.

For 802.1Q trunks I would suggest to use as native vlan a vlan that you are not actually using with no L3 services on it as reported in security best practices.

Hope to help

Giuseppe

Highlighted

Thanks Giuseppe

I understand all but this:

"If the network has become bigger and you have multiple locations I would  use multiple /24 IP subnets taken from 10/8 one for each location."

Please can you elaborate?

Highlighted

Hello Amar,

the main reason for having separated management Vlans is to have better control so speaking of network becoming bigger may be out of context.

taking multiple IP subnets from 10/8 simply means:

for example

10.10.100.0/24 for Dublin

10.10.101.0/24 for London

10.10.102.0/24 for New York

but this  may be fine or not.

A good addressing plan calls for assigning address blocks to each location, the management IP subnet of each location can be taken from that block OR it can be part of a dedicated block used for the locations like in the example above.

The routing protocol allows for both options to be used, so it is left to you to decide if it is better to use a subnet taken from location's block or ot use a subnet taken from a management IP address block.

Hope to help

Giuseppe

View solution in original post

Highlighted
Contributor

Hello!

Since I don't know how big it's your network or the topology, I can only give some advices based on my experience.

Take any private subnet x.x.x.x /23, if you are worried about not having enough space. Then on each device assign one loopack (routers) or vlan interface (switches) for management and take one IP from the /23 and assign it on the interface with /32

This will be your management IP addresses.

Then take another larger network (let's say again /23) and split it in /30 subnets.  This will be the point-to-point IP addresses to be used between 2 devices (over this you can use any IGP protocol). In this IGP protocol, you make sure to advertise the management IP addresses (the ones from previous step). In this way, if a device has redundant connection to the network your are not worried about loosing management connection in case one of the links has a failure.

Like I said, I don't know anything about your network, but this would be a good approach having in mind future network development. I just guess that your predecessor, took a class A network in the idea that you expand it easier to fit your needs.

Let me know if you have any other concerns.

Calin

Highlighted
Beginner

Thanks guys,

You have both been a help!

Content for Community-Ad