Is it possible to have multiple VLANs on the same network, but different subnets?

_Akeem721 · ‎08-18-2015

I want to create a configuration where I have end devices across multiple vlans with the end devices on the same network. I want to use a script to move the devices to desired vlans using port-vlan management on the switch. My goal is to be able to dynamically change the size of my device pool in a specific vlan w/o having to reconfigure IPs or use DCHP.

For the sake of the question, lets say I have two vlans and want all of my end devices on the 192.168.10.0 /24 network. I want to use a router-on-a-stick configuration so I will be using sub-interfaces on a gigabitEthernet port on my router to a trunk port on my switch to handle the routing. Will this work if I configure the sub-interfaces to be in separate sub nets of the 192.168.10.0 /24 network.

i.e.

Interface gigabitEthernet 8.10

enc dot1q 10

ip add 192.168.10.33 /27

exit

Interface gigabitEthernet 8.20

enc dot1q 20

ip add 192.168.10.65 /27

exit

I have a 891F router and SG300 switch if that helps. Also, forgive the syntax for the code, i'm paraphrasing.

Thanks,

Akeem

Jon Marshall · ‎08-18-2015

Your configuration will work but they are separate subnets.

So when you say you want them all on the same IP subnet it's not clear what you mean.

If you just mean you want multiple vlans each with a subnet taken from the same major network of 192.168.10.0/24 then yes it is fine.

If you mean all clients can talk to each other without routing then no but I don't think this is what you are asking.

Can you clarify ?

Jon

_Akeem721 · ‎08-18-2015

Thanks for the reply Jon.

I want the vlans each with a subnet taken from the same major network, just as you said. I am new to networking in general so I'm not sure if this kind of setup is frowned up. Im thinking that with this setup, if I have a PC in each vlan that I can use for management set to the /24 mask i will be able to see all traffic from the end device as soon as it joins the correct vlan. For example, something like bring up the GUI of the device. Is that correct?

Jon Marshall · ‎08-18-2015

if I have a PC in each vlan that I can use for management set to the /24 mask i will be able to see all traffic from the end device as soon as it joins the correct vlan.

Can you clarify exactly what you mean by this because it's still not clear ?

Perhaps use a vlan/IP subnet as an example.

Why would you want a PC in each vlan with a /24 mask ie. what are you expecting to be able to do?

Jon

_Akeem721 · ‎08-18-2015

if I have

Sub-int 8.10:

ip: 192.168.10.33 /27 (ip used for gw to vlan 10)

Sub-int 8.20

ip: 192.168.10.65 /27 (ip used for gw to vlan 20)

*Initital Config before moving devices, both vlans are in separate subnets*

vlan 10:

vlan10_pc: 192.168.10.34 /27

dev 1: 192.168.10.35 /27

dev 2: 192.168.10.36 /27

vlan 20:

vlan20_pc: 192.168.10.66 /27

dev 3: 192.168.10.67

dev 4: 192.168.10.68

*Config after moving devices from vlan20 -> vlan10*

vlan 10:

vlan10_pc: 192.168.10.34 /27

dev 1: 192.168.10.35 /27

dev 2: 192.168.10.36 /27

dev 3: 192.168.10.67 /27(has now been moved to vlan 10)

vlan 20:

vlan20_pc: 192.168.10.66 /27

dev 4: 192.168.10.68 /27

will there be any issues communicating with the new device since it is configured to a different subnet or will the router handle the routing? I want to be able to communicate with the device completely after the migrations, open GUI etc etc.

I apologize if I am not making this clear.

Thanks again for the reply,

Akeem

Jon Marshall · ‎08-18-2015

Yes there will be issues because the PC you have moved will still have it's default gateway set to 192.168.10.65 which means -

1) it won't be able to communicate with anything else in the new IP subnet because it thinks it is on a different IP subnet so it would send it's traffic to it's default gateway but it can't get to that gateway ie. it is in the wrong vlan.

and

2) it won't be able to communicate with any other IP subnet for the same reason.

You could theoretically not set a default gateway on the PCs and rely on proxy arp and that might work ie. would need testing but that is not really a great solution.

Just how many clients are you talking about in total ?

Jon

_Akeem721 · ‎08-18-2015

For this specific test network i'm going to keep the device pool down to 10 devices but the plan is to scale up from there. I was actually just reading up on proxy-arp so i'll give that a try.

I guess another option is to create dhcp pools on the vlans with low lease times, and hopefully the router will be able to give a device a familiar ip when it joins the vlan based on the devices MAC address. This seems like it will get messy very quickly for a larger network though.

I'll give these a try and post my findings. If anyone has any thoughts feel free the chime in.

Akeem

Tshwarelo Joel Mooke · ‎08-19-2015

Hello _Akeem721

A vLAN and A Subnet are always associated together

Normally, 1 IP subnet is associated with 1 layer 2 broadcast domains (VLAN). Every useful VLAN (from an IP perspective) will have an IP network associated with it. VLANs are for creating broadcast domains (different networks(subnets)) at the L2 level. But only PCs on the same VLAN can communicate, unless you have a L3 switch or router, in which case, you will still have to subnet (give the VLANs IP addresses).

VLANs (layer 2) and subnets (layer 3) go hand -n- hand. If you are working on the same device, such as a L3 switch, you have to use a separate VLAN ID for each separate subnet.

Jon Marshall · ‎08-18-2015

Sorry, just reread the post.

The above configuration won't allow you to dynamically change the size of the pool without at least changing the subnet mask on the subinterface.

Jon