Re: subnet-based VLAN ? (topology attached)

Gideon Goddard · ‎05-16-2018

Hello,

I read that VLAN configuration is related to the port affected of the switch.

So all device connected to this specific port is affected the VLAN configured.

I would call this a "port-based VLAN".

So in a subnet-based VLAN configuration, the switch determines automatically which VLAN the station is affected to due to the IP configuration of the station ?

For example, in my topology, can I configure 2 VLAN without affecting port in the global subnet 192.168.0.0/24:

-one for subnet 192.168.0.0/26, "guest"

-one for 192.168.0.64/26, "technician"

Don't hesitate if you have questions,

If you have any documentation, it would be kind :)

Thanks :)

Jon Marshall · ‎05-16-2018

A vlan is simply a L2 broadcast domain so I would avoid talking about port vs subnet based vlans as it makes no sense.

Usually each vlan will have an IP subnet associated with it although you can have multiple subnets per vlan or one subnet across two vlans but both of these scenarios are a lot rarer than the one to one mapping of vlan to subnet.

In your network design if you are using 192.168.0.0/26 and 192.168.0.64/26 then you should not then use 192.168.0.0/24 as this overlaps and the switch would not let you configure this.

Jon

Gideon Goddard · ‎05-16-2018

Ok so I can assign a subnet to a VLAN.

The idea is to have 2 VLAN and one subnet per VLAN.

So I split my main network 192.168.0.0/24 into multiples subnet:

- 1 subnet 192.168.0.0/26 dedicated to VLAN guest

- 1 subnet 192.168.0.64/26 dedicated to VLAN technican

- 1 subnet 192.168.0.128/25, no VLAN dedicated

Topology:

Is there risk of overlapping this time ?

thanks

Jon Marshall · ‎05-16-2018

So the subnet 192.168.0.128/25 is used between the switch and the router only ?

If so I assume you are using a L3 port on the switch to connect as you say there is no vlan ?

If that is the case it should work fine.

Jon

Gideon Goddard · ‎05-16-2018

So the subnet 192.168.0.128/25 is used between the switch and the router only ?

-> Yes but it will only host one IP, the router interface connected on the LAN..

I realize It is a waste of IPs..

If so I assume you are using a L3 port on the switch to connect as you say there is no vlan ?

-> Yes it is a trunk port to transport VLAN guest and technician.

What would recommend to me as a logical topology in my situation: I have a global mask at 192.168.0.0/24 and I would like to have 2 VLAN in two separated subnet ?

Jon Marshall · ‎05-16-2018

Your answers contradict what I said.

If you want to use a different subnet between the switch and router then you need to either use another vlan/SVI on the switch or use a L3 routed port.

But you cannot use a trunk with your scenario.

Jon

Gideon Goddard · ‎05-16-2018

Ok I just understand !

If I want to use a trunk port:

- I keep the subnet 192.168.0.0/24

- I configure 2 VLANS in access mode linked each one to port 1 and 2 on the switch

- I use the port 0 in trunk mode

This configuration would work ?

thanks :)