cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1027
Views
10
Helpful
13
Replies

Vlan Addressing Advice

Ammit
Level 1
Level 1

Hay Guys

 

   Please refer to the attached image for the design of my network.

In brief its;

 

2 x L3 switches, one active and one standby using HSRP.

3 x L2 switches coming from the L3 switches. Each L2 is its own floor (e.g. Floor 1, Floor 2 etc..)

3 x Vlans, 10,20, & 30.

 

    The L3 switch is configured with 3 SVI address as 10.0.1.1, 10.0.2.1, 10.0.3.1 with the 10.0.X.1 being the vlan a host is on. I can communicate between hosts and across vlans.

 

     My thought is I am not sure if this is an appropriate addressing scheme, my idea is could I have;

10.1.1.1 to represent floor 1 vlan 10

10.2.1.1 to represent floor 2 vlan 10

10.3.2.1 to represent floor 3 vlan 20

 

     Is this possible and even more importantly is it correct to do this, I am assuming if I can do this I would need to create more SVIs on the L3 switches?

 

Thanks

1 Accepted Solution

Accepted Solutions

One thing is that you would not have multiple SVIs on the layer 2 switches. The layer 2 switch would have multiple vlans configured and one SVI for management. The multiple SVIs would be on the layer 3 switches.

 

I would suggest a naming approach that ties together the vlan and the floor in vlan number and in IP addressing. I would suggest something like this where F identifies floor and V identifies vlan. So for IP subnet we might have 10.F.V.0 and for vlan FV0 if we think of floor as the major organizer or might have  10.V.F.0 for IP and VF0 for vlan if vlan is the major organizer. So your plan might be like

 

                vlan10              vlan20               vlan30

floor 1  10.1.10.0  110  10.1.20.0  120  10.1.30.0  130

floor 2  10.2.10.0  210  10.2.20.0  220  10.2.30.0  230

floor 3  10.3.10.0  310  10.3.20.0  320  10.3.30.0  330

 

HTH

 

Rick

HTH

Rick

View solution in original post

13 Replies 13

burleyman
Level 8
Level 8

Are you talking classroom or real world?

 

Mike

Classroom luckily

I personally like matching the 3rd octet with the VLAN if possible. So if I have VLAN 10 I might use 10.1.10.0/24

Where I worked I made the 2nd octet for the office, 3rd Octet for the VLAN.

 

For the NYC office

10.1.x.x/16 then subnet down by floor

9th floor for data would be 10.1.109.0/24 VLAN 109

9th floor for VoIP would be 10.1.209.0/24 VLAN 209

10th floor for data would be 10.1.110.0/24 VLAN 110

10th floor for VoIP would be 10.1.210.0/24 VLAN 210

 

For Boston Office

10.2.x.x/16 then subnet down by floor

9th floor for data would be 10.2.109.0/24 VLAN 109

9th floor for VoIP would be 10.2.209.0/24 VLAN 209

10th floor for data would be 10.2.110.0/24 VLAN 110

10th floor for VoIP would be 10.2.210.0/24 VLAN 210

 

and so on.

 

So with 16 offices I just needed the help desk to gather 2 things, the IP address and the mac address and I would know exactly what office and floor the person with the issue was located. With the mac address I could find the persons port very quickly.

 

Mike

 

Thanks that's are really clear scheme, one question though if I had a host in vlan 10 on floor one with 10.1.101.X would they be able to communicate with vlan 10 on the second floor 10.1.201.X ?

This is a good question which I sort of addressed in my previous response

 if I had a host in vlan 10 on floor one with 10.1.101.X would they be able to communicate with vlan 10 on the second floor 10.1.201.X ?

If it really is the same vlan 10 on both floors but with different IP addressing that is problematic. Ideally there should be a one to one relationship between vlan and IP subnet. One subnet per vlan and one vlan per subnet.

 

HTH

 

Rick

 

HTH

Rick

The original post suggests a plan which has 3 vlans with users on multiple floors in each vlan and an addressing scheme that uses one octet in the IP address to identify the vlan. This certainly could work. He then asks about a different plan which might have this

10.1.1.1 to represent floor 1 vlan 10

10.2.1.1 to represent floor 2 vlan 10

I would think it would be a problem to have the same vlan 10 on two floors with two IP subnets. But if we change the plan a bit so that each floor/vlan has its own vlan identity then ir works fine. It would be more vlans and more SVIs. But from a support perspective it would be easier to localize if we need to troubleshoot. It just takes creation of more vlans, more SVIs, and more entries in the routing table.

 

HTH

 

Rick

 

HTH

Rick

Great advice thanks as you said from a support perspective it works a lot better I will give this a go thank you.

 

So the approach would be to have an SVI on the L3 switch for each floor, 10.1.X.X, 10.2.X.X & 10.3.X.X and then create Vlans 10-30 on each floor switch?

We need to clarify what you have in mind. When you mention vlan 10 on first floor and vlan 10 on the second floor are these the same vlan 10 ?

 

Remember that a vlan is a broadcast domain. If a PC in vlan 10 on the first floor sends out an arp broadcast it will be forwarded to everything in vlan 10. If there is a PC in vlan 10 on the second floor then it should receive that arp broadcast and the two PC should be able to communicate directly. That is problematic if there are two different subnets involved.

 

Your original plan had 3 vlans and users were identified only by the vlan to which they belong. Your alternate plan is trying to identify by both vlan and by floor. Your drawing shows 3 floors and 3 vlans. My suggestion is that if you want to have the alternate plan that there should be 9 vlans and 9 subnets, and 9 SVIs. That would produce smaller broadcast domains and would make it easier to identify where a user was if we need to troubleshoot something.

 

HTH

 

Rick

HTH

Rick

Right that makes sense now for to do the alternative plan I would have;

 

L3; Core

SVI - 10.1.0.0 255.255.0.0 - Vlan 100

SVI - 10.2.0.0 255.255.0.0 - Vlan 200

SVI - 10.3.0.0 255.255.0.0 - Vlan 300

 

L2; Floor 1

SVI - 10.1.110.0 - 255.255.255.0 - Vlan 110

SVI - 10.2.210.0 - 255.255.255.0 - Vlan 210

SVI - 10.3.310.0 - 255.255.255.0 - Vlan 310

 

Could you confirm my addressing and sub netting, I think I have it wrong maybe going to overlap?

One thing is that you would not have multiple SVIs on the layer 2 switches. The layer 2 switch would have multiple vlans configured and one SVI for management. The multiple SVIs would be on the layer 3 switches.

 

I would suggest a naming approach that ties together the vlan and the floor in vlan number and in IP addressing. I would suggest something like this where F identifies floor and V identifies vlan. So for IP subnet we might have 10.F.V.0 and for vlan FV0 if we think of floor as the major organizer or might have  10.V.F.0 for IP and VF0 for vlan if vlan is the major organizer. So your plan might be like

 

                vlan10              vlan20               vlan30

floor 1  10.1.10.0  110  10.1.20.0  120  10.1.30.0  130

floor 2  10.2.10.0  210  10.2.20.0  220  10.2.30.0  230

floor 3  10.3.10.0  310  10.3.20.0  320  10.3.30.0  330

 

HTH

 

Rick

HTH

Rick

That's great thanks a lot for all your advice I am going to give this a shot. Thanks again.

Only issue I am having is overlapping vlans

sci 110 - 10.1.10.0 255.255.0.0
svi 120 - 10.1.20.0 255.255.0.0

notifies me that vlan 120 overlaps vlan 110?

That is because of the mask that you are using. The mask of 255.255.0.0 says that the first two octets are the network part of the address and the last two octets are for hosts. So you are creating network 10.1 on one interface and trying to create 10.1 on the other interface. I suggest that you change the mask to 255.255.255.0 which gives you 3 octets for network and would solve the overlapping issue. That should work unless you have more than 250 devices in the subnet.

 

HTH

 

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: