What's better a few big subnets or several smaller subnets?
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||
|
Posted by on August 19, 2008, 2:06 pm
Please log in for more thread options I am eventually switching paths to the Inet. I have a 2nd PIX firewall and the connection has tested well through it. Our net is low on ips anyway(we have to use static IP), so I am going to put in a new 2621 router and add a subnet. Right now we have been using 192.168.1.x and 192.168.5.x with a router between. We have a surplus of 3 routers. I was thinking of adding 192.168.11.x for floor 11 and eventually add a 12 and 13 for those floors. This would limit the subnet size to 100 because that is physically how many people are on each floor. The question is, traffic wise, is this better or would I be better off with using an IP with a larger pool (like 172.16.x.x) and put all 300 people and their printers in one subnet? The servers would have to stay 192.168.1.x for a few legacy reasons. What would you folks suggest? thanks for your help. | |||||||||||||
|
Posted by Trendkill on August 19, 2008, 2:22 pm
Please log in for more thread options On Aug 19, 2:06=A0pm, jfal...@socket.net wrote: > of 3 routers. =A0I was thinking of adding 192.168.11.x for floor 11 and
> eventually add a 12 and 13 for those floors. =A0This would limit the > subnet size to 100 because that is physically how many people are on > each floor. =A0The question is, traffic wise, is this better or would I > be better off with using an IP with a larger pool (like 172.16.x.x) > and put all 300 people and their printers in one subnet? =A0The servers > would have to stay 192.168.1.x for a few legacy reasons. =A0What would > you folks suggest? =A0thanks for your help. All depends on requirements, but to be perfectly honest, subnets up to 500 or even 1000 hosts should be absolutely fine. However, different things may change the 'bigger is better' mantra, namely isolating important applications (things like voip). While a voip vlan can also be 255 addresses, you generally don't want that traffic coexisting on the same source/destination networks are generic data traffic. Additionally, I would always plan for some factor of growth. In your case, using 172.16 or 10.x addresses could be fine (or 192.168.x), and I would just keep it simple at /24s. When you get into DC design, you can also begin to use the subnet numbers and the vlan numbers to create a usable schema. Assuming you have a central core, you can do vlans 0-10 are for core DC functions (0 =3D loopbacks, 1 =3D network interfaces, 2 =3D routing, 3 =3D routing, 4 =3D management interfaces, 5 = =3D wintel, 6 =3D nix, etc. Then 10 and up or 20 and up are users or floors, where 21 =3D floor 1, 22 =3D floor 2, etc. The point is, there is no right/wrong way, other than to ensure you have room for growth, and don't over engineer. This also changes if you begin to do distributed layer 3 where your switches are also their own routers, and then you have to start thinking about summarization as you climb up the distribution and core layers. Short answer, use a /25 or /24 and be done with it. No reason to split it up smaller (unless you have limited address space or have special requirements to separate traffic). Conversely, I would not go over a /22. Even if you can support it, I also like to keep similarly sizes subnets to keep it simple/clean, and /22s are not really feasible unless the building has many floors or a very large DC. Lastly, another reason to split up subnets is security. If you need some ports to be locked to just the internet or just internal, that is another reason you may need to split things up a little more. | |||||||||||||
|
Posted by Merv on August 19, 2008, 6:23 pm
Please log in for more thread options
I would use network 10 addressing as it would allow you to put some meaning into the 2nd and 3rd octet should you wish to do that or just assign randomly or sequentially. I would definitely not use 192.168.x.x addressing 10.floor_X.area1.device1 I would always go for smaller subnets for a whole host of reasons / 24 /25 or /26 | |||||||||||||
|
Posted by Scott Perry on August 20, 2008, 9:56 am
Please log in for more thread options
IP address subnetting can get people stuck in a class based mentality. IP address subnets end up getting assigned based on the original Class B and Class C subnets with subnet masks of either 255.255.0.0 or 255.255.255.0. This results in IP address subnets of either 256 addresses or 65536 addresses without much sizing in between. For example: If you have 3 floors of a building, the IP address subnets get divided like this: 10.0.1.0 / 255.255.255.0 - floor 1 LAN for PCs 10.0.2.0 / 255.255.255.0 - floor 2 LAN for PCs 10.0.3.0 / 255.255.255.0 - floor 3 LAN for PCs and then continuing with... 10.1.1.0 / 255.255.255.0 - floor 1 seperate subnet for servers 10.1.2.0 / 255.255.255.0 - floor 2 seperate subnet for servers 10.1.3.0 / 255.255.255.0 - floor 3 seperate subnet for servers and then so on for printers, management devices, etc... Perhaps these 10.0.X.X subnets are used for the common LAN communication, and subnets starting with 10.1.X.X and 10.2.X.X following the same 1,2,3,4,5 numbering in the third octet follow for printer, server, and other subnets on each floor. I like breaking things down into the available sizes in between of 512, 1024, 2048, 4096, 8192, 16384, and 32768. How about this example where all addresses begin with 10.0.x.x: 10.0.0.0 / 255.255.255.128 - floor 1 LAN for PCs, up to 125 10.0.1.128 / 255.255.255.192 - floor 1 for extra systems, up to 61 10.0.1.192 / 255.255.255.224 - floor 1 for non PCs like time clocks, kiosks, etc.., up to 29 10.0.1.224 / 255.255.255.240 - floor 1 servers, up to 13 10.0.1.240 / 255.255.255.240 - floor 1 for router loopback and switches, up to 13 Summarized route for entire floor: 10.0.0.0 / 255.255.254.0 then repeat for each continuing floor: 10.0.2.0 / 255.255.255.128 - floor 2 LAN for PCs, up to 125 10.0.3.128 / 255.255.255.192 - floor 2 for extra systems, up to 61 10.0.3.192 / 255.255.255.224 - floor 2 for non PCs like time clocks, kiosks, etc.., up to 29 10.0.3.224 / 255.255.255.240 - floor 2 servers, up to 13 10.0.3.240 / 255.255.255.240 - floor 2 for router loopback and switches, up to 13 Summarized route for entire floor: 10.0.2.0 / 255.255.254.0 It is not as pretty on the eyes, but allows summarized routing and efficient use of the address space. With only a few floors, memorziation of the IP address prefix for a floor comes rather quickly and is only the concern of the network administrator. I just hate seeing a block of 65536 IP addresses used for a segment with only 100 PCs and a block of 255 IP addresses used for a segment with only 10 hosts, and situtaitons like that. It probably comes from formerly working in a company that owned a Class A address range on the Internet. ----- Scott Perry Indianapolis, IN ----- >
> I would use network 10 addressing as it would allow you to put some > meaning into the 2nd and 3rd octet should you wish to do that or just > assign randomly or sequentially. I would definitely not use > 192.168.x.x addressing > > 10.floor_X.area1.device1 > > I would always go for smaller subnets for a whole host of reasons / > 24 /25 or /26 | |||||||||||||
|
Posted by on August 26, 2008, 11:48 am
Please log in for more thread options
> IP address subnetting can get people stuck in a class based mentality. =
=A0IP
> address subnets end up getting assigned based on the original Class B and
ke
> Class C subnets with subnet masks of either 255.255.0.0 or 255.255.255.0. > This results in IP address subnets of either 256 addresses or 65536 > addresses without much sizing in between. > > For example: > If you have 3 floors of a building, the IP address subnets get divided li= > this:
4,5
> 10.0.1.0 / 255.255.255.0 =A0 =A0 - floor 1 LAN for PCs > 10.0.2.0 / 255.255.255.0 =A0 =A0 - floor 2 LAN for PCs > 10.0.3.0 / 255.255.255.0 =A0 =A0 - floor 3 LAN for PCs > and then continuing with... > 10.1.1.0 / 255.255.255.0 =A0 =A0 - floor 1 seperate subnet for servers > 10.1.2.0 / 255.255.255.0 =A0 =A0 - floor 2 seperate subnet for servers > 10.1.3.0 / 255.255.255.0 =A0 =A0 - floor 3 seperate subnet for servers > and then so on for printers, management devices, etc... > > Perhaps these 10.0.X.X subnets are used for the common LAN communication, > and subnets starting with 10.1.X.X and 10.2.X.X following the same 1,2,3,= > numbering in the third octet follow for printer, server, and other subnet=
s
> on each floor.
ks,
> > I like breaking things down into the available sizes in between of 512, > 1024, 2048, 4096, 8192, 16384, and 32768. > > How about this example where all addresses begin with 10.0.x.x: > 10.0.0.0 / 255.255.255.128 =A0 =A0 - floor 1 LAN for PCs, up to 125 > 10.0.1.128 / 255.255.255.192 =A0 =A0- floor 1 for extra systems, up to 61 > 10.0.1.192 / 255.255.255.224 =A0 =A0 - floor 1 for non PCs like time cloc= > kiosks, etc.., up to 29
itches,
> 10.0.1.224 / 255.255.255.240 =A0 =A0 - floor 1 servers, up to 13 > 10.0.1.240 / 255.255.255.240 =A0 =A0 - floor 1 for router loopback and sw= > up to 13
ks,
> =A0 =A0Summarized route for entire floor: 10.0.0.0 / 255.255.254.0 > then repeat for each continuing floor: > 10.0.2.0 / 255.255.255.128 =A0 =A0 - floor 2 LAN for PCs, up to 125 > 10.0.3.128 / 255.255.255.192 =A0 =A0- floor 2 for extra systems, up to 61 > 10.0.3.192 / 255.255.255.224 =A0 =A0 - floor 2 for non PCs like time cloc= > kiosks, etc.., up to 29
itches,
> 10.0.3.224 / 255.255.255.240 =A0 =A0 - floor 2 servers, up to 13 > 10.0.3.240 / 255.255.255.240 =A0 =A0 - floor 2 for router loopback and sw= > up to 13
ent
> =A0 =A0Summarized route for entire floor: 10.0.2.0 / 255.255.254.0 > > It is not as pretty on the eyes, but allows summarized routing and effici= > use of the address space. =A0With only a few floors, memorziation of the =
IP
> address prefix for a floor comes rather quickly and is only the concern o=
f
> the network administrator. =A0I just hate seeing a block of 65536 IP addr=
esses
> used for a segment with only 100 PCs and a block of 255 IP addresses used
ly
> for a segment with only 10 hosts, and situtaitons like that. =A0It probab= > comes from formerly working in a company that owned a Class A address ran=
ge
> on the Internet.
> > ----- > Scott Perry > Indianapolis, IN > ----- > > > > > > > > > I would use network 10 addressing as it would allow you to put some
> > meaning into the 2nd and 3rd octet should you wish to do that or just > > assign randomly or sequentially. I would definitely not use > > 192.168.x.x addressing >
> > 10.floor_X.area1.device1
>
> > I would always go for smaller subnets for a whole host of reasons =A0/
> > 24 /25 or /26- Hide quoted text - >
> - Show quoted text - Now the really stupid question, would I just put in a 2621 router for each floor to make the jump from one subnet to the 192.168.1.x main network? | |||||||||||||
| Similar Threads | Posted |
| What's better a few big subnets or several smaller subnets? | August 19, 2008, 2:06 pm |
| LocalDirector 430 and subnets | September 28, 2005, 11:18 am |
| ranges vs subnets | January 16, 2006, 4:06 pm |
| Routing between two subnets HELP! | May 5, 2006, 10:03 am |
| Problem with subnets | August 1, 2006, 1:27 pm |
| Question about subnets | January 14, 2007, 1:54 pm |
| Different IP Subnets on a Cisco 827 | March 8, 2008, 2:29 am |
| Bridging two different subnets over IRB (urgent) | August 17, 2005, 7:46 am |
| Pix-501: Multiple subnets on a LAN w/o router? | October 10, 2005, 3:43 pm |
| subnets in access lists... | December 8, 2005, 12:52 pm |
| Cannot add subnets to Cisco ASA VPN tunnel | March 31, 2007, 9:27 pm |
| Redundant links between subnets | June 20, 2006, 11:02 am |
| AS for inter-AS link subnets? | April 17, 2007, 6:07 am |
| Cisco Catalyst 2950 Two Subnets | February 6, 2005, 5:50 am |
| adding multiple subnets to the same VLAN | October 6, 2005, 9:59 pm |
> firewall and the connection has tested well through it. =A0Our net is
> low on ips anyway(we have to use static IP), so I am going to put in a
> new 2621 router and add a subnet. =A0Right now we have been using
> 192.168.1.x and =A0192.168.5.x with a router between. =A0We have a surplu=