1. Home
  2. Cisco Systems
  3. question on the internal IP address design

question on the internal IP address design

Hi, forks, I have a question on how to design our private IP addresses after we upgrade the network to fiber optics and maintain only one LAN.

We are a local government entity which has three geographical sites currently connected by T1 lines and have subnets as following: Site1: 192.168.1.X/24 Site2: 192.168.2.X/24 Site3: 192.168.3.X/24 We use Cisco routers on the three sites to do internal routing.

At present, we are upgrading bandwidth by replacing T1 with fiber optics. After the upgrade, the three sites will be linked to the ISP via fiber lines directly. The ISP will create one VLAN for us instead of using subnets to segment the network. For the ONLY VLAN, it will contain more than 600 hosts. Therefore a class C IP range won't work for us.

I plan to assign class B IP addresses to the network. For example,

172.16.x.x/22. The subnet mask 255.255.252.0 will offer us 1022 host numbers, which is suitable for us to use.

My question is if I use the IP range 172.16.10.1 - 172.16.13.254, subnet mask 255.255.252.0 for our network devices, will 172.16.10.10 and 172.16.12.100 recognize each other without routing? Since they are within the same subnet mask, my answer is Yes. But I'm not quite sure and hopefully you could give me a confirmation.

Many thanks!

Reply to
szhang3
Loading thread data ...

Yes, they will provided they are in the same network with the same subnet mask. I'm assuming we are talking MPLS here? Your network equipment still routes traffic in a sense, although it is not layer 3 IP routing, it is switching across a WAN. It should still function the exact same way as a vlan at one site does today, except the vlan happens to traverse a WAN now.....think of it as a vlan with a layer 2 trunk across a wide area network, and the same vlan on the other side.

Reply to
Trendkill

This sounds very much like a service that we use from Verizon, Transparent LAN Services (TLS).

You get an Ethernet hand-off at each site and the carrier's connection acts as if all the participating locations were plugged into a single VLAN on the carrier's switch.

There is nothing that stops you from treating this connection as a dot1q trunk. The carrier shouldn't care if you put dot1q tags on the frames that you hand off. The single VLAN that _they_ use is _their_ business.

[If they strip off your dot1q tags and use them to decide which of the carrier's VLANs your traffic belongs to, you should run screaming to a different carrier]

There is nothing that stops you from treating this connection as a WAN link and deploying routers at each of your sites with one Ethernet interface facing the carrier and a second Ethernet interface facing the site's LAN.

No. 172.16.10.1 through 172.16.13.254 is not a valid IP subnet. It does not line up on a /22 boundary.

172.16.8.1 through 172.16.11.254 would be valid.

Still, I would not want to flatten out my network, putting three sites at three distinct geographical locations into a single broadcast domain. Better to leave this as a routed network with a router at each site. That keeps each site's broadcast traffic off the carrier's links.

Reply to
briggs

Thanks, Trendkill. Thanks, Bri... You are right, 172.16.10.1 through 172.16.13.254 is not valid. Thank you for correcting my error.

Actually we are not satisfied with the single VLAN the ISP can provide in this plan. We are requesting for multiple VLANs set up on their switch. Seems it needs more work to do on both sides and we are in discussion of it.

Reply to
szhang3

I missed the simple subnet/mask mismatch! Thanks Bri for being thorough. After doing this stuff for so long, I just assume someone else has already done that check...lol.

Reply to
Trendkill

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.