VLAN vs subnetting

Hi All,

I am not sure if this is the right forum to ask this question. Please excuse me if so.

I would like to know when one should design networks using VLAN vs subnets if one has multilayer switches. What r the considerations?

Thanks, ASM

Reply to
Loading thread data ...

Whaddya mean? Typically you do both - each vlan is made into it's own subnet if your switch supports layer 3 routing...

Reply to
T. Sean Weintz

Good question. But first, "subnetting" and VLANs are not mutually exclusive. You can create IP subnets out of VLANs or not.

In my view, VLANs are most useful if you need to create IP subnets that span large areas. For example, if you want to create a number of separate campus-wide subnets, as opposed to subnets confined to individual buildings or individual floors in buildings of a campus, then a good Link Layer technique to achieve this would be use of VLANs.

An alternative would be to create a completely separate set of physical LANs which span the campus. That's probably still the most secure approach, if security is paramount, but it requires more labor to install all the cable and the greater number of switches and routers in the combined core networks. Not to mention more work to administer all these network components.

Another somewhat similar alternative might be use of MPLS (multiprotocol label switching, RFC 3031), which is conceptually similar to VLANs, but operates at the Network Layer. MPLS creates shortcuts between IP subnets that you might want to be tied closer together, perhaps to achieve faster response times. With MPLS, you would likely end up creating more IP subnets than the VLAN approach, but you could then create label-switched paths through the core of the campus network. These LSPs route packets between certain IP subnets more efficiently than normal IP routing would do.


Reply to
Albert Manfredi

Forget about the term "multilayer switches", it's sales critter language.

If you on the other hand have level-3 devices ( = routers) it's perfectly doable.

Not all devices needs to be routers, it's perfectly doable to use trunks to a router where routing will be done between VLAN's.

Reply to

subnets usually correspond to VLANs for IP if you are building a routed network - if you use other protocols then there might be other layer 3 structure for each protocol, such as an IPX network per VLAN.

VLAN descriptions often assume that VLANs are "tagged" links between switches, but VLANs are a common way of logically splitting up traffic within a switch as well - the simplest ways are to assign a port to a VLAN, so all traffic on a port is logically tagged inside the switch, or to use a port as tagged port where the VLAN labels appear outside the switch.

VLANs can be a lot more complicated than that - some switches can put traffic into a specific VLAN based on MAC address, IP source address, protocol type and so on - so you can have a layer 3 structure for 2 protocols that are different.

For example, you might have a good reason to select big networks for IPX, lots of small subnets for IP, and layer 2 only flat structure for non routed protocols such as NetBEUI and SNA. Or your layer 3 switch may only route IPv4, so you take IPv6 or appletalk "subnets" down a trunk to an external software based router.

Most of the applications seem to cause more problems than they solve, and since most protocols apart from IP are dying out, this is less of an issue than it used to be.

Reply to

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.