quick question on Vlans

[S1lv3rW3bSurf3r]

The short answer is yes. depending on what you wish to accomplish, you can go the other route and make your broadcast domain as small as possible. where you can define certain ports on a switch (cisco 4507R <---- sup mod engine) to a particular subnet range example fa0/1 - fa0/20 = 10.0.0.1 - 10.0.0.20. the next 20 ports will equal the next 20 ips in subnet etc. more admin work, but in the end worth it. in cisco case (i do not know 3com or the others except nortel, and lo I am not impressed by it)

vlsm (variable length subnet masks) are definable within the vlans

i realise that this does fall slightly outside the question's scope but consider these as well:

rename your vlans (dont use 1 and 2)
place your infrastructure devices and others such as servers in their own vlans
make your broadcast domains as small as possible
kill unnecessary traffic, and if possible use ids ..........

[catman]

Lemme try this.

If Vlan 40 includes 192.168.1.0 and 192.168.2.0 then the mask for the VLAN will be /23 or 255.255.254.0.

512 addresses - 2 (network address of 192.168.1.0 and broadcast address of 192.168.2.255)

Supernets are used in large enterprise networks with large switch fabrics. I see them everyday.

hth

catman

[SirDice]

Originally posted here by catman
If Vlan 40 includes 192.168.1.0 and 192.168.2.0 then the mask for the VLAN will be /23 or 255.255.254.0.

Actually it's /22 or 255.255.252.0. /23 would only include 192.168.0.x and 192.168.1.x (192.168.2.x and 192.168.3.x would be the next subnet).

[rukiddnme]

Can you have more then one subnet on a VLAN? YES.
Why would you do this? In one situation I can think of, you may need extra IP addresses for increased network capacity without adding additional router blades. If you Run out of slots in your router chasse you may resort to doing this as well. Secondary IP addresses on a router interface are used when security is not a concern.

[SirDice]

In one situation I can think of, you may need extra IP addresses for increased network capacity without adding router blades.

You'll need that router (blade) anyway. How else would you get out of a VLAN?

[ammo]

Originally posted here by SirDice
You'll need that router (blade) anyway. How else would you get out of a VLAN?

"Router-on-a-stick" style...
If you already have a router connected you don't necessarly need another router port.

That being said, anything involving multiple subnets on the same (virtual or not) lan segment (except routing trunks) is rather odd and should probably be redesigned because there surely (absoloutly!) is a better way of doing it...

ie: YES it CAN be done, NO it (probably) shouldn't be done.


Ammo