Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Re: What's better a few big subnets or several smaller subnets?

Reply
Thread Tools

Re: What's better a few big subnets or several smaller subnets?

 
 
jfalken@socket.net
Guest
Posts: n/a
 
      08-26-2008
On Aug 20, 8:56*am, "Scott Perry" <scott.perry@somecompany> wrote:
> IP address subnetting can get people stuck in a class based mentality. *IP
> address subnets end up getting assigned based on the original Class B and
> Class C subnets with subnet masks of either 255.255.0.0 or 255.255.255.0.
> This results in IP address subnets of either 256 addresses or 65536
> addresses without much sizing in between.
>
> For example:
> If you have 3 floors of a building, the IP address subnets get divided like
> this:
> 10.0.1.0 / 255.255.255.0 * * - floor 1 LAN for PCs
> 10.0.2.0 / 255.255.255.0 * * - floor 2 LAN for PCs
> 10.0.3.0 / 255.255.255.0 * * - floor 3 LAN for PCs
> and then continuing with...
> 10.1.1.0 / 255.255.255.0 * * - floor 1 seperate subnet for servers
> 10.1.2.0 / 255.255.255.0 * * - floor 2 seperate subnet for servers
> 10.1.3.0 / 255.255.255.0 * * - floor 3 seperate subnet for servers
> and then so on for printers, management devices, etc...
>
> Perhaps these 10.0.X.X subnets are used for the common LAN communication,
> and subnets starting with 10.1.X.X and 10.2.X.X following the same 1,2,3,4,5
> numbering in the third octet follow for printer, server, and other subnets
> on each floor.
>
> I like breaking things down into the available sizes in between of 512,
> 1024, 2048, 4096, 8192, 16384, and 32768.
>
> How about this example where all addresses begin with 10.0.x.x:
> 10.0.0.0 / 255.255.255.128 * * - floor 1 LAN for PCs, up to 125
> 10.0.1.128 / 255.255.255.192 * *- floor 1 for extra systems, up to 61
> 10.0.1.192 / 255.255.255.224 * * - floor 1 for non PCs like time clocks,
> kiosks, etc.., up to 29
> 10.0.1.224 / 255.255.255.240 * * - floor 1 servers, up to 13
> 10.0.1.240 / 255.255.255.240 * * - floor 1 for router loopback and switches,
> up to 13
> * *Summarized route for entire floor: 10.0.0.0 / 255.255.254.0
> then repeat for each continuing floor:
> 10.0.2.0 / 255.255.255.128 * * - floor 2 LAN for PCs, up to 125
> 10.0.3.128 / 255.255.255.192 * *- floor 2 for extra systems, up to 61
> 10.0.3.192 / 255.255.255.224 * * - floor 2 for non PCs like time clocks,
> kiosks, etc.., up to 29
> 10.0.3.224 / 255.255.255.240 * * - floor 2 servers, up to 13
> 10.0.3.240 / 255.255.255.240 * * - floor 2 for router loopback and switches,
> up to 13
> * *Summarized route for entire floor: 10.0.2.0 / 255.255.254.0
>
> It is not as pretty on the eyes, but allows summarized routing and efficient
> use of the address space. *With only a few floors, memorziation of the IP
> address prefix for a floor comes rather quickly and is only the concern of
> the network administrator. *I just hate seeing a block of 65536 IP addresses
> used for a segment with only 100 PCs and a block of 255 IP addresses used
> for a segment with only 10 hosts, and situtaitons like that. *It probably
> comes from formerly working in a company that owned a Class A address range
> on the Internet.
>
> -----
> Scott Perry
> Indianapolis, IN
> -----
>
> "Merv" <(E-Mail Removed)> wrote in message
>
> news:(E-Mail Removed)...
>
>
>
>
>
> > I would use network 10 addressing as it would allow you to put some
> > meaning into the 2nd and 3rd octet should you wish to do that or just
> > assign randomly or sequentially. I would definitely not use
> > 192.168.x.x addressing

>
> > 10.floor_X.area1.device1

>
> > I would always go for smaller subnets for a whole host of reasons */
> > 24 /25 or /26- Hide quoted text -

>
> - Show quoted text -


Now the really stupid question, would I just put in a 2621 router for
each floor to make the jump from one subnet to the 192.168.1.x main
network?
 
Reply With Quote
 
 
 
 
Scott Perry
Guest
Posts: n/a
 
      08-26-2008
Why not just have the floor switches uplink to a router? Instead of having
a physical router on each floor, have a single router on only one floor that
has switches from each floor connected to it. Perhaps each floor has Cisco
Catalyst 2950 switches and use fiber optic connections into a main Cisco
Catalyst 3550 or 4500 series that performs the routing as a "layer 3
switch"?

-----
Scott Perry
Indianapolis, IN
-----

<(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...

Now the really stupid question, would I just put in a 2621 router for
each floor to make the jump from one subnet to the 192.168.1.x main
network?


 
Reply With Quote
 
 
 
 
jfalken@socket.net
Guest
Posts: n/a
 
      08-26-2008
On Aug 26, 3:34*pm, "Scott Perry" <scott.perry@somecompany> wrote:
> Why not just have the floor switches uplink to a router? *Instead of having
> a physical router on each floor, have a single router on only one floor that
> has switches from each floor connected to it. *Perhaps each floor has Cisco
> Catalyst 2950 switches and use fiber optic connections into a main Cisco
> Catalyst 3550 or 4500 series that performs the routing as a "layer 3
> switch"?
>
> -----
> Scott Perry
> Indianapolis, IN
> -----
>
> <(E-Mail Removed)> wrote in message
>
> news:(E-Mail Removed)...
>
> Now the really stupid question, would I just put in a 2621 router for
> each floor to make the jump from one subnet to the 192.168.1.x main
> network?


I already have several 2621 routers. I figured I would configure each
with a FE0/0 = a different floor ip set(192.168.11.x, 192.168.12.x and
192.168.13.x) and each with FE0/1 = a different 192.168.1.x(this is
where the servers are and need to stay at least for now.) This allows
each floor to have 254 ips for PCs, printers and specialty
servers(should be between 100 and 200 per floor most likely). Each
router would know how to get to the others would have a permanent
0.0.0.0 route to the inside of the PIX. This would minimize the
single point of HW failure and from reading responses and other
research, it seems having one extra hop across a router shouldn't slow
it down much. Is that not correct?
 
Reply With Quote
 
jfalken@socket.net
Guest
Posts: n/a
 
      08-27-2008
On Aug 26, 5:44*pm, (E-Mail Removed) wrote:
> On Aug 26, 3:34*pm, "Scott Perry" <scott.perry@somecompany> wrote:
>
>
>
>
>
> > Why not just have the floor switches uplink to a router? *Instead of having
> > a physical router on each floor, have a single router on only one floor that
> > has switches from each floor connected to it. *Perhaps each floor has Cisco
> > Catalyst 2950 switches and use fiber optic connections into a main Cisco
> > Catalyst 3550 or 4500 series that performs the routing as a "layer 3
> > switch"?

>
> > -----
> > Scott Perry
> > Indianapolis, IN
> > -----

>
> > <(E-Mail Removed)> wrote in message

>
> >news:(E-Mail Removed)....

>
> > Now the really stupid question, would I just put in a 2621 router for
> > each floor to make the jump from one subnet to the 192.168.1.x main
> > network?

>
> I already have several 2621 routers. *I figured I would configure each
> with a FE0/0 = a different floor ip set(192.168.11.x, 192.168.12.x and
> 192.168.13.x) and each with FE0/1 = a different 192.168.1.x(this is
> where the servers are and need to stay at least for now.) *This allows
> each floor to have 254 ips for PCs, printers and specialty
> servers(should be between 100 and 200 per floor most likely). *Each
> router would know how to get to the others would have a permanent
> 0.0.0.0 route to the inside of the PIX. *This would minimize the
> single point of HW failure and from reading responses and other
> research, it seems having one extra hop across a router shouldn't slow
> it down much. *Is that not correct?- Hide quoted text -
>
> - Show quoted text -


After thinking on this all night, would it be better to do
192.168.floor.x and subnet 255.255.0.0? I could then leave the
servers and printers as they are a1 192.168.1.x and just change their
mask to 255.255.0.0. I could then put in one router that points the
way to the internet(inside addr of the pix) and points the way to our
other offices(192.168.1.officenumber-this side of their router). We
are already at ~300hosts and may grow another 100-200. If I am
thinking right, anyone in this office can then talk to the servers and
printers w/o jumping a router and the servers don't need to be re-
ip'ed. Am I totally seeing this wrong? Thanks for all your help. I
am trying to weave through legacy mistakes that I and those before
have made.
 
Reply With Quote
 
Trendkill
Guest
Posts: n/a
 
      08-29-2008
On Aug 27, 11:44*am, (E-Mail Removed) wrote:
> On Aug 26, 5:44*pm, (E-Mail Removed) wrote:
>
>
>
> > On Aug 26, 3:34*pm, "Scott Perry" <scott.perry@somecompany> wrote:

>
> > > Why not just have the floor switches uplink to a router? *Instead of having
> > > a physical router on each floor, have a single router on only one floor that
> > > has switches from each floor connected to it. *Perhaps each floor has Cisco
> > > Catalyst 2950 switches and use fiber optic connections into a main Cisco
> > > Catalyst 3550 or 4500 series that performs the routing as a "layer 3
> > > switch"?

>
> > > -----
> > > Scott Perry
> > > Indianapolis, IN
> > > -----

>
> > > <(E-Mail Removed)> wrote in message

>
> > >news:(E-Mail Removed)....

>
> > > Now the really stupid question, would I just put in a 2621 router for
> > > each floor to make the jump from one subnet to the 192.168.1.x main
> > > network?

>
> > I already have several 2621 routers. *I figured I would configure each
> > with a FE0/0 = a different floor ip set(192.168.11.x, 192.168.12.x and
> > 192.168.13.x) and each with FE0/1 = a different 192.168.1.x(this is
> > where the servers are and need to stay at least for now.) *This allows
> > each floor to have 254 ips for PCs, printers and specialty
> > servers(should be between 100 and 200 per floor most likely). *Each
> > router would know how to get to the others would have a permanent
> > 0.0.0.0 route to the inside of the PIX. *This would minimize the
> > single point of HW failure and from reading responses and other
> > research, it seems having one extra hop across a router shouldn't slow
> > it down much. *Is that not correct?- Hide quoted text -

>
> > - Show quoted text -

>
> After thinking on this all night, would it be better to do
> 192.168.floor.x and subnet 255.255.0.0? *I could then leave the
> servers and printers as they are a1 192.168.1.x and just change their
> mask to 255.255.0.0. *I could then put in one router that points the
> way to the internet(inside addr of the pix) and points the way to our
> other offices(192.168.1.officenumber-this side of their router). *We
> are already at ~300hosts and may grow another 100-200. *If I am
> thinking right, anyone in this office can then talk to the servers and
> printers w/o jumping a router and the servers don't need to be re-
> ip'ed. *Am I totally seeing this wrong? *Thanks for all your help. *I
> am trying to weave through legacy mistakes that I and those before
> have made.


My personal answer is, no. Subnet to /24 or /25, keep it by floor or
some logical compartment, and stay away from using supernets as
subnets. That isn't to say that 10.0.0.0 can't be location A andd
10.1.0.0 can't be location B, but that kind of logic is better used
for large organizations and you do that via route summarization, not
single vlans. Just speaking for myself, I would NEVER subnet larger
than a /22 (1000+ hosts) within a data center (and we have 38 of
them), but would easily summarize to a /16 by site if that is the way
it broke up. All in all, I would consider 192.168.0-15 is site 1 (or
perhaps 0-7), and then the next 8 or 16 /24s would be site 2, site 3,
site 4, etc. This is much more efficient, gives room for growth, and
does not carve out some ungodly subnet.

Think of it this way, you acquire a company that uses 192.168.0.0 at
their facility. What do you do? You can't use anything in 192.168
because you are using a /16 (unless you want to extend your broadcast
domain over your WAN, which would not be such a good idea), so you
have to re-address the whole thing, rather than perhaps just the third
octet. Yes you can NAT and other things, but think through the
evolution of your company/business...including the fact that mergers/
acquisitions/growth will kill a network design if you don't have
flexibility.

Overall, carve out some space with growth, and you don't have to match
the third octet to floor if you have large floors. Then just use VLAN
#, and instead just memorize or document the mapping of subnets to
vlan numbers. IE (floor 1 = vlan 1 = 192.168.4.0 /23), floor 2 = vlan
2 = 192.168.6.0 /23). I generally reserve the first few /24s at a
site for network management, routing, etc.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
better to serve one big js file or several smaller ones? petermichaux@gmail.com Javascript 16 03-24-2006 12:00 AM
font of the active title bar appears smaller and smaller automatic =?Utf-8?B?dGhhbmt5b3U=?= Windows 64bit 1 10-12-2005 09:24 AM
route-map question (how to policy route for all destinations except few subnets?) binand@gmail.com Cisco 1 08-13-2005 08:52 PM
better to buy large memory card or several smaller? Jim Waggener Digital Photography 19 01-30-2005 02:03 AM
DSLR, Smaller Sensor, Smaller TTL Viewfinder? Which has the largest? Geshu Iam Digital Photography 7 08-17-2004 06:52 PM



Advertisments