A VLAN maps several subnet
I've read the post Multiple Subnets in a VLAN and am wondering about the possible conflicts when using several subnets in a VLAN.
The recommended design is of course put a IP subnet in a VLAN.
If I configure several IP subnets in a VLAN, e.g. some hosts in 10.1.1.0/24, some hosts in 10.2.2.0/24 and both under a VLAN, will these two networks interrupt each other? If there's actually no impact then why is such a design not preferred?
vlan subnet
edited 2 days ago
Peter Mortensen
1435
asked 2 days ago
user53815
262
New contributor
user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I've read the post Multiple Subnets in a VLAN and am wondering about the possible conflicts when using several subnets in a VLAN.
The recommended design is of course put a IP subnet in a VLAN.
If I configure several IP subnets in a VLAN, e.g. some hosts in 10.1.1.0/24, some hosts in 10.2.2.0/24 and both under a VLAN, will these two networks interrupt each other? If there's actually no impact then why is such a design not preferred?
vlan subnet
edited 2 days ago
Peter Mortensen
1435
asked 2 days ago
user53815
262
New contributor
user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I've read the post Multiple Subnets in a VLAN and am wondering about the possible conflicts when using several subnets in a VLAN.
The recommended design is of course put a IP subnet in a VLAN.
If I configure several IP subnets in a VLAN, e.g. some hosts in 10.1.1.0/24, some hosts in 10.2.2.0/24 and both under a VLAN, will these two networks interrupt each other? If there's actually no impact then why is such a design not preferred?
vlan subnet
edited 2 days ago
Peter Mortensen
1435
asked 2 days ago
user53815
262
New contributor
user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I've read the post Multiple Subnets in a VLAN and am wondering about the possible conflicts when using several subnets in a VLAN.
The recommended design is of course put a IP subnet in a VLAN.
If I configure several IP subnets in a VLAN, e.g. some hosts in 10.1.1.0/24, some hosts in 10.2.2.0/24 and both under a VLAN, will these two networks interrupt each other? If there's actually no impact then why is such a design not preferred?
vlan subnet
vlan subnet
edited 2 days ago
Peter Mortensen
1435
asked 2 days ago
user53815
262
New contributor
user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 days ago
Peter Mortensen
1435
asked 2 days ago
user53815
262
New contributor
user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 days ago
Peter Mortensen
1435
edited 2 days ago
Peter Mortensen
1435
edited 2 days ago
Peter Mortensen
1435
1435
asked 2 days ago
user53815
262
New contributor
user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
user53815
262
asked 2 days ago
user53815
262
262
New contributor
user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
3 Answers
3
active
oldest
votes
This is possible however:
- you still need a router to have the hosts from one subnet to communicate with the hosts in the other subnet
- in a modern switched environment there's no collision, so this is not a issue, but you still have broadcast. All hosts will see the broadcasts from both domains which take some part of the bandwidth.
- Access Control Lists are bounded to interfaces. So to use ACL to limit traffic between the subnets you are limited to a single interface to place ingress / outgress rules; this is stil doable but more limited
- any host can potentially hear some traffic pertaining to the other subnet. That's a security issue.
- when troubleshooting a network issue, you may have to sniff traffic (with utility like tcpdump or wireshark), having several IP networks mixed render this or other troubleshooting more difficult
- overall, this is more complex to maintain and less scalable than having one subnet per vlan.
Basically there's rarely a benefit in doing so, even if you can encounter some corner case where it is the simplest solution (or a temporary dirty fix, but in IT, a temporary setup often last years....).
answered 2 days ago
JFL
10.6k11235
Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
– Zac67
2 days ago
@Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
– JFL
2 days ago
1
While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
– Marc 'netztier' Luethi
2 days ago
add a comment |
In general, yes you can do that.
Basically said one has nothing to do with the other. Vlans are l2 segregation/separation while subnetting achieves the same for l3.
However, it is not recommended for certain reasons.
Most obvious as stated above security.
Unicast traffic will flow without issues, but it can cause other problems.
There are ip addresses for certain traffic which are shared for all ip traffic independent from a specific subnet.(multicast&limited broadcast addresses etc.).
For example when running ha cluster-protocols like hsrp/vrrp, securexl and such or something like PIM/igmp.
So you can use it when needed but in general better try to avoid it. In bigger networks it can cause more headache than it is worth.
answered 2 days ago
hab
111
New contributor
hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I do this on my home network: I have a RFC1918 /24 which is what gets DHCP'd out to my internal network and is used by default for anything on my home LAN - this the entirely normal, common scenario you're used to in home/SMB networks.
I also have a public /29 on that VLAN (PA space from my ISP). I don't DHCP that, because... well, I only have 6 IPs to use. Instead, I statically allocate IP addresses on my servers/workstations/other devices I want accessible from the internet sans NAT.
This means I often end up with two IPs on these devices (for instance, my workstation on my desk is 10.200.8.13 and also has some publicly routable IP). This has the benefit of preventing hairpin routing via my (relatively slow) firewall/router when I am accessing something local because all the devices share the same Layer 2 domain. I also do not need to mess with VLAN config on my desktop and it even works over WiFi for my laptop!
My setup is a significant edge-case, mind, and I have complete control of the environment. Your mileage will vary, especially in enterprise environments.
answered 2 days ago
Alfie Pates
11
New contributor
Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "496"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
user53815 is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55793%2fa-vlan-maps-several-subnet%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
This is possible however:
- you still need a router to have the hosts from one subnet to communicate with the hosts in the other subnet
- in a modern switched environment there's no collision, so this is not a issue, but you still have broadcast. All hosts will see the broadcasts from both domains which take some part of the bandwidth.
- Access Control Lists are bounded to interfaces. So to use ACL to limit traffic between the subnets you are limited to a single interface to place ingress / outgress rules; this is stil doable but more limited
- any host can potentially hear some traffic pertaining to the other subnet. That's a security issue.
- when troubleshooting a network issue, you may have to sniff traffic (with utility like tcpdump or wireshark), having several IP networks mixed render this or other troubleshooting more difficult
- overall, this is more complex to maintain and less scalable than having one subnet per vlan.
Basically there's rarely a benefit in doing so, even if you can encounter some corner case where it is the simplest solution (or a temporary dirty fix, but in IT, a temporary setup often last years....).
answered 2 days ago
JFL
10.6k11235
Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
– Zac67
2 days ago
@Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
– JFL
2 days ago
1
While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
– Marc 'netztier' Luethi
2 days ago
add a comment |
This is possible however:
- you still need a router to have the hosts from one subnet to communicate with the hosts in the other subnet
- in a modern switched environment there's no collision, so this is not a issue, but you still have broadcast. All hosts will see the broadcasts from both domains which take some part of the bandwidth.
- Access Control Lists are bounded to interfaces. So to use ACL to limit traffic between the subnets you are limited to a single interface to place ingress / outgress rules; this is stil doable but more limited
- any host can potentially hear some traffic pertaining to the other subnet. That's a security issue.
- when troubleshooting a network issue, you may have to sniff traffic (with utility like tcpdump or wireshark), having several IP networks mixed render this or other troubleshooting more difficult
- overall, this is more complex to maintain and less scalable than having one subnet per vlan.
Basically there's rarely a benefit in doing so, even if you can encounter some corner case where it is the simplest solution (or a temporary dirty fix, but in IT, a temporary setup often last years....).
answered 2 days ago
JFL
10.6k11235
Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
– Zac67
2 days ago
@Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
– JFL
2 days ago
1
While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
– Marc 'netztier' Luethi
2 days ago
add a comment |
This is possible however:
- you still need a router to have the hosts from one subnet to communicate with the hosts in the other subnet
- in a modern switched environment there's no collision, so this is not a issue, but you still have broadcast. All hosts will see the broadcasts from both domains which take some part of the bandwidth.
- Access Control Lists are bounded to interfaces. So to use ACL to limit traffic between the subnets you are limited to a single interface to place ingress / outgress rules; this is stil doable but more limited
- any host can potentially hear some traffic pertaining to the other subnet. That's a security issue.
- when troubleshooting a network issue, you may have to sniff traffic (with utility like tcpdump or wireshark), having several IP networks mixed render this or other troubleshooting more difficult
- overall, this is more complex to maintain and less scalable than having one subnet per vlan.
Basically there's rarely a benefit in doing so, even if you can encounter some corner case where it is the simplest solution (or a temporary dirty fix, but in IT, a temporary setup often last years....).
answered 2 days ago
JFL
10.6k11235
This is possible however:
- you still need a router to have the hosts from one subnet to communicate with the hosts in the other subnet
- in a modern switched environment there's no collision, so this is not a issue, but you still have broadcast. All hosts will see the broadcasts from both domains which take some part of the bandwidth.
- Access Control Lists are bounded to interfaces. So to use ACL to limit traffic between the subnets you are limited to a single interface to place ingress / outgress rules; this is stil doable but more limited
- any host can potentially hear some traffic pertaining to the other subnet. That's a security issue.
- when troubleshooting a network issue, you may have to sniff traffic (with utility like tcpdump or wireshark), having several IP networks mixed render this or other troubleshooting more difficult
- overall, this is more complex to maintain and less scalable than having one subnet per vlan.
Basically there's rarely a benefit in doing so, even if you can encounter some corner case where it is the simplest solution (or a temporary dirty fix, but in IT, a temporary setup often last years....).
answered 2 days ago
JFL
10.6k11235
edited 2 days ago
answered 2 days ago
JFL
10.6k11235
answered 2 days ago
JFL
10.6k11235
answered 2 days ago
JFL
10.6k11235
10.6k11235
Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
– Zac67
2 days ago
@Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
– JFL
2 days ago
1
While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
– Marc 'netztier' Luethi
2 days ago
add a comment |
Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
– Zac67
2 days ago
@Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
– JFL
2 days ago
1
While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
– Marc 'netztier' Luethi
2 days ago
Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
– Zac67
2 days ago
Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
– Zac67
2 days ago
@Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
– JFL
2 days ago
@Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
– JFL
2 days ago
1
1
While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
– Marc 'netztier' Luethi
2 days ago
While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
– Marc 'netztier' Luethi
2 days ago
add a comment |
In general, yes you can do that.
Basically said one has nothing to do with the other. Vlans are l2 segregation/separation while subnetting achieves the same for l3.
However, it is not recommended for certain reasons.
Most obvious as stated above security.
Unicast traffic will flow without issues, but it can cause other problems.
There are ip addresses for certain traffic which are shared for all ip traffic independent from a specific subnet.(multicast&limited broadcast addresses etc.).
For example when running ha cluster-protocols like hsrp/vrrp, securexl and such or something like PIM/igmp.
So you can use it when needed but in general better try to avoid it. In bigger networks it can cause more headache than it is worth.
answered 2 days ago
hab
111
New contributor
hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
In general, yes you can do that.
Basically said one has nothing to do with the other. Vlans are l2 segregation/separation while subnetting achieves the same for l3.
However, it is not recommended for certain reasons.
Most obvious as stated above security.
Unicast traffic will flow without issues, but it can cause other problems.
There are ip addresses for certain traffic which are shared for all ip traffic independent from a specific subnet.(multicast&limited broadcast addresses etc.).
For example when running ha cluster-protocols like hsrp/vrrp, securexl and such or something like PIM/igmp.
So you can use it when needed but in general better try to avoid it. In bigger networks it can cause more headache than it is worth.
answered 2 days ago
hab
111
New contributor
hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
In general, yes you can do that.
Basically said one has nothing to do with the other. Vlans are l2 segregation/separation while subnetting achieves the same for l3.
However, it is not recommended for certain reasons.
Most obvious as stated above security.
Unicast traffic will flow without issues, but it can cause other problems.
There are ip addresses for certain traffic which are shared for all ip traffic independent from a specific subnet.(multicast&limited broadcast addresses etc.).
For example when running ha cluster-protocols like hsrp/vrrp, securexl and such or something like PIM/igmp.
So you can use it when needed but in general better try to avoid it. In bigger networks it can cause more headache than it is worth.
answered 2 days ago
hab
111
New contributor
hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
In general, yes you can do that.
Basically said one has nothing to do with the other. Vlans are l2 segregation/separation while subnetting achieves the same for l3.
However, it is not recommended for certain reasons.
Most obvious as stated above security.
Unicast traffic will flow without issues, but it can cause other problems.
There are ip addresses for certain traffic which are shared for all ip traffic independent from a specific subnet.(multicast&limited broadcast addresses etc.).
For example when running ha cluster-protocols like hsrp/vrrp, securexl and such or something like PIM/igmp.
So you can use it when needed but in general better try to avoid it. In bigger networks it can cause more headache than it is worth.
answered 2 days ago
hab
111
New contributor
hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 days ago
hab
111
New contributor
hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 days ago
hab
111
answered 2 days ago
hab
111
111
New contributor
hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
I do this on my home network: I have a RFC1918 /24 which is what gets DHCP'd out to my internal network and is used by default for anything on my home LAN - this the entirely normal, common scenario you're used to in home/SMB networks.
I also have a public /29 on that VLAN (PA space from my ISP). I don't DHCP that, because... well, I only have 6 IPs to use. Instead, I statically allocate IP addresses on my servers/workstations/other devices I want accessible from the internet sans NAT.
This means I often end up with two IPs on these devices (for instance, my workstation on my desk is 10.200.8.13 and also has some publicly routable IP). This has the benefit of preventing hairpin routing via my (relatively slow) firewall/router when I am accessing something local because all the devices share the same Layer 2 domain. I also do not need to mess with VLAN config on my desktop and it even works over WiFi for my laptop!
My setup is a significant edge-case, mind, and I have complete control of the environment. Your mileage will vary, especially in enterprise environments.
answered 2 days ago
Alfie Pates
11
New contributor
Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I do this on my home network: I have a RFC1918 /24 which is what gets DHCP'd out to my internal network and is used by default for anything on my home LAN - this the entirely normal, common scenario you're used to in home/SMB networks.
I also have a public /29 on that VLAN (PA space from my ISP). I don't DHCP that, because... well, I only have 6 IPs to use. Instead, I statically allocate IP addresses on my servers/workstations/other devices I want accessible from the internet sans NAT.
This means I often end up with two IPs on these devices (for instance, my workstation on my desk is 10.200.8.13 and also has some publicly routable IP). This has the benefit of preventing hairpin routing via my (relatively slow) firewall/router when I am accessing something local because all the devices share the same Layer 2 domain. I also do not need to mess with VLAN config on my desktop and it even works over WiFi for my laptop!
My setup is a significant edge-case, mind, and I have complete control of the environment. Your mileage will vary, especially in enterprise environments.
answered 2 days ago
Alfie Pates
11
New contributor
Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I do this on my home network: I have a RFC1918 /24 which is what gets DHCP'd out to my internal network and is used by default for anything on my home LAN - this the entirely normal, common scenario you're used to in home/SMB networks.
I also have a public /29 on that VLAN (PA space from my ISP). I don't DHCP that, because... well, I only have 6 IPs to use. Instead, I statically allocate IP addresses on my servers/workstations/other devices I want accessible from the internet sans NAT.
This means I often end up with two IPs on these devices (for instance, my workstation on my desk is 10.200.8.13 and also has some publicly routable IP). This has the benefit of preventing hairpin routing via my (relatively slow) firewall/router when I am accessing something local because all the devices share the same Layer 2 domain. I also do not need to mess with VLAN config on my desktop and it even works over WiFi for my laptop!
My setup is a significant edge-case, mind, and I have complete control of the environment. Your mileage will vary, especially in enterprise environments.
answered 2 days ago
Alfie Pates
11
New contributor
Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I do this on my home network: I have a RFC1918 /24 which is what gets DHCP'd out to my internal network and is used by default for anything on my home LAN - this the entirely normal, common scenario you're used to in home/SMB networks.
I also have a public /29 on that VLAN (PA space from my ISP). I don't DHCP that, because... well, I only have 6 IPs to use. Instead, I statically allocate IP addresses on my servers/workstations/other devices I want accessible from the internet sans NAT.
This means I often end up with two IPs on these devices (for instance, my workstation on my desk is 10.200.8.13 and also has some publicly routable IP). This has the benefit of preventing hairpin routing via my (relatively slow) firewall/router when I am accessing something local because all the devices share the same Layer 2 domain. I also do not need to mess with VLAN config on my desktop and it even works over WiFi for my laptop!
My setup is a significant edge-case, mind, and I have complete control of the environment. Your mileage will vary, especially in enterprise environments.
answered 2 days ago
Alfie Pates
11
New contributor
Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 days ago
Alfie Pates
11
New contributor
Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 2 days ago
Alfie Pates
11
answered 2 days ago
Alfie Pates
11
11
New contributor
Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
user53815 is a new contributor. Be nice, and check out our Code of Conduct.
user53815 is a new contributor. Be nice, and check out our Code of Conduct.
user53815 is a new contributor. Be nice, and check out our Code of Conduct.
user53815 is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Network Engineering Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55793%2fa-vlan-maps-several-subnet%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
