A VLAN maps several subnet












2














I've read the post Multiple Subnets in a VLAN and am wondering about the possible conflicts when using several subnets in a VLAN.



The recommended design is of course put a IP subnet in a VLAN.



If I configure several IP subnets in a VLAN, e.g. some hosts in 10.1.1.0/24, some hosts in 10.2.2.0/24 and both under a VLAN, will these two networks interrupt each other? If there's actually no impact then why is such a design not preferred?










share|improve this question









New contributor




user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

























    2














    I've read the post Multiple Subnets in a VLAN and am wondering about the possible conflicts when using several subnets in a VLAN.



    The recommended design is of course put a IP subnet in a VLAN.



    If I configure several IP subnets in a VLAN, e.g. some hosts in 10.1.1.0/24, some hosts in 10.2.2.0/24 and both under a VLAN, will these two networks interrupt each other? If there's actually no impact then why is such a design not preferred?










    share|improve this question









    New contributor




    user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      2












      2








      2







      I've read the post Multiple Subnets in a VLAN and am wondering about the possible conflicts when using several subnets in a VLAN.



      The recommended design is of course put a IP subnet in a VLAN.



      If I configure several IP subnets in a VLAN, e.g. some hosts in 10.1.1.0/24, some hosts in 10.2.2.0/24 and both under a VLAN, will these two networks interrupt each other? If there's actually no impact then why is such a design not preferred?










      share|improve this question









      New contributor




      user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      I've read the post Multiple Subnets in a VLAN and am wondering about the possible conflicts when using several subnets in a VLAN.



      The recommended design is of course put a IP subnet in a VLAN.



      If I configure several IP subnets in a VLAN, e.g. some hosts in 10.1.1.0/24, some hosts in 10.2.2.0/24 and both under a VLAN, will these two networks interrupt each other? If there's actually no impact then why is such a design not preferred?







      vlan subnet






      share|improve this question









      New contributor




      user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question









      New contributor




      user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question








      edited 2 days ago









      Peter Mortensen

      1435




      1435






      New contributor




      user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 2 days ago









      user53815

      262




      262




      New contributor




      user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      user53815 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          3 Answers
          3






          active

          oldest

          votes


















          5














          This is possible however:




          • you still need a router to have the hosts from one subnet to communicate with the hosts in the other subnet

          • in a modern switched environment there's no collision, so this is not a issue, but you still have broadcast. All hosts will see the broadcasts from both domains which take some part of the bandwidth.

          • Access Control Lists are bounded to interfaces. So to use ACL to limit traffic between the subnets you are limited to a single interface to place ingress / outgress rules; this is stil doable but more limited

          • any host can potentially hear some traffic pertaining to the other subnet. That's a security issue.

          • when troubleshooting a network issue, you may have to sniff traffic (with utility like tcpdump or wireshark), having several IP networks mixed render this or other troubleshooting more difficult

          • overall, this is more complex to maintain and less scalable than having one subnet per vlan.


          Basically there's rarely a benefit in doing so, even if you can encounter some corner case where it is the simplest solution (or a temporary dirty fix, but in IT, a temporary setup often last years....).






          share|improve this answer























          • Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
            – Zac67
            2 days ago












          • @Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
            – JFL
            2 days ago






          • 1




            While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
            – Marc 'netztier' Luethi
            2 days ago



















          1














          In general, yes you can do that.
          Basically said one has nothing to do with the other. Vlans are l2 segregation/separation while subnetting achieves the same for l3.



          However, it is not recommended for certain reasons.
          Most obvious as stated above security.



          Unicast traffic will flow without issues, but it can cause other problems.
          There are ip addresses for certain traffic which are shared for all ip traffic independent from a specific subnet.(multicast&limited broadcast addresses etc.).
          For example when running ha cluster-protocols like hsrp/vrrp, securexl and such or something like PIM/igmp.



          So you can use it when needed but in general better try to avoid it. In bigger networks it can cause more headache than it is worth.






          share|improve this answer








          New contributor




          hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.


























            0














            I do this on my home network: I have a RFC1918 /24 which is what gets DHCP'd out to my internal network and is used by default for anything on my home LAN - this the entirely normal, common scenario you're used to in home/SMB networks.



            I also have a public /29 on that VLAN (PA space from my ISP). I don't DHCP that, because... well, I only have 6 IPs to use. Instead, I statically allocate IP addresses on my servers/workstations/other devices I want accessible from the internet sans NAT.



            This means I often end up with two IPs on these devices (for instance, my workstation on my desk is 10.200.8.13 and also has some publicly routable IP). This has the benefit of preventing hairpin routing via my (relatively slow) firewall/router when I am accessing something local because all the devices share the same Layer 2 domain. I also do not need to mess with VLAN config on my desktop and it even works over WiFi for my laptop!



            My setup is a significant edge-case, mind, and I have complete control of the environment. Your mileage will vary, especially in enterprise environments.






            share|improve this answer








            New contributor




            Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
            Check out our Code of Conduct.


















              Your Answer








              StackExchange.ready(function() {
              var channelOptions = {
              tags: "".split(" "),
              id: "496"
              };
              initTagRenderer("".split(" "), "".split(" "), channelOptions);

              StackExchange.using("externalEditor", function() {
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled) {
              StackExchange.using("snippets", function() {
              createEditor();
              });
              }
              else {
              createEditor();
              }
              });

              function createEditor() {
              StackExchange.prepareEditor({
              heartbeatType: 'answer',
              autoActivateHeartbeat: false,
              convertImagesToLinks: false,
              noModals: true,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: null,
              bindNavPrevention: true,
              postfix: "",
              imageUploader: {
              brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
              contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
              allowUrls: true
              },
              noCode: true, onDemand: true,
              discardSelector: ".discard-answer"
              ,immediatelyShowMarkdownHelp:true
              });


              }
              });






              user53815 is a new contributor. Be nice, and check out our Code of Conduct.










              draft saved

              draft discarded


















              StackExchange.ready(
              function () {
              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55793%2fa-vlan-maps-several-subnet%23new-answer', 'question_page');
              }
              );

              Post as a guest















              Required, but never shown

























              3 Answers
              3






              active

              oldest

              votes








              3 Answers
              3






              active

              oldest

              votes









              active

              oldest

              votes






              active

              oldest

              votes









              5














              This is possible however:




              • you still need a router to have the hosts from one subnet to communicate with the hosts in the other subnet

              • in a modern switched environment there's no collision, so this is not a issue, but you still have broadcast. All hosts will see the broadcasts from both domains which take some part of the bandwidth.

              • Access Control Lists are bounded to interfaces. So to use ACL to limit traffic between the subnets you are limited to a single interface to place ingress / outgress rules; this is stil doable but more limited

              • any host can potentially hear some traffic pertaining to the other subnet. That's a security issue.

              • when troubleshooting a network issue, you may have to sniff traffic (with utility like tcpdump or wireshark), having several IP networks mixed render this or other troubleshooting more difficult

              • overall, this is more complex to maintain and less scalable than having one subnet per vlan.


              Basically there's rarely a benefit in doing so, even if you can encounter some corner case where it is the simplest solution (or a temporary dirty fix, but in IT, a temporary setup often last years....).






              share|improve this answer























              • Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
                – Zac67
                2 days ago












              • @Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
                – JFL
                2 days ago






              • 1




                While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
                – Marc 'netztier' Luethi
                2 days ago
















              5














              This is possible however:




              • you still need a router to have the hosts from one subnet to communicate with the hosts in the other subnet

              • in a modern switched environment there's no collision, so this is not a issue, but you still have broadcast. All hosts will see the broadcasts from both domains which take some part of the bandwidth.

              • Access Control Lists are bounded to interfaces. So to use ACL to limit traffic between the subnets you are limited to a single interface to place ingress / outgress rules; this is stil doable but more limited

              • any host can potentially hear some traffic pertaining to the other subnet. That's a security issue.

              • when troubleshooting a network issue, you may have to sniff traffic (with utility like tcpdump or wireshark), having several IP networks mixed render this or other troubleshooting more difficult

              • overall, this is more complex to maintain and less scalable than having one subnet per vlan.


              Basically there's rarely a benefit in doing so, even if you can encounter some corner case where it is the simplest solution (or a temporary dirty fix, but in IT, a temporary setup often last years....).






              share|improve this answer























              • Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
                – Zac67
                2 days ago












              • @Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
                – JFL
                2 days ago






              • 1




                While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
                – Marc 'netztier' Luethi
                2 days ago














              5












              5








              5






              This is possible however:




              • you still need a router to have the hosts from one subnet to communicate with the hosts in the other subnet

              • in a modern switched environment there's no collision, so this is not a issue, but you still have broadcast. All hosts will see the broadcasts from both domains which take some part of the bandwidth.

              • Access Control Lists are bounded to interfaces. So to use ACL to limit traffic between the subnets you are limited to a single interface to place ingress / outgress rules; this is stil doable but more limited

              • any host can potentially hear some traffic pertaining to the other subnet. That's a security issue.

              • when troubleshooting a network issue, you may have to sniff traffic (with utility like tcpdump or wireshark), having several IP networks mixed render this or other troubleshooting more difficult

              • overall, this is more complex to maintain and less scalable than having one subnet per vlan.


              Basically there's rarely a benefit in doing so, even if you can encounter some corner case where it is the simplest solution (or a temporary dirty fix, but in IT, a temporary setup often last years....).






              share|improve this answer














              This is possible however:




              • you still need a router to have the hosts from one subnet to communicate with the hosts in the other subnet

              • in a modern switched environment there's no collision, so this is not a issue, but you still have broadcast. All hosts will see the broadcasts from both domains which take some part of the bandwidth.

              • Access Control Lists are bounded to interfaces. So to use ACL to limit traffic between the subnets you are limited to a single interface to place ingress / outgress rules; this is stil doable but more limited

              • any host can potentially hear some traffic pertaining to the other subnet. That's a security issue.

              • when troubleshooting a network issue, you may have to sniff traffic (with utility like tcpdump or wireshark), having several IP networks mixed render this or other troubleshooting more difficult

              • overall, this is more complex to maintain and less scalable than having one subnet per vlan.


              Basically there's rarely a benefit in doing so, even if you can encounter some corner case where it is the simplest solution (or a temporary dirty fix, but in IT, a temporary setup often last years....).







              share|improve this answer














              share|improve this answer



              share|improve this answer








              edited 2 days ago

























              answered 2 days ago









              JFL

              10.6k11235




              10.6k11235












              • Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
                – Zac67
                2 days ago












              • @Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
                – JFL
                2 days ago






              • 1




                While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
                – Marc 'netztier' Luethi
                2 days ago


















              • Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
                – Zac67
                2 days ago












              • @Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
                – JFL
                2 days ago






              • 1




                While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
                – Marc 'netztier' Luethi
                2 days ago
















              Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
              – Zac67
              2 days ago






              Although you're generally correct, there are some borderline cases where multiple IP subnets in the same VLAN may be beneficial. I've successfully used it for a finer control on SA/DA load distribution on a LAG trunk (for backup). It's also sometimes used when migrating or renumbering subnets as a stopgap.
              – Zac67
              2 days ago














              @Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
              – JFL
              2 days ago




              @Zac67 agree. I indeed had to use this a few times myself but always feel ashamed in doing so ;) I felt it was borderline enough to leave it out but I'll edit in this sense.
              – JFL
              2 days ago




              1




              1




              While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
              – Marc 'netztier' Luethi
              2 days ago




              While such "multinets" are kludgy on IPv4, they are probably going to be more prevalent in IPv6. In either protocol version, if a host ends up with multiple addresses on a single NIC (possibly from multiple subnets/prefixes), topics like name resolution, service binding, source address selection and the host's own routing table require a lot more attention than in the world of single IPv4 subnet per broadcast domain we've been living in for the last few years.
              – Marc 'netztier' Luethi
              2 days ago











              1














              In general, yes you can do that.
              Basically said one has nothing to do with the other. Vlans are l2 segregation/separation while subnetting achieves the same for l3.



              However, it is not recommended for certain reasons.
              Most obvious as stated above security.



              Unicast traffic will flow without issues, but it can cause other problems.
              There are ip addresses for certain traffic which are shared for all ip traffic independent from a specific subnet.(multicast&limited broadcast addresses etc.).
              For example when running ha cluster-protocols like hsrp/vrrp, securexl and such or something like PIM/igmp.



              So you can use it when needed but in general better try to avoid it. In bigger networks it can cause more headache than it is worth.






              share|improve this answer








              New contributor




              hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.























                1














                In general, yes you can do that.
                Basically said one has nothing to do with the other. Vlans are l2 segregation/separation while subnetting achieves the same for l3.



                However, it is not recommended for certain reasons.
                Most obvious as stated above security.



                Unicast traffic will flow without issues, but it can cause other problems.
                There are ip addresses for certain traffic which are shared for all ip traffic independent from a specific subnet.(multicast&limited broadcast addresses etc.).
                For example when running ha cluster-protocols like hsrp/vrrp, securexl and such or something like PIM/igmp.



                So you can use it when needed but in general better try to avoid it. In bigger networks it can cause more headache than it is worth.






                share|improve this answer








                New contributor




                hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.





















                  1












                  1








                  1






                  In general, yes you can do that.
                  Basically said one has nothing to do with the other. Vlans are l2 segregation/separation while subnetting achieves the same for l3.



                  However, it is not recommended for certain reasons.
                  Most obvious as stated above security.



                  Unicast traffic will flow without issues, but it can cause other problems.
                  There are ip addresses for certain traffic which are shared for all ip traffic independent from a specific subnet.(multicast&limited broadcast addresses etc.).
                  For example when running ha cluster-protocols like hsrp/vrrp, securexl and such or something like PIM/igmp.



                  So you can use it when needed but in general better try to avoid it. In bigger networks it can cause more headache than it is worth.






                  share|improve this answer








                  New contributor




                  hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  In general, yes you can do that.
                  Basically said one has nothing to do with the other. Vlans are l2 segregation/separation while subnetting achieves the same for l3.



                  However, it is not recommended for certain reasons.
                  Most obvious as stated above security.



                  Unicast traffic will flow without issues, but it can cause other problems.
                  There are ip addresses for certain traffic which are shared for all ip traffic independent from a specific subnet.(multicast&limited broadcast addresses etc.).
                  For example when running ha cluster-protocols like hsrp/vrrp, securexl and such or something like PIM/igmp.



                  So you can use it when needed but in general better try to avoid it. In bigger networks it can cause more headache than it is worth.







                  share|improve this answer








                  New contributor




                  hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  share|improve this answer



                  share|improve this answer






                  New contributor




                  hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  answered 2 days ago









                  hab

                  111




                  111




                  New contributor




                  hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.





                  New contributor





                  hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.






                  hab is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.























                      0














                      I do this on my home network: I have a RFC1918 /24 which is what gets DHCP'd out to my internal network and is used by default for anything on my home LAN - this the entirely normal, common scenario you're used to in home/SMB networks.



                      I also have a public /29 on that VLAN (PA space from my ISP). I don't DHCP that, because... well, I only have 6 IPs to use. Instead, I statically allocate IP addresses on my servers/workstations/other devices I want accessible from the internet sans NAT.



                      This means I often end up with two IPs on these devices (for instance, my workstation on my desk is 10.200.8.13 and also has some publicly routable IP). This has the benefit of preventing hairpin routing via my (relatively slow) firewall/router when I am accessing something local because all the devices share the same Layer 2 domain. I also do not need to mess with VLAN config on my desktop and it even works over WiFi for my laptop!



                      My setup is a significant edge-case, mind, and I have complete control of the environment. Your mileage will vary, especially in enterprise environments.






                      share|improve this answer








                      New contributor




                      Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.























                        0














                        I do this on my home network: I have a RFC1918 /24 which is what gets DHCP'd out to my internal network and is used by default for anything on my home LAN - this the entirely normal, common scenario you're used to in home/SMB networks.



                        I also have a public /29 on that VLAN (PA space from my ISP). I don't DHCP that, because... well, I only have 6 IPs to use. Instead, I statically allocate IP addresses on my servers/workstations/other devices I want accessible from the internet sans NAT.



                        This means I often end up with two IPs on these devices (for instance, my workstation on my desk is 10.200.8.13 and also has some publicly routable IP). This has the benefit of preventing hairpin routing via my (relatively slow) firewall/router when I am accessing something local because all the devices share the same Layer 2 domain. I also do not need to mess with VLAN config on my desktop and it even works over WiFi for my laptop!



                        My setup is a significant edge-case, mind, and I have complete control of the environment. Your mileage will vary, especially in enterprise environments.






                        share|improve this answer








                        New contributor




                        Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                        Check out our Code of Conduct.





















                          0












                          0








                          0






                          I do this on my home network: I have a RFC1918 /24 which is what gets DHCP'd out to my internal network and is used by default for anything on my home LAN - this the entirely normal, common scenario you're used to in home/SMB networks.



                          I also have a public /29 on that VLAN (PA space from my ISP). I don't DHCP that, because... well, I only have 6 IPs to use. Instead, I statically allocate IP addresses on my servers/workstations/other devices I want accessible from the internet sans NAT.



                          This means I often end up with two IPs on these devices (for instance, my workstation on my desk is 10.200.8.13 and also has some publicly routable IP). This has the benefit of preventing hairpin routing via my (relatively slow) firewall/router when I am accessing something local because all the devices share the same Layer 2 domain. I also do not need to mess with VLAN config on my desktop and it even works over WiFi for my laptop!



                          My setup is a significant edge-case, mind, and I have complete control of the environment. Your mileage will vary, especially in enterprise environments.






                          share|improve this answer








                          New contributor




                          Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                          Check out our Code of Conduct.









                          I do this on my home network: I have a RFC1918 /24 which is what gets DHCP'd out to my internal network and is used by default for anything on my home LAN - this the entirely normal, common scenario you're used to in home/SMB networks.



                          I also have a public /29 on that VLAN (PA space from my ISP). I don't DHCP that, because... well, I only have 6 IPs to use. Instead, I statically allocate IP addresses on my servers/workstations/other devices I want accessible from the internet sans NAT.



                          This means I often end up with two IPs on these devices (for instance, my workstation on my desk is 10.200.8.13 and also has some publicly routable IP). This has the benefit of preventing hairpin routing via my (relatively slow) firewall/router when I am accessing something local because all the devices share the same Layer 2 domain. I also do not need to mess with VLAN config on my desktop and it even works over WiFi for my laptop!



                          My setup is a significant edge-case, mind, and I have complete control of the environment. Your mileage will vary, especially in enterprise environments.







                          share|improve this answer








                          New contributor




                          Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                          Check out our Code of Conduct.









                          share|improve this answer



                          share|improve this answer






                          New contributor




                          Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                          Check out our Code of Conduct.









                          answered 2 days ago









                          Alfie Pates

                          11




                          11




                          New contributor




                          Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                          Check out our Code of Conduct.





                          New contributor





                          Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                          Check out our Code of Conduct.






                          Alfie Pates is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                          Check out our Code of Conduct.






















                              user53815 is a new contributor. Be nice, and check out our Code of Conduct.










                              draft saved

                              draft discarded


















                              user53815 is a new contributor. Be nice, and check out our Code of Conduct.













                              user53815 is a new contributor. Be nice, and check out our Code of Conduct.












                              user53815 is a new contributor. Be nice, and check out our Code of Conduct.
















                              Thanks for contributing an answer to Network Engineering Stack Exchange!


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid



                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.


                              To learn more, see our tips on writing great answers.





                              Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                              Please pay close attention to the following guidance:


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid



                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.


                              To learn more, see our tips on writing great answers.




                              draft saved


                              draft discarded














                              StackExchange.ready(
                              function () {
                              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f55793%2fa-vlan-maps-several-subnet%23new-answer', 'question_page');
                              }
                              );

                              Post as a guest















                              Required, but never shown





















































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown

































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown







                              Popular posts from this blog

                              "Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

                              Alcedinidae

                              Origin of the phrase “under your belt”?