Skip navigation
Cisco Learning Home > CCNP R&S Study Group > Discussions
13738 Views 11 Replies Latest reply: Jan 21, 2011 2:17 PM by ericleahy - CCNP, CCDP, CCNA SEC RSS

Currently Being Moderated

Two different IP ranges to the same vlan

Jan 20, 2011 11:34 PM

James 584 posts since
Jun 29, 2008

Here is a questions, which i think i know what it is but lets see what we can come up with.

I am running out of IP address for one sections and with that I am woundering if I can assign two different ip address ranges to the same VLAN and still route them though the network. 143.114.92.x and 143.114.95.x yes i know i can change the subnet mask and make it work that way. But i have other items betwoeen those that I dont want to inculdue in this vlan. I am using the 6500 as a core switch.

 

Let me know what I might be able to do. I think I might have to move things around in order to free up the IP range some. within that vlan and start a new one. I know that sounds easy but to many things can go wrong and the planning would get me backed up on other work also.

 

thanks

  • Mr.Snedie 137 posts since
    Jan 18, 2011
    Currently Being Moderated
    1. Jan 21, 2011 2:38 AM (in response to James)
    Re: Two different IP ranges to the same vlan

    Well as I am certain you are already aware, a VLAN is the segmentation of a broadcast domain. The prevelent problem with running multiple IP Ranges within a single VLAN is that IP itself is a broadcast technology. As such, any device which send a broadcast may inadvertantly end up reaching the wrong destinations.

     

    This especially poses problems for such things as DHCP, ARP and Routing Protocols (All of which rely on broadcasts).

     

    If a second IP Range is required, and your 6500 has a Layer 3 supervisore engine, the best option here is to create another VLAN and implement routing between them as you see fit. Doing this is much much easier and will save you a major headache further down the road when your network begins to act erratically.

     

    Please keep us up to date with what you do

  • Addy 105 posts since
    Oct 21, 2009
    Currently Being Moderated
    2. Jan 21, 2011 3:20 AM (in response to James)
    Re: Two different IP ranges to the same vlan

    I second the opinion given in the previos post. I haven't given much thought to whether it would be possible to have two IP ranges within the same VLAN, but it surely wouldn't be pretty. Once you start putting bandages to run a badly designed network, it'll soon turn ugly & you'll spend much more time trying to sort out the mess. I would also have created a second VLAN & set up interVLAN routing.

     

    Just my tuppence worth.

  • Chad Spears CCNP CCDA CCNAS 752 posts since
    Jul 27, 2009
    Currently Being Moderated
    3. Jan 21, 2011 4:06 AM (in response to James)
    Re: Two different IP ranges to the same vlan

    James-

     

         I have to agree with the other guys.  My question to you is: The LAN we are speaking about is it at the access layer, meaning you are providing host these addresses?

     

    Also,

     

    Are these the actual subnets, if so, and you are using them internal.  Then be aware that you might be creating a black hole in your network.

     

    The reason I ask these questions, is because this is more of a design question; and I am actually studying for my CCDA.

     

    Thanks,
    CS

  • Brian 2,971 posts since
    Aug 17, 2009
    Currently Being Moderated
    4. Jan 21, 2011 4:09 AM (in response to James)
    Re: Two different IP ranges to the same vlan

    Aloha James,

     

    Yes, it is possible and vlaid to have multiple subnets on one VLAN.  However, there are disadvantages to doing.  1. the size of the broadcast domain. 2. routing between the multiple subnets.

     

    It is always better to configure one subnet per VLAN.  However, if you insist on using multiple subnets per VLAN, make sure the subnets are contiguous.

     

    Example, you have the following three subnets 192.168.1.0/24, 192.168.2.0/24 and 192.168.3.0/24. 

     

    Preferred method one subnet per VLAN:

    Layer 2 switch

    VLAN 1: 192.168.1.0/24

    VLAN 2: 192.168.2.0/24

    VLAN 3: 192.168.3.0/24


    Layer 3 swicth

    int vlan 1
    ip address 192.168.1.1 255.255.255.0
    !
    int vlan 2
    ip address 192.168.2.1 255.255.255.0
    !
    int vlan 3
    ip address 192.168.3.1 255.255.255.0
    !

     

    No so popular, multiple subnets per VLAN:

    VLAN 123:

    subnet 1: 192.168.1.0/24

    subnet 2: 192.168.2.0/24

    subnet 3: 192.168.3.0/24

     

    Layer 3 device is switch

    int vlan 123

    ip address 192.168.1.1 255.255.255.0

    ip address 192.168.2.1 255.255.255.0 secondary

    ip address 192.168.3.1 255.255.255.0 secondary


    Be carefule of dynamic routing protocols when you use multiple subnets per vlan as they treat the use of secondary IP address differently when sending and receiving updates.  For example, EIGRP will not form neighbor relationships over secondary addresses.  So, in your layer 3 swicth/router you may need to use static routes.

     

    Having the subnets contiguous allows you to route a larger "supernet".  In the caseof the above scenario, you would route the 192.168.0.0/22 to your layer 3 switch.  This "supernet" includes 192.168.0.0 to 192.168.3.255, the three subnets you have configured.

     

    HTH

  • Mr.Snedie 137 posts since
    Jan 18, 2011
    Currently Being Moderated
    5. Jan 21, 2011 4:28 AM (in response to James)
    Re: Two different IP ranges to the same vlan

    Chad presents a very valid point - Your subnets are discontiguous and if you follow Brian's "Supernet" topology you could end up with a "Black Hole", in which routing protocols are directing packets to invalid routes.

     

    Can we get a topology map? There is on all likely hood a much simpler solution than proposed.

  • Currently Being Moderated
    6. Jan 21, 2011 4:29 AM (in response to James)
    Re: Two different IP ranges to the same vlan

    I would suggest planning a re-design of your IP addressing scheme. It would be more work, but it would be less of a headache in the long run.

  • Currently Being Moderated
    7. Jan 21, 2011 6:58 AM (in response to James)
    Re: Two different IP ranges to the same vlan

    Either add a second IP range as a secondary IP address to that VLAN or spin up a new VLAN.  I vote for spinning up a new VLAN.

  • Joshua Johnson - CCNP R&S 5,149 posts since
    Sep 22, 2009
    Currently Being Moderated
    8. Jan 21, 2011 10:15 AM (in response to tnewshott)
    Re: Two different IP ranges to the same vlan

    I second/third/forth/fifth that opinion: New VLAN...

  • Brian 2,971 posts since
    Aug 17, 2009
    Currently Being Moderated
    9. Jan 21, 2011 12:09 PM (in response to Mr.Snedie)
    Re: Two different IP ranges to the same vlan

    The "black hole" is present with the discontiguous subnets.  By making sure the subnets are contiguous you avoid the "black hole".

     

    Oh, and for the record, I do not recommend using multiple subnets for a single VLAN.  Merely was showing a basic configuration if you do use one.

     

    There are plenty of private adderess space to configure single subnet per VLAN.  Depending onthe size of each subnet he needs the blcoks of IP addresses he mentions 143.114.92.x amd 143.114.95.x.  What are the prefix length we are talking about here?  Does he have the 143.114.92.0/22 IP block which includes 143.114.92.0 to 143.114.95.255.

     

    I am all for creating a new VLAN.

     

    HTH

  • Jared 5,498 posts since
    Jul 27, 2008

    I also vote a new vlan.  Having had sites that had secondary IP setups, I will tell you that it is not fun and I will never go back.

  • ericleahy - CCNP, CCDP, CCNA SEC 206 posts since
    Jan 8, 2010
    Currently Being Moderated
    11. Jan 21, 2011 2:17 PM (in response to James)
    Re: Two different IP ranges to the same vlan

    OK here is my 2 cent wort (which might russell a few feathers ). Are you running your VLAN over HSRP on you "core" 6500??

    If you are you could add another group to the VLAN interface under a different subnet,

     

    http://www.cisco.com/en/US/tech/tk648/tk362/technologies_configuration_example09186a0080094e90.shtml

     

    I have tried it out and it works (in a lab). But I will have to agree with everyone else "redesign" and "new VLAN" to stop this from happen again on your network

     

    HTH

     

    Eric

Actions

More Like This

  • Retrieving data ...

Incoming Links

Bookmarked By (0)