Quck/easy IPv4 subnet setup question
-
Looking for general consensus on best practices for setting up a single device/host on a subnet. What subnet should I use and why?
Long story short, I set up a VLAN and plugged in an "el-cheap-o" brand xyz wireless router so that the kids/family could do their thing and not muck up my stuff. Keeps them isolated, allows me to monitor, etc. Should I just give it a /24 and not think twice about it or should I use something else? I don't know enough about subnets to know if a /32 or /31 or /30 would in any way be better than a full /24??? Their router is their own thing set to the default routing tables with a few parental controls enabled.
Current Setup:
WAN1 - 5x Static IP's from ISP1
WAN2 - DHCP from ISP2
LAN - /24
OPT1 - /24 (wifi)
OPT2 - /?? (VLAN to kids/family wireless router)
OPT3 - /24 (VLAN to ESXi Cluster1)
OPT4 - /24 (VLAN to ESXi Cluster2)Thanks for any feedback!
-
I would do a couple things:
First, /24s are fine and everyone expects them.
I would pick something at random like 172.24.0.0 then split that into /24s.
172.24.0.0/24
172.24.8.0/24
172.24.16.0/24
172.24.24.0/24
172.24.32.0/24
…That way you can increase any of the subnets if you want later. You can cover everything with 172.24.0.0/16 if you want.
If you're going to renumber, just get off 192.168.0.0/24, 192.168.1.0/24, and 10.anything/anything. Your likelihood of having a collision over a VPN with the above 172.24.0.0 networks is pretty slim.
No need to go nuts. Main thing is to get off the common networks to avoid future collisions.
-
I would do a couple things:
First, /24s are fine and everyone expects them.
I would pick something at random like 172.24.0.0 then split that into /24s.
172.24.0.0/24
172.24.8.0/24
172.24.16.0/24
172.24.24.0/24
172.24.32.0/24
…That way you can increase any of the subnets if you want later. You can cover everything with 172.24.0.0/16 if you want.
If you're going to renumber, just get off 192.168.0.0/24, 192.168.1.0/24, and 10.anything/anything. Your likelihood of having a collision over a VPN with the above 172.24.0.0 networks is pretty slim.
No need to go nuts. Main thing is to get off the common networks to avoid future collisions.
I lied. I forgot an interface/VLAN. It's actually this:
Current Setup:
WAN1 - 5x Static IP's from ISP1
WAN2 - DHCP from ISP2
LAN - 10.x.x.x/24
OPT1 - 10.x.x.x/24 (wifi)
OPT2 - 10.x.x.x/?? (VLAN to kids/family wireless router)
OPT3 - 10.x.x.x/24 (VLAN to ESXi Cluster1)
OPT4 - 10.x.x.x/24 (VLAN to ESXi Cluster2)
OPT5 - 10.x.x.x/24 (VLAN to ESXi VMkernels)I see your point with the 10-dot Class C's… but it is what it is at this point and I/we have used these numbers for years so they correspond to things and would be a PITA to change. The only thing that will EVER be attached to that VLAN is that one wireless router. VLAN's are easy enough to create and/or modify anyway. Unless anyone has reason not to I'll just give the thing a full Class-C and be done with it.
Thanks.
