Subnetting vs vlan

Dell INSPIRON 1525
September 27, 2009 at 12:35:52
Specs: XP pro sp2, 2.8 dual/3gb
setting up vlans is way easier. Subnetting is difficult to figure out. I'm in my third semester of Cisco, and would like any opinions.

Please sit back and relax while Windows 98 installs on your computer.


See More: Subnetting vs vlan

Report •


#1
September 27, 2009 at 14:32:01
Most people think the other way around.

There is no substitue for both. You will need to use them in a normal setup I'd think.

Playing to the angels
Les Paul (1915-2009)


Report •

#2
September 27, 2009 at 20:37:46
Sure vlans are easier. It's just a glorified light switch. So is subnetting if you learn to use an Online Subnet calculator :-) Then it truely is plug and play.

Report •

#3
September 27, 2009 at 20:51:52
Of course subnet calculators are cheating!! According to my instructor anyway. I learned to do the entire process without the use of said calculator. Borrowing bits and the whole 9 yards. I prefer vlans instead. A few commands in the switch cli and all set.

Please sit back and relax while Windows 98 installs on your computer.


Report •

Related Solutions

#4
September 27, 2009 at 23:13:18
A VLAN offers physical separation virtually. A subnet is used to break up the broadcast domain & make things more managable.

Two really different things there...subnets offer no security w/o an IP firewall inbetween, VLAN traffic must stay within it's own VLAN...

Also - us poor b---tards don't have hte $$$'s to shell out for a 802.1q tagging switch - so subnets normally do fine unless you're securing the subnets from each other...


Report •

#5
September 28, 2009 at 05:29:33
Well, I work extensively with both. I like that VLAN tagging is faster than normal routing. I like that VLAN's can easily span physical locations and I really like that multiple VLAN's can be on the same switch.

We use subnet's within VLAN's and for the most part, each subnet is it's own VLAN with one big exception. We've created a supernet in one VLAN for our videoconferencing equipment. This made sense since we have a small number of board rooms with videoconferencing capability and only 6 mobile videoconferencing units.

Where I work, VLAN's and subnet's go hand in hand and honestly, I can't imagine doing it any other way.


Report •

#6
September 28, 2009 at 08:19:40
"subnet calculators are cheating!! "

Do you do algebra by hand or do you use a calculator?

It is all about the tools available and knowing where to find them and use them properly.


Report •

#7
September 28, 2009 at 13:34:25
VLANs are more secure from what I understand. A subnet can be logged onto with a simple change to routing tables. VLANs would require MAC spoofing.

Report •

#8
September 28, 2009 at 13:53:13
Sorry but vlans are per port not mac address. You can connect any device to the port and it will be on the vlan associated with that port.

Report •

#9
September 28, 2009 at 14:05:36
MAC spoofing is easy with backtrack.

How do you know when a politician is lying? His mouth is moving.


Report •

#10
September 28, 2009 at 14:09:07
The switches we use can map a port to a specific MAC address. Which would mean, only a device with that MAC address could use that port.

But this has nothing to do with the VLAN assigned to that port. In fact, I could map a port to a MAC and change the VLAN which in my case, would change the subnet too.

Oh and for the record, wanderer is right.......subnet calculators are not cheating. Of course it's always best to know how to subnet manually in case you ever find yourself in a situation where you can't access a subnet calculator, but not using an available tool makes no sense.

Imagine building the Empire State building without using any tools because that would be "cheating". A rather ridiculous concept isn't it!


Report •

#11
September 28, 2009 at 14:44:27
Yes, I guess both is true depending on how you set it up. You could simply set a range of ports (on a switch that supports it) to belong to a specific VLAN and and use Trunks which is even more secure.

I have done it the other way where you specify by the MAC which makes it easy to move computers around because no matter what jack they are plugged into they only see the VLAN they belong to. It even looks like there is a Layer 3 VLAN which uses packets. So it looks like it depends on if you are Doing Layer 1,2 or 3 VLANs.

http://www.entrecs.com/NetworkServi...

So my argument still stands that they are more secure but you need the equipment to support them where sub netting will work with any equipment.

As for sub netting calculator. It is no more of a cheat than using the cart which without it is is impossible to pass the CCNE because it is timed and to AND GATE all those addresses like the old guys use to do would take for ever.

http://www.security-exchange.net/fo...

I use the chart because it is easy to generate from memory and it makes subnetting so much faster.


Report •

#12
September 28, 2009 at 15:27:42
I believe mac to vlan is referred to as dynamic vlans which are relatively new addition to the vlan arena.

Report •

#13
September 28, 2009 at 17:10:01
wow, so many responses. Thanks for all the help guys.

Please sit back and relax while Windows 98 installs on your computer.


Report •


Ask Question