Should I split my data network into 2 separate VLANs?

networking ip-address

I am currently using 10.54.0.0 /19 for all my desktop clients and printers. We have approx 550 clients/printers.

Besides bandwidth, which is barely being utilized, are there any other reason to split up my data network or go to a smaller subnet than the /19 that I am currently using?


Having desktop clients on a /19 gives you an incredibly large broadcast domain. That means DHCP requests, arp queries, mDNS, netbios, IPP printer discovery, etc. packets from a single host is getting replicated 550x. Generally, a /24 is the largest subnet that you'd want to put actual hosts in. Since you're in RFC1918 space, you can use a different /24 (or whatever) for every logical division you can come up.

The real question you should be asking is if you should be using smaller subnets. The answer to which is, "probably". If you choose to implement that with VLANs or not is really orthogonal.


Because your network is underutilized and you have only a few hosts, the only reason to split the /19 into smaller prefixes would be security. This means that you will use VLANs and a router to allow/filter the communication between VLANs.

Evaluate how much time will take to change the IPs and the applications that are using those IPs and see if it does worth to switch to other prefixes. With less resources you can find and eliminate unneeded broadcast generators, if they are affecting your network traffic.

If you add more hosts you can reach some limitations like the max number of MACs in the MAC address table of the switches, or the number of ARP entries in the ARP table on the router. If you reach this limit you will notice either high delays or strange behaviors (hosts that can not talk to each other, excessive broadcasts).

If you split your network in smaller prefixes, but you do not use VLANs, you will not reduce the broadcast traffic and you will not make your network more secure. Even if you split your network in VLANs, but you transport the VLANs on all switches (e.g. you are not using VLAN pruning) the broadcast traffic will affect all switches.

Some equipments, like Cisco switches, can limit the broadcast too (by rate or by type).

Network planning: Before doing any change create use cases with problems that you might encounter on your network and plan based on those assumptions.

Related

"Template" for handing out user & passwords for employees
How to gzip logs created by rotatelogs
HP Microserver Mini-SAS Cable
.htaccess does not ask the password
Using tmpfs + a very large swap partition for /tmp instead of a regular filesystem?
mysqldump ignore table with wildcard
bind apache ssl port with different port with same openssl port 443
How to check a route exist between two hosts for a particular port?
Memcached listen on selected interfaces
Why do servers have SAS instead of SSDs? [closed]
Does "~all" in the middle of an SPF record signal the end of the record when it is parsed?
Centos 7/1503 -- Getting Error setting up base repository during installation