[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Subnet vs. VLAN

Posted on 2006-03-21
Medium Priority
Last Modified: 2008-03-06
I have a fairly large lan that is spread out geographicalls via wireless links as well as hardwired to offices.  Current there is a single /24 subnet and i am considering using VLANs to contain broadcast traffic on the network.  My questions is, If i were to further subnet that /24 network into serveral smaller networks, shouldnt that accomplish the same as a VLAN with respect to broadcasts?
Question by:andreacadia
  • 3
  • 2

Accepted Solution

minmei earned 2000 total points
ID: 16253315

The only way subnets contain broadcast traffic is if routers connect them to each other. The routers drop the broadcasts. Setting it up as smaller networks will force traffic to the router between the subnets, but the single vlan will mean that the switches will pass every broadcast to all ports in the vlan. Splitting the network with VLANS will mean that your switches will not pass broadcasts from one VLAN to another, and bring down the background "noise" of your network.

VLANs aren't that hard to implement. Dig in and you'll get more benefits for your network.

Good luck!

Author Comment

ID: 16253358
Would be the outcome be the same if i used a single subnet with multiple VLANs or made each vlan a differnet network?

Expert Comment

ID: 16253543
each VLAN needs to be a different network - a VLAN is just a subnet, just implemented on a group of switches...

a traditional subnet would be all ports on a switch, then connected to other switches, then connected to a router. the router would mark the edge of the subnet, then be connected to another switch which would be another network.

a VLAN allows you to do this using one or a few switches - managed switches - by setting up some ports in one network/subnet/VLAN, and other portsd in another network/subnet/VLAN. even though there are multiple subnets on one switch, the switch keeps all traffic on the subnet that originated it and lets the router take all traffic between subnets.

there's an ok article on this here:  http://www.dell.com/downloads/global/products/pwcnt/en/app_note_38.pdf


Author Comment

ID: 16253750
For clarification...If i need 3 VLANs to use the same internet gateway and require inter VLAN commmunication tthen each VLAN must have its own:

- direct connect to interface on the router
- each vlan on a different subnet

Plus i would then have to configure my router to route the inter VLAN traffic?  I will be using cisco equipment to accomplish this so any reference to that would help.

Expert Comment

ID: 16253913

imagine you have internet gateway, part of vlan 1 (, vlan 2 (, and vlan 3 (

you could have one cisco router that has 3 ethernet interfaces, one interface, a second, and the third

the router would have a physical connection to a port on your switch assigned to that specific vlan. you would configure your switch with commands on the individual interfaces as such:

interface fastethernet 0/1
  switchport mode access
  switchport access vlan 1

interface fastethernet 0/2
  switchport mode access
  switchport access vlan 2

interface fastethernet 0/3
  switchport mode access
  switchport access vlan 3

and so on... depending on which device you put in which subnet/vlan.

you would also have to tell the switch you had more than one vlan - this command differs by switch model

This is the simplest case. If you have more than one switch, you would need to either keep all vlan ports to one switch (switch one is vlan 1, switch 2 is vlan 2...) or configure a vlan trunk port on the connection between switches:

interface fastethernet 0/24
  switchport trunk encapsulation dot1q
  switchport mode trunk

you could also use one connection to your router from one switch and put all 3 vlans on that connection using a trunk on the switch and subinterfaces on the router

interface fastethernet 0/0
  no ip address
interface fastethernet 0/0.1
  encapsulation dot1q 1 native
  ip address
interface fastethernet 0/0.2
  encapsulation dot1q 2
  ip address
interface fastethernet 0/0.3
  encapsulation dot1q 3
  ip address

Cisco article:



Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question