Max Hosts in a VLAN

We have a big Lan network and quite often we have high level of traffic and the devices give us a sys log message saying prioritizing traffic. Then i tried to get the trace and find out that it is the Broadcast messages that are causing the problem. Then i found out that there are too many devices in a single vlan. So can anyone help me out with the max number of hosts i can have on a single 2960 switch.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Syed Mutahir AliTechnology ConsultantCommented:
Hi ,

Can you please clarify a bit ;
How many physical ports do you have on the switch ?
How many vlans are configured on the switch ?
How many devices you have in a single vlan ?

If you are encountering broadcast storms and such, the best way is to re-design your vlan structure.

is this the only switch in your lan ? if not ; How many other switches are connected with this one ? Is trunking enabled ? Are those switches Layer2  or Layer3 ?


Recomended is about /24 per single broadcast domain. However, I have seen networks with /22 within single vlan and network was running ok. It is also true, I have seen networks with up to ten /24 networks within one physical segment and admins faced a lot of problems there with high level of "noice" traffic coming to a single host.

So if you have much more than /24 hosts within single subnet, try redesigning your topology
VRRDANDUAuthor Commented:
    We got nearly 100 2960s and some 3750 and some 8 6500 switches and some 3com switches aswell. We got nearly 25 vlans and in those 2 are on /18 and three in /21 and nearly 12 on /23 and remaining on /24. so can you help me in finding out the best solution for running the traffic smoothly.

Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

oh, my.....
can you at least try to draw a scheme of your current network?

It is important to know what routing points do you have now and where we can try to implement new.
It is also important to understand, that changing routing scheme involves changing ip addresses for workstations and servers, so you will need time to carefully plan and deploy new topology.

I would suggest to understand what kind of traffic do you have from workstations to what directions.
For example, if you have very generic office with microsoft solutions deployed (office, exchange, AD, file/print servers etc), it should be save to change ip address of the particular client pc if dns is working correctly, so it will be able to access it's shares and printers by names.

In this case we assume you have centralized management architecture with group policies etc.

If this is your case, then the only thing you need  is time. So after you plan your network, you start pc-by-pc migration to the new topology.

Shell I continue or my assumption is wrong? ;)

Aaron StreetInfrastructure ManagerCommented:
Cisco and microsoft recomend about 200 host per physical network/broadcast domain.
the maxamum is generaly accepted as 500 host.

the main problem with large numbers of hosts is the back ground traffic it creates, rather than the danger of a broadcast storm. (although if a stoprm dose occour the larger the segment the worse it will be.)

all machines in a vlan will talk at layer 2. layer 3 will only be used to determin the MAc addrss. so the conversation goes some thing like (the folloing is a basic address resolution request ARP)

from PC A: "to every on on the network I want to talk to ip address who has that address please. "

now that packet hits every pc/printer/server attached in that vlan. and all but one of them, will read the packet and then ignore it.
one will reply "yep thats me, my mac address is xxxx:xxxx:xxxx lets chat...

now with a small amount of hosts this will only be happening a few times a second in total on the network, as once a conversation starts they dont usualy braodcast, and PC do have a ARP cache with keep a recourd of ip - mac list.

however on a large number of hosts you can have 40+ arp a second flying around, DHCP, DNS and many other things on the network can casue ARP requests as well. up to the point where the actuly number of packets (not size of data but actuly packet numbers) can be more than 50% broadcast. and i have seen cases of 100+ packets a second of this type of data.

now again the size of the data is not high (ARP packets are small!) but imagen if you are trying to talk to someone else (stream a file from one PC to another) and 100+ times a second some one comes up and asks you if your name is phil, sue, derek, jane, etc, etc,

make hold a stedy conversation a bit tricky!!! This is the way seperate vlan really incress the effecency of the network.

Also Router that look after seperate vlans, will ofter hold an almost complete ARP table, as they fliter many PC's talking to many PC's the only need to run an ARP request for the first conversation that enclues an endstation, IF another host then trys to talk to the same endstation, they already have the ARP result so dont have to run it again. (ARP it  set by default to refresh after 15min)

So by splittign the Network up in to <500 host per vlan, you will signiffently reduce broadcast traffic and incress the efficency of your network.

If you have servers that stream data such as video, I would suggest even smaller groups to reduce broadcast traffic and background noise as much as possible.
VRRDANDUAuthor Commented:
Hi ,

    Thanks for the quick reply, i know the cause for the high traffic levels and we are planning to break the big networks into small. But i am not sure how small should i make and in near future we are going to implement VOIP aswell. I did understand wht you explained but i want to know how many vlans i can have and how small. If you dont mind can you provide some PDFs where i can have a brief study about it !
Aaron StreetInfrastructure ManagerCommented:
you can have a vlan with a single host if you require.

and a switch can hold up to 1005 vlans if required!

so dont worry to much about running out of them or how samll they are.

rember a subnet requires a boradcast address (top address) and a network address (bottom address) and some for the hosts on that segment. (so generaly a vlan would be 4 or more ipaddress in size.)

but are you talking how small can a VLAN be, or a Subnet be? the two are different things....

one is physical (VLAN) and one is logical (Subnet)

Aaron StreetInfrastructure ManagerCommented:
PS do you have a Cisco site Log on. IF so I can point you to some good information on there site about VLAN and Subnetting
VRRDANDUAuthor Commented:
Yeah if you can give me the link that will be helpful. I dont mean making small network. I want to know what is the industry recommendation if you got such a big and complecated network. The recommended size of each vlan, subnet and the number of vlans in a network ?
Aaron StreetInfrastructure ManagerCommented:
ok let me find the documents.

however the size of a vlan/subnet (assuming you are making a vlan for each subnet) is about 200 hosts per vlan.

the number of vlans in a network is as many as the total number of hosts / 200 eaquls.

and it is generaly recomened you find natural devided such as floors/ departments/ servers.. which split the network in to logical segments.

but you will never find a "industy recommendation", as it will vary greatly depnding on what the hosts do. and how you have them aranged.

here is brif table but this is a bit old now

On the specific certificantion front, there are CID recommendations on the
> maximum number of hosts per VLAN, which are a little simplistic:
>    1000 for "well behaved IP" -- hosts that just do ARPs, DHCP, etc.
>                                  but no broadcast applications
>    500 for general IP with rational broadcast/multicast applications
>    200-500 for Apple, DECnet, CLNP -- assuming that hosts on the network
>                                  will ignore multicasts not meant for them
>    200 for NetBEUI
> These numbers reflect only the broadcast/multicast interrupt load on older
> processors connected at 10 Mbps.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Switches / Hubs

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.