Go Premium for a chance to win a PS4. Enter to Win


Max Hosts in a VLAN

Posted on 2008-10-27
Medium Priority
Last Modified: 2012-05-05
We have a big Lan network and quite often we have high level of traffic and the devices give us a sys log message saying prioritizing traffic. Then i tried to get the trace and find out that it is the Broadcast messages that are causing the problem. Then i found out that there are too many devices in a single vlan. So can anyone help me out with the max number of hosts i can have on a single 2960 switch.
Question by:VRRDANDU
  • 4
  • 3
  • 2
  • +1
LVL 22

Expert Comment

by:Syed Mutahir Ali
ID: 22810914
Hi ,

Can you please clarify a bit ;
How many physical ports do you have on the switch ?
How many vlans are configured on the switch ?
How many devices you have in a single vlan ?

If you are encountering broadcast storms and such, the best way is to re-design your vlan structure.

is this the only switch in your lan ? if not ; How many other switches are connected with this one ? Is trunking enabled ? Are those switches Layer2  or Layer3 ?


LVL 21

Expert Comment

ID: 22810922
Recomended is about /24 per single broadcast domain. However, I have seen networks with /22 within single vlan and network was running ok. It is also true, I have seen networks with up to ten /24 networks within one physical segment and admins faced a lot of problems there with high level of "noice" traffic coming to a single host.

So if you have much more than /24 hosts within single subnet, try redesigning your topology

Author Comment

ID: 22811918
    We got nearly 100 2960s and some 3750 and some 8 6500 switches and some 3com switches aswell. We got nearly 25 vlans and in those 2 are on /18 and three in /21 and nearly 12 on /23 and remaining on /24. so can you help me in finding out the best solution for running the traffic smoothly.

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

LVL 21

Expert Comment

ID: 22812198
oh, my.....
can you at least try to draw a scheme of your current network?

It is important to know what routing points do you have now and where we can try to implement new.
It is also important to understand, that changing routing scheme involves changing ip addresses for workstations and servers, so you will need time to carefully plan and deploy new topology.

I would suggest to understand what kind of traffic do you have from workstations to what directions.
For example, if you have very generic office with microsoft solutions deployed (office, exchange, AD, file/print servers etc), it should be save to change ip address of the particular client pc if dns is working correctly, so it will be able to access it's shares and printers by names.

In this case we assume you have centralized management architecture with group policies etc.

If this is your case, then the only thing you need  is time. So after you plan your network, you start pc-by-pc migration to the new topology.

Shell I continue or my assumption is wrong? ;)

LVL 16

Expert Comment

by:Aaron Street
ID: 22812948
Cisco and microsoft recomend about 200 host per physical network/broadcast domain.
the maxamum is generaly accepted as 500 host.

the main problem with large numbers of hosts is the back ground traffic it creates, rather than the danger of a broadcast storm. (although if a stoprm dose occour the larger the segment the worse it will be.)

all machines in a vlan will talk at layer 2. layer 3 will only be used to determin the MAc addrss. so the conversation goes some thing like (the folloing is a basic address resolution request ARP)

from PC A: "to every on on the network I want to talk to ip address xxx.xxx.xxx.xxx. who has that address please. "

now that packet hits every pc/printer/server attached in that vlan. and all but one of them, will read the packet and then ignore it.
one will reply "yep thats me, my mac address is xxxx:xxxx:xxxx lets chat...

now with a small amount of hosts this will only be happening a few times a second in total on the network, as once a conversation starts they dont usualy braodcast, and PC do have a ARP cache with keep a recourd of ip - mac list.

however on a large number of hosts you can have 40+ arp a second flying around, DHCP, DNS and many other things on the network can casue ARP requests as well. up to the point where the actuly number of packets (not size of data but actuly packet numbers) can be more than 50% broadcast. and i have seen cases of 100+ packets a second of this type of data.

now again the size of the data is not high (ARP packets are small!) but imagen if you are trying to talk to someone else (stream a file from one PC to another) and 100+ times a second some one comes up and asks you if your name is phil, sue, derek, jane, etc, etc,

make hold a stedy conversation a bit tricky!!! This is the way seperate vlan really incress the effecency of the network.

Also Router that look after seperate vlans, will ofter hold an almost complete ARP table, as they fliter many PC's talking to many PC's the only need to run an ARP request for the first conversation that enclues an endstation, IF another host then trys to talk to the same endstation, they already have the ARP result so dont have to run it again. (ARP it  set by default to refresh after 15min)

So by splittign the Network up in to <500 host per vlan, you will signiffently reduce broadcast traffic and incress the efficency of your network.

If you have servers that stream data such as video, I would suggest even smaller groups to reduce broadcast traffic and background noise as much as possible.

Author Comment

ID: 22813340
Hi ,

    Thanks for the quick reply, i know the cause for the high traffic levels and we are planning to break the big networks into small. But i am not sure how small should i make and in near future we are going to implement VOIP aswell. I did understand wht you explained but i want to know how many vlans i can have and how small. If you dont mind can you provide some PDFs where i can have a brief study about it !
LVL 16

Expert Comment

by:Aaron Street
ID: 22813510
you can have a vlan with a single host if you require.

and a switch can hold up to 1005 vlans if required!

so dont worry to much about running out of them or how samll they are.

rember a subnet requires a boradcast address (top address) and a network address (bottom address) and some for the hosts on that segment. (so generaly a vlan would be 4 or more ipaddress in size.)

but are you talking how small can a VLAN be, or a Subnet be? the two are different things....

one is physical (VLAN) and one is logical (Subnet)

LVL 16

Expert Comment

by:Aaron Street
ID: 22813524
PS do you have a Cisco site Log on. IF so I can point you to some good information on there site about VLAN and Subnetting

Author Comment

ID: 22813907
Yeah if you can give me the link that will be helpful. I dont mean making small network. I want to know what is the industry recommendation if you got such a big and complecated network. The recommended size of each vlan, subnet and the number of vlans in a network ?
LVL 16

Accepted Solution

Aaron Street earned 1000 total points
ID: 22814100
ok let me find the documents.

however the size of a vlan/subnet (assuming you are making a vlan for each subnet) is about 200 hosts per vlan.

the number of vlans in a network is as many as the total number of hosts / 200 eaquls.

and it is generaly recomened you find natural devided such as floors/ departments/ servers.. which split the network in to logical segments.

but you will never find a "industy recommendation", as it will vary greatly depnding on what the hosts do. and how you have them aranged.

here is brif table but this is a bit old now

On the specific certificantion front, there are CID recommendations on the
> maximum number of hosts per VLAN, which are a little simplistic:
>    1000 for "well behaved IP" -- hosts that just do ARPs, DHCP, etc.
>                                  but no broadcast applications
>    500 for general IP with rational broadcast/multicast applications
>    200-500 for Apple, DECnet, CLNP -- assuming that hosts on the network
>                                  will ignore multicasts not meant for them
>    200 for NetBEUI
> These numbers reflect only the broadcast/multicast interrupt load on older
> processors connected at 10 Mbps.

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses
Course of the Month13 days, 11 hours left to enroll

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question