JamesonJendreas
asked on
Broadcast Packet Issues
OK - I've got an interesting situation, and I'm looking to see if anyone's got any ideas how I can work this out. I feel I may be pretty out of luck.
So, a quick run through of everything. I've got two buildings my HQ and Remote. These two sites are connected via an MPLS\PNT circuit, that routes between buildings using our Private IP space. Easy enough.
The part that becomes tricky, is the IP address space we are using. NOTE: This was an inherited setup, and I would have never had assigned my subsets this way. So, my HQ network is based off of a subnet 192.168.0.0 mask 255.255.240.0. MY Remote subnet lives in the 192.168.1.0 255.255.255.0 subnet. Obviously, the remote subnet lives within the space of my HQ's subnet.
So, my problem - We are seeing enormous amounts of Broadcast traffic going over this MPLS line, and crippling the speed (it's only a single T1 1.5 Mb circuit). So I want to not allow broadcast traffic over this line. Changing the remote locations subnet is currently not an option (I do not have anyone in that office capable of helping with such a task).
The solution I can think of is to build out a VLAN for the link. Currently my routers are as follows:
192.168.1.0 use 192.168.0.7, where 0.7 is the routers LAN interface. Also note I DO NOT HAVE ACCESS TO THESE ROUTERS, they are MIS routers managed by AT&T (another thing I would have not done).
So as far as I can tell, creating a VLAN and adding the uplink to the router to that VLAN would kill the broadcast packets. Only problem, is that I can't create a VLAN that has a subnet that is within the subnet of the default VLAN, not to mention that the IP address of the router is in my base VLAN as well.
If I could make the subnet change, I'd do something like:
HQ Router: 192.168.50.1
Create a VLAN: 192.168.50.2
Remote Router: 192.168.51.1
Remote Subnet: 192.168.51.x
Then create the route
192.168.51.0 to use 192.168.50.1
Suggestions? Am I just screwed and will have to re-evaluate my entire IP structure(which I will be doing anyway, but not planned until later this year)
JJ
So, a quick run through of everything. I've got two buildings my HQ and Remote. These two sites are connected via an MPLS\PNT circuit, that routes between buildings using our Private IP space. Easy enough.
The part that becomes tricky, is the IP address space we are using. NOTE: This was an inherited setup, and I would have never had assigned my subsets this way. So, my HQ network is based off of a subnet 192.168.0.0 mask 255.255.240.0. MY Remote subnet lives in the 192.168.1.0 255.255.255.0 subnet. Obviously, the remote subnet lives within the space of my HQ's subnet.
So, my problem - We are seeing enormous amounts of Broadcast traffic going over this MPLS line, and crippling the speed (it's only a single T1 1.5 Mb circuit). So I want to not allow broadcast traffic over this line. Changing the remote locations subnet is currently not an option (I do not have anyone in that office capable of helping with such a task).
The solution I can think of is to build out a VLAN for the link. Currently my routers are as follows:
192.168.1.0 use 192.168.0.7, where 0.7 is the routers LAN interface. Also note I DO NOT HAVE ACCESS TO THESE ROUTERS, they are MIS routers managed by AT&T (another thing I would have not done).
So as far as I can tell, creating a VLAN and adding the uplink to the router to that VLAN would kill the broadcast packets. Only problem, is that I can't create a VLAN that has a subnet that is within the subnet of the default VLAN, not to mention that the IP address of the router is in my base VLAN as well.
If I could make the subnet change, I'd do something like:
HQ Router: 192.168.50.1
Create a VLAN: 192.168.50.2
Remote Router: 192.168.51.1
Remote Subnet: 192.168.51.x
Then create the route
192.168.51.0 to use 192.168.50.1
Suggestions? Am I just screwed and will have to re-evaluate my entire IP structure(which I will be doing anyway, but not planned until later this year)
JJ
pwindell
I'm working on a plan to show you. Give me some time to get it together.
ASKER
If you've got time, I've got all the time in the world
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Here's how I would envision a nicely laid out system
HQ (762 Hosts, 254 IP Phones)
Subnet #1 192.168.16.0 (255.255.255.0) Hosts
Subnet #2 192.168.17.0 (255.255.255.0) Hosts
Subnet #3 192.168.18.0 (255.255.255.0) Hosts
Subnet #4 192.168.19.0 (255.255.255.0) IP Phones
Remote Site #1 (254 Hosts, 254 IP Phones)
Subnet #1 192.168.20.0 (255.255.255.0) Hosts
Subnet #2 192.168.21.0 (255.255.255.0) IP Phones
Remote Site #2 (254 Hosts, 254 IP Phones)
Subnet #1 192.168.22.0 (255.255.255.0) Hosts
Subnet #1 192.168.23.0 (255.255.255.0) IP Phones
You wouldn't have to be hardcore about the IP Phone -vs- Hosts separation. You could still have a few Phones on the Hosts segments or a few Hosts on the Phone segments,...functionally it would all still work,...but keep them separated as best you can to keep good performance.
HQ (762 Hosts, 254 IP Phones)
Subnet #1 192.168.16.0 (255.255.255.0) Hosts
Subnet #2 192.168.17.0 (255.255.255.0) Hosts
Subnet #3 192.168.18.0 (255.255.255.0) Hosts
Subnet #4 192.168.19.0 (255.255.255.0) IP Phones
Remote Site #1 (254 Hosts, 254 IP Phones)
Subnet #1 192.168.20.0 (255.255.255.0) Hosts
Subnet #2 192.168.21.0 (255.255.255.0) IP Phones
Remote Site #2 (254 Hosts, 254 IP Phones)
Subnet #1 192.168.22.0 (255.255.255.0) Hosts
Subnet #1 192.168.23.0 (255.255.255.0) IP Phones
You wouldn't have to be hardcore about the IP Phone -vs- Hosts separation. You could still have a few Phones on the Hosts segments or a few Hosts on the Phone segments,...functionally it would all still work,...but keep them separated as best you can to keep good performance.
If you get into IP Phones,..research diligently. Some of them don't do well with features like the Intercom where you want a voice announcement to come out the hands-free speaker on all phones at the same time if some of the phones are separated by a router (not all phones in the same IP segment).
ASKER
Thanks for the reply, I shall look it over!
Just a heads up, I'm on an IP PBX system already. We currently have a completely, physically separated LAN for our voice network as well as a secondary 1.5 MPLS line dedicated to voice (althouh we plan to merge these and multi-link)
But, our phone system lives in an entirely different address space 10.10.x.x. These luckily have no overlap and each of my buildings has their own subnet.
Just a heads up, I'm on an IP PBX system already. We currently have a completely, physically separated LAN for our voice network as well as a secondary 1.5 MPLS line dedicated to voice (althouh we plan to merge these and multi-link)
But, our phone system lives in an entirely different address space 10.10.x.x. These luckily have no overlap and each of my buildings has their own subnet.
ASKER
BTW - After reading over your post, you pretty much hit on my general plan, and it's good to get confirmation that I'm headed in the correct direction.
Luckily I have a comprehensive addressing scheme I've been planning for some time, as I haven't been too keen on our current setup since I took over administering this network.
Luckily I have a comprehensive addressing scheme I've been planning for some time, as I haven't been too keen on our current setup since I took over administering this network.
If your IP Phones are already separated then leave it that way.
I wouldn't' merge anything
That's one of those "leave well enough alone" things to me :-)
Good luck!
I wouldn't' merge anything
That's one of those "leave well enough alone" things to me :-)
Good luck!