7

I recall reading this in some (I think) Cisco documentation years ago, but can't find it or any other reference to this recommendation.

Anyone know what I'm talking about? Anyone still follow these guidelines? I'm generally a "wasteful" subnetter using /24s almost exclusively (except for point-to-point links between routers and also DMZs) so I'm well below the "maximum", but I'm just curious as to this limitation and whether it was based on some old benchmarks having to do with broadcast traffic, etc.

gravyface
  • 13,947
  • 16
  • 65
  • 100

4 Answers4

9

One hard limit that used to apply is the 1024 device limit in a collision domain. But this really doesn't apply any more since we mostly use switches(bridges) between everything.

Ethernet: The Definitive Guide 3.6 Collision Domain

On a given Ethernet composed of multiple segments connected with repeaters, all of the stations are involved in the same collision domain. The collision algorithm is limited to 1024 distinct backoff times. Therefore, the maximum number of stations allowed in the standard for a multi-segment LAN linked with repeaters is 1024. However, that doesn't limit your site to 1024 stations, because Ethernets can be connected together with packet switching devices such as switching hubs or routers.

There is another limit which won't set a maximum number of hosts, but will set a practical limit to how many switches you can have in your network. In a switched/bridge network spanning tree is used to prevent loops, spanning tree has a maximum limit of 7 hops. This means you will be physically limited by how you arrange your switches. Ignoring this limit brought down the hospital network for almost a week.

Zoredache
  • 128,755
  • 40
  • 271
  • 413
2

There's not a hard limit in most modern networks. Different components have different limitations. Often, in IP anyway, broadcast traffic is the limiting factor, or perhaps a switch with a fixed-size MAC table (provoking an unacceptable amount of broadcasting), or other physical limits (like the ones referenced elsewhere.

Don't confuse this with the 254-host limit of a /24 IP block; that's an artifact of your subnetting scheme and where you put your broadcast address.

I've used very large broadcast domains in the past with reasonable performance. Just keep an eye on utilization, particularly of subnet broadcasts, and on user-perceived performance.

Steve Dispensa
  • 261
  • 1
  • 4
  • Yup. Not confused, just want to find the reference (and hopefully the reasoning behind it). How large of a broadcast domain have you used and how many hosts? Windows workstations? – gravyface Sep 02 '11 at 22:00
  • It's been a long time (10+ years), but I operated an ISP with a couple thousand hosts in a collision domain. We had some filters in place limiting broadcast traffic, though. Yes, windows, but we filtered out NetBIOS, so it wouldn't be a relevant stat for an enterprise network. – Steve Dispensa Sep 03 '11 at 02:22
2

As a general rule of thumb, stick with /24-sized VLANs: .0 for the network, .1 for the default route, .255 for the broadcast domain.

Don't try to do any fancy splitting with any of the RFC 1918 address space for things like DMZs, 'private' networks for your cluster heart beat subnets, etc.. The only place where you may not end up using a /24 is if your ISP assigns you a /27 or some such.

Generally I found that if you go for a /23 or up, it ends up being unwieldy keeping track of 500 hosts (or more). If you go with a /25 or down, each subnet ends up being too small eventually and it's a pain to keep track of where each network begins/ends.

For whatever reason /24 tends to end up being the most management from the perspective of human beings.

gravyface
  • 13,947
  • 16
  • 65
  • 100
DAM
  • 21
  • 1
  • Good tips. Not quite what I'm looking for though. – gravyface Sep 02 '11 at 21:58
  • 3
    I don't entirely agree about your point that having a subnet this /23 or larger is a bad thing. You can have a bigger subnet, but simply not use it. It is nice to have a bigger subnet, where you reserve a portion for statically defined devices, give a large portion to DHCP, and then leave yourself some extra space for emergencies, or to make it easy to bring up a second DHCP server with a separate range. With RFC1918, it is really easy to give yourself lots of spare room for flexibility. – Zoredache Sep 02 '11 at 22:12
  • That's the reason why a network must be managed by a network engineer, and not by a sysadmin. – Stefano Sasso Aug 02 '21 at 08:30
1

Closest thing I've seen so far. See Table 2-4:

Table 2-4. Maximum Devices per VLAN

Layer 3 Protocol Maximum Number of Devices

IP ------------------500

IPX ----------------300

AppleTalk--------200

NetBIOS ---------200

Mixed ------------200

gravyface
  • 13,947
  • 16
  • 65
  • 100