Would you ever just use a 10.0.0.0 /8 network?

gbdavidx · March 2015

I'm just playing around with packet tracer at home and trying to make a mock of my work network with OSPF AND EIGRP

In an actual real world scenario, would you typically use 10.0.0.0 /8 network? How do you plan out a network when you dont know how big it can be in the long run? I am talking about like 50,000 people on the network

Node Man · March 2015

sure i would. in fact my favorite network is 0.0.0.0 255.255.255.255

well, maybe not in a production environment.

but more seriously, in a production environment, re-ip'ing and re-masking are real scenarios. In Juniper devices, i think there is a command to simply apply a new subnet mask, which will enable larger (or smaller) subnets.

TechGuru80 · March 2015

The idea of subnetting is to make networks a manageable size and of course save IP address space. You can also use separate IP addresses based on location...I would imagine if you used a /8 it would be a nightmare to troubleshoot if cables went bad or something.

Hondabuff · March 2015

No, Max limit per network should be capped at 500 hosts. Some networks are very chatty "arp, DHCP etc" and should be under 300. Using a /23 subnet is considered ideal for most corporations and campus designs.

bharvey92 · March 2015

You would only really use that in a lab or some kind of test. But to be quite honest it depend on the design and like Hondabuff said you should limit networks to 500 hosts. Not to mention if you did want to use a 10.0.0.0/8 you would need to consider subnetting for things such as VLAN's.

Simrid · March 2015

gbdavidx wrote: »

I'm just playing around with packet tracer at home and trying to make a mock of my work network with OSPF AND EIGRP

In an actual real world scenario, would you typically use 10.0.0.0 /8 network? How do you plan out a network when you dont know how big it can be in the long run? I am talking about like 50,000 people on the network

Correct me if i'm wrong but as far as i'm ware, it's pointless. It's best to use something like VSLM to break the networks down further. Why?

Because if you have over 500 hosts in a network, collisions may start happening, traffic builds up which in turn will slow down the network speed. Not to mention it's easier to manage.

OR when you VLAN you can separate it this way (probably the preferred method)

Deathmage · March 2015

when I plan out networking I normally go with this rule:

192.168.100.0
192.168.105.0
192.168.110.0
192.168.115.0

This spacing would give me 1280 addresses, 1022 address to me is plenty for one vlan.

To me in my mind normally a /24 will get used up so by keeping space, I can easily go to a /23 (510 addresses - 512 available just minuses 2 for network/broadcast) or a /22 (1022 addresses) and by that point if I need more than a /22 I'll just make a different subnet since I wouldn't want to have such a large address pool in arp or routing table of that many addresses. If it was a Cisco Core switch, maybe I'd risk a /21 or a /20 but that sucker would need a beefy processor.

I like network performance and while yes having that many addresses making the subnet larger is a easier course of action (especially for larger and larger deployments) you start to run into design issues cause if that /22 network has tons of traffic then you need more powerful and capable switches to handle the traffic and bandwidth. See my rule of thumb is this, say a switch has 48 ports, that's 48,000 Gbps's throughput needed, I like to go with a 2.5 rule, some would stipulate a 1.5 is fine but I like planning for burst traffic. So any switch above 128 Gbps is fine but I normally go with 172 Gpbs throughput. My switches at work have 228 Gbps throughput and I can burst the crap out of them, comes in handy for bonded uplinks

!!!

Too me in from a production standpoint if you have a nearly fully utilized /8 subnet that is one impressive core switching fabric and I'd be equally impressed by the amount of devices on that network; but in my mind subnetting would be the way to go and run using inter-vlan routing.

The largest subnet I've used so far is a /22 and that was desktops and mobile devices, all of the servers were on a /27 to keep routing traffic light however I could see a /24 or /23 being used for servers especially in a large VMware datacenter. I like vlans allot and properly designed with vlans on core/distro switches and routing you can have a network humming along with minimal impacts on performance. I'm sure some people could really provide a really in-depth design remark about this conversation but I doubt
I'll be working with a network larger than a /22 anytime soon...

Simrid · March 2015

gbdavidx wrote: »

I'm just playing around with packet tracer at home and trying to make a mock of my work network with OSPF AND EIGRP

In an actual real world scenario, would you typically use 10.0.0.0 /8 network? How do you plan out a network when you dont know how big it can be in the long run? I am talking about like 50,000 people on the network

Correct me if i'm wrong but as far as i'm ware, it's pointless. It's best to use something like VSLM to break the networks down further. Why?

Because if you have over 500 hosts in a network, collisions may start happening, traffic builds up which in turn will slow down the network speed. Not to mention it's easier to manage.

OR when you VLAN you can separate it this way (probably the preferred method)

Deathmage · March 2015

rofl, you double-posted.

theodoxa · March 2015

I've seen 10.0.0.0/8. They were small networks (1 or 2 VLANs and a handful of devices) and for whatever reason they had just used 10.0.0.0/8 for one of the VLANs instead of picking a smaller network. I've also seen 172.x.0.0/16 used (x = 16 to 31).

Deathmage · March 2015

theodoxa wrote: »

I've seen 10.0.0.0/8. They were small networks (1 or 2 VLANs and a handful of devices) and for whatever reason they had just used 10.0.0.0/8 for one of the VLANs instead of picking a smaller network. I've also seen 172.x.0.0/16 used (x = 16 to 31).

who said Network engineers weren't just lazy. Like comon a iSCSI vlan does it really need a /21 or lower

Zartanasaurus · March 2015

I will subnet a 10.0.0.0/8 into smaller networks and use the second octet as some sort of location identifier. Never a 10.0.0.0/8 for just everything. I worked for a client that acquired a company that used a 10.0.0.0/8 and of course it overlapped with their production network. PITA to deal with.

Fulcrum45 · March 2015

I never had to work with 10.0.0.0/8 but I have dealt with subnetted blocks within that private range. It was useful for avoiding any overlapping subnets due to so many remote networks already using the 192.168 addressing space across a VPN.

Dark-Knight · March 2015

I usually use a /24 subnet. The first three octets give me place for somekind of identifier numbers. For example first octet would be the VLAN, second is the physical place , etc. /24 is usually the most comfortable, and if you run out of addresses you could always use a router and make another network.. Morever, our network is not connected to the Internet, so we have a big choice of addresses.

networker050184 · March 2015

Zartanasaurus wrote: »

I will subnet a 10.0.0.0/8 into smaller networks and use the second octet as some sort of location identifier. Never a 10.0.0.0/8 for just everything. I worked for a client that acquired a company that used a 10.0.0.0/8 and of course it overlapped with their production network. PITA to deal with.

Exactly what I do as well. Assign /16s out to sites and the second octet is like your site identifier. Then I try to give everything the same IP range if possible at all sites. Storage gets 10.x.1.0/24, Windows get's 10.x.2.0/24, etc. Helps everyone stay on the same page when addressing. Just need to know the x for the site you are at and everything else can be built pretty much the same. Helps simplify firewall rules as well.

Would you ever just use a 10.0.0.0 /8 network?

Comments