Would you ever just use a 10.0.0.0 /8 network?

gbdavidxgbdavidx Member Posts: 840
I'm just playing around with packet tracer at home and trying to make a mock of my work network with OSPF AND EIGRP

In an actual real world scenario, would you typically use 10.0.0.0 /8 network? How do you plan out a network when you dont know how big it can be in the long run? I am talking about like 50,000 people on the network

Comments

  • Node ManNode Man Member Posts: 668 ■■■□□□□□□□
    sure i would. in fact my favorite network is 0.0.0.0 255.255.255.255 icon_smile.gif


    well, maybe not in a production environment.

    but more seriously, in a production environment, re-ip'ing and re-masking are real scenarios. In Juniper devices, i think there is a command to simply apply a new subnet mask, which will enable larger (or smaller) subnets.
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    The idea of subnetting is to make networks a manageable size and of course save IP address space. You can also use separate IP addresses based on location...I would imagine if you used a /8 it would be a nightmare to troubleshoot if cables went bad or something.
  • HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
    No, Max limit per network should be capped at 500 hosts. Some networks are very chatty "arp, DHCP etc" and should be under 300. Using a /23 subnet is considered ideal for most corporations and campus designs.
    “The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
  • bharvey92bharvey92 Member Posts: 420 ■■■□□□□□□□
    You would only really use that in a lab or some kind of test. But to be quite honest it depend on the design and like Hondabuff said you should limit networks to 500 hosts. Not to mention if you did want to use a 10.0.0.0/8 you would need to consider subnetting for things such as VLAN's.
    2018 Goal: CCIE Written [ ]
  • SimridSimrid Member Posts: 327
    gbdavidx wrote: »
    I'm just playing around with packet tracer at home and trying to make a mock of my work network with OSPF AND EIGRP

    In an actual real world scenario, would you typically use 10.0.0.0 /8 network? How do you plan out a network when you dont know how big it can be in the long run? I am talking about like 50,000 people on the network


    Correct me if i'm wrong but as far as i'm ware, it's pointless. It's best to use something like VSLM to break the networks down further. Why?

    Because if you have over 500 hosts in a network, collisions may start happening, traffic builds up which in turn will slow down the network speed. Not to mention it's easier to manage.

    OR when you VLAN you can separate it this way (probably the preferred method)
    Network Engineer | London, UK | Currently working on: CCIE Routing & Switching

    sriddle.co.uk
    uk.linkedin.com/in/simonriddle
  • DeathmageDeathmage Banned Posts: 2,496
    when I plan out networking I normally go with this rule:

    192.168.100.0
    192.168.105.0
    192.168.110.0
    192.168.115.0

    This spacing would give me 1280 addresses, 1022 address to me is plenty for one vlan.

    To me in my mind normally a /24 will get used up so by keeping space, I can easily go to a /23 (510 addresses - 512 available just minuses 2 for network/broadcast) or a /22 (1022 addresses) and by that point if I need more than a /22 I'll just make a different subnet since I wouldn't want to have such a large address pool in arp or routing table of that many addresses. If it was a Cisco Core switch, maybe I'd risk a /21 or a /20 but that sucker would need a beefy processor.

    I like network performance and while yes having that many addresses making the subnet larger is a easier course of action (especially for larger and larger deployments) you start to run into design issues cause if that /22 network has tons of traffic then you need more powerful and capable switches to handle the traffic and bandwidth. See my rule of thumb is this, say a switch has 48 ports, that's 48,000 Gbps's throughput needed, I like to go with a 2.5 rule, some would stipulate a 1.5 is fine but I like planning for burst traffic. So any switch above 128 Gbps is fine but I normally go with 172 Gpbs throughput. My switches at work have 228 Gbps throughput and I can burst the crap out of them, comes in handy for bonded uplinks icon_wink.gif !!!

    Too me in from a production standpoint if you have a nearly fully utilized /8 subnet that is one impressive core switching fabric and I'd be equally impressed by the amount of devices on that network; but in my mind subnetting would be the way to go and run using inter-vlan routing.

    The largest subnet I've used so far is a /22 and that was desktops and mobile devices, all of the servers were on a /27 to keep routing traffic light however I could see a /24 or /23 being used for servers especially in a large VMware datacenter. I like vlans allot and properly designed with vlans on core/distro switches and routing you can have a network humming along with minimal impacts on performance. I'm sure some people could really provide a really in-depth design remark about this conversation but I doubt
    I'll be working with a network larger than a /22 anytime soon...
  • SimridSimrid Member Posts: 327
    gbdavidx wrote: »
    I'm just playing around with packet tracer at home and trying to make a mock of my work network with OSPF AND EIGRP

    In an actual real world scenario, would you typically use 10.0.0.0 /8 network? How do you plan out a network when you dont know how big it can be in the long run? I am talking about like 50,000 people on the network


    Correct me if i'm wrong but as far as i'm ware, it's pointless. It's best to use something like VSLM to break the networks down further. Why?

    Because if you have over 500 hosts in a network, collisions may start happening, traffic builds up which in turn will slow down the network speed. Not to mention it's easier to manage.

    OR when you VLAN you can separate it this way (probably the preferred method)
    Network Engineer | London, UK | Currently working on: CCIE Routing & Switching

    sriddle.co.uk
    uk.linkedin.com/in/simonriddle
  • DeathmageDeathmage Banned Posts: 2,496
    rofl, you double-posted. icon_wink.gif
  • theodoxatheodoxa Member Posts: 1,340 ■■■■□□□□□□
    I've seen 10.0.0.0/8. They were small networks (1 or 2 VLANs and a handful of devices) and for whatever reason they had just used 10.0.0.0/8 for one of the VLANs instead of picking a smaller network. I've also seen 172.x.0.0/16 used (x = 16 to 31).
    R&S: CCENT CCNA CCNP CCIE [ ]
    Security: CCNA [ ]
    Virtualization: VCA-DCV [ ]
  • DeathmageDeathmage Banned Posts: 2,496
    theodoxa wrote: »
    I've seen 10.0.0.0/8. They were small networks (1 or 2 VLANs and a handful of devices) and for whatever reason they had just used 10.0.0.0/8 for one of the VLANs instead of picking a smaller network. I've also seen 172.x.0.0/16 used (x = 16 to 31).

    who said Network engineers weren't just lazy. Like comon a iSCSI vlan does it really need a /21 or lower icon_razz.gif
  • ZartanasaurusZartanasaurus Member Posts: 2,008 ■■■■■■■■■□
    I will subnet a 10.0.0.0/8 into smaller networks and use the second octet as some sort of location identifier. Never a 10.0.0.0/8 for just everything. I worked for a client that acquired a company that used a 10.0.0.0/8 and of course it overlapped with their production network. PITA to deal with.
    Currently reading:
    IPSec VPN Design 44%
    Mastering VMWare vSphere 5​ 42.8%
  • Fulcrum45Fulcrum45 Member Posts: 621 ■■■■■□□□□□
    I never had to work with 10.0.0.0/8 but I have dealt with subnetted blocks within that private range. It was useful for avoiding any overlapping subnets due to so many remote networks already using the 192.168 addressing space across a VPN.
  • Dark-KnightDark-Knight Member Posts: 10 ■□□□□□□□□□
    I usually use a /24 subnet. The first three octets give me place for somekind of identifier numbers. For example first octet would be the VLAN, second is the physical place , etc. /24 is usually the most comfortable, and if you run out of addresses you could always use a router and make another network.. Morever, our network is not connected to the Internet, so we have a big choice of addresses.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    I will subnet a 10.0.0.0/8 into smaller networks and use the second octet as some sort of location identifier. Never a 10.0.0.0/8 for just everything. I worked for a client that acquired a company that used a 10.0.0.0/8 and of course it overlapped with their production network. PITA to deal with.

    Exactly what I do as well. Assign /16s out to sites and the second octet is like your site identifier. Then I try to give everything the same IP range if possible at all sites. Storage gets 10.x.1.0/24, Windows get's 10.x.2.0/24, etc. Helps everyone stay on the same page when addressing. Just need to know the x for the site you are at and everything else can be built pretty much the same. Helps simplify firewall rules as well.
    An expert is a man who has made all the mistakes which can be made.
Sign In or Register to comment.