Management VLAN

Crasam

Hi
I have a router on a stick setup with three subnets each in different VLAN say VLAN 50, 60 and 70. Im setting up the management interface for the switch and have used vlan 99. What is a suitable ip address for the management vlan. Should I use an ip from one of the three subnet ranges.

Thanks

CodeBlox

If they're different VLANs then the subnets cannot overlap. The management VLAN should also have it's own subnet.

Crasam

Thank you for this.

On a similar note when allocating network addresses I tend to leave the WAN links to last. Is there a general rule for allocating the subnet for the management VLAN.

Thanks again

Forsaken_GA

The general rule is you isolate it, you don't transit user traffic and management traffic in the same vlan/subnet. As for allocating the actual subnet, use the same criteria you would when sizing any other subnet - determine the number of devices that are likely to inhabit the subnet, choose an allocation appropriately, and give yourself a little room for growth.

I tend to allocate on a site by site basis, each local site gets it's own subnet, appropriately sized, and I use a global subnet for inter-site management traffic in case one site needs to talk to the other. Where I can get away with it, I like to put my management interfaces in their own VRF, limiting access to the management vlan(s) to a pair of hardened boxes that are dual-homed.

Crasam

Thats great, ive allocated a seperate subnet for vlan management. I see I need to add a default gateway to the switch in order for it to be accessible remotely. In a router on a stick setup should I create another subinterface with a default gw address in the same subnet as the vlan management.
Thanks for your help

networker050184

Yep, how else are you going to route to it?

Crasam

lol good point

I will create a subinterface fa0/1.99 for the vlan management gw ip address

Thanks for your help