I only started learning the network part in 2019. During the learning process, I configured the entire company's network, and I felt a little confident that I had mastered the basics.
If you don’t know how, just learn online. Anyway, there is all kinds of knowledge on the Internet. As long as you need it, you can learn from it. I haven’t studied the Internet for a long time. In fact, there is still a lot of network knowledge, such as wireless networks, network security, network optimization, etc.
Recently, the company's network has been undergoing adjustments, and the VLANs of the entire network need to be re-divided.
It must not be divided too large, because if there is a problem with one Vlan, all computers under that Vlan will be affected. At the same time, tracking specific departments can be done by binding IP addresses, MAC addresses, and ports without dividing VLANs. This is very troublesome when there are many IP addresses. A better way to easily track specific departments is to divide Vlans. If there is a problem with a Vlan, just shut down the Vlan. But it cannot be divided too finely. One Vlan needs to occupy 3 addresses.
After the division was completed on Sunday, the rehearsal was almost done. I started to modify the configuration after get off work today.
Because the disconnection time cannot be long, I thought it was complete after modifying the configuration. When configuring, a prompt suddenly appeared: A similar IP subnet already exists. Please verify the current IP subnet design. I was a little confused at first. Are there overlapping parts?
Test, the starting address is 208, the gateway address is 209, 32 addresses are used backwards, the end address is 239, the subnet mask is 224, the AND operation result of 239 and 224 is 224, wrong! Logically it should be 208.
The AND operation result of 209 and 240 is 208, which means that 208 can only be the subnet mask of 240 backwards.
Only then did I understand that there are rules for Vlan division, which means dividing them in half, namely 0, 32, 64, and 128.
In other words, although the smallest unit is 4, it must be divided into large segments first.
256
128、128
64、64、64、64
32、32、32、32、32、32、32、32
16、16、16、16、16、16、16、16、16、16、16、16、16、16、16、16、
......
For example, if you encounter a starting address of 208, you can only divide it according to the minimum number of 4, 8, or 16, but not 32.
However, if you must group these 32 addresses together, you can add a subnet segment under a Vlan.
For example, 208 uses 32 addresses backwards, which can be divided as follows:
ip address X.X.X.209 255.255.255.240
ip address X.X.X.225 255.255.255.240 sub This makes these 32 addresses under one Vlan. At the same time, two commands must be added to the OSPF announcement:
network X.X.X.209 0.0.0.0
network X.X.X.225 0.0.0.0or
network X.X.X.209 0.0.0.16
network X.X.X.225 0.0.0.16At this time, this Vlan will be normal.
Then it is possible to divide the network VLAN into 24 or 48 addresses, but it is rarely seen. In fact, it only needs to be divided according to the above rules.