IP Address and VLAN planning
This document is to describe VERY simple IP address and VLAN (Virtual Local Area Network) planning. It does not take into account IP summarization for efficient routing of a large enterprise environments or what IP addresses are already being used. It will barely skim over security. It will explain the ranges that should be used and why. Beyond that, the formatting has worked well enough for a home lab so far.
The main reason to subnet and use vlans is to segregate devices from each other and reduce the broadcast domain. The change in most home networks that prompts this is the introduction of guest users. Instead of creating a completely physically separated network which is costly and labor intensive, most will create a guest VLAN. After guests, Internet of Things becomes the next thing that gets segregated to its own network as many of those devices have questionable security at best, so this is done, like with guests, to protect the main networks hosts.
There are specific IP addresses to use within a LAN (Local Area Network). These IP addresses are not routed over the internet and are designed to be used internally. The reason it is best to stick to these IP addresses is because if any others are used, they could overlap with a real public IP address for a website meaning if a user on the LAN tried to access it, it would think it was internal and never be able to reach it. For Example: If the network 18.104.22.168/24 were to be used, that means that if a user tried to get to the Google public DNS of 22.214.171.124, the user’s device would think it was internal and send its request to the wrong device. Please stick to the following networks:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
To keep things simple, the recommendation will be to use a /24 network. /24 is 24 bits and the mask is 255.255.255.0. This isn’t meant to be an intro to networking course, so if there are further questions look up networking masks. The reason for /24 is because it is simple to work with, allows 254 devices, and anything beyond that is WAY beyond the scope of this document.
These should be descriptive. Simple names like “Guest” work very well on a home network. Try to keep them simple.
Depending on the size of the network, a simple spreadsheet works wonders. In this instance it will just be a few lines listed in this google document. If it gets too big IPAM solutions are available but beyond the scope of this paper.
IP space to in this example is the 10 space.
Mask will be 255.255.255.0 or /24.
There is a list of things to be separated.
That is it. There is now a plan to build out the network. It can start getting applied to the switch, ESXi Virtual Switch, Router, etc with continuity between them all.