Vlan – Single client per VLAN in /24 network

private-vlanvlan

I have a single /24 IP network. I want to make a VLAN (or something) and distribute a single IP and gateway per client. Each client should not be able to talk to each other.

What is the best way to do this?

Update:

I am using MikroTik router and a Cisco 2950 layer 2 switch.

Best Answer

Cisco Catalyst switches have the concept of private vlans which should accomplish what you are trying to do.

In some situations, you need to prevent Layer 2 (L2) connectivity between end devices on a switch without the placement of the devices in different IP subnets. This setup prevents the waste of IP addresses. Private VLANs (PVLANs) allow the isolation at Layer 2 of devices in the same IP subnet. You can restrict some ports on the switch to reach only specific ports [snip].

This document should work for 2960 model switches as well:

Configuring Isolated Private VLANs on Catalyst Switches

Related Solutions

Vlan – Connecting two VLANs together on a single switch

You could do this, but you run into all kinds of problems with spanning-tree. Your ports could go into err-disabled.

You won't have two separate switches though. The single switch still learns MAC addresses on a port and vlan and that is switch-wide

Cisco 3750 configuration for static routes per VLAN

The switch would need to be a layer-3 switch with routing enabled to allow communication between the VLANs; a layer-2 switch cannot route traffic between VLANs. You would configure SVIs on the layer-3 switch, and the addresses of the SVIs would be the gateways of the VLANs.

You would then convert the trunk link to the router to a routed link:

interface GigabitEthernet 1/0/1
 no switchport
 ip address <ip address> <mask>

You will either need to run a routing protocol between the layer-3 switch and the router, or you will need to configure static routes to the VLAN network on the router.

You will also need a way to have a default route on the layer-3 switch, either specifically configured to point to the router, or through a routing protocol from the router.

Best Answer

Related Solutions

Vlan – Connecting two VLANs together on a single switch

Cisco 3750 configuration for static routes per VLAN

Related Topic