Why are Subnets required & Subnet vs VLAN

The first thing that network administrators learn is the concept of IP address and creating IP Subnets (short form for sub-networks). But why are Subnets required at all? Especially, when VLAN can do almost the same thing? That’s what we are going to discuss, in this article.

Why are Subnets required?

When a network is divided using subnets, its not possible for the systems on one subnet to access the systems on another. This gives some level of security / isolation for the systems within a sub-network.

Like VLAN’s, a Subnet can also restrict the broadcast domain to the particular sub-network. So, the ARP requests from a system is sent to all the systems in its sub-network only, instead of getting broadcasted to the whole network. This saves bandwidth, as well as processing resources required for all the systems to process (and reject) unwanted ARP requests.

Likewise, a single user downloading a huge file, or a system affected by virus, will most probably affect only the particular subnet that it belongs to. Besides, its a good practice to keep certain systems (like servers) and protocols in a separate network.

The class C addressing which is commonly used in enterprises, restricts the maximum hosts that can be associated with a particular subnet to 254. This ensures that each sub-network functions efficiently. Subnets also help preserve IP address space.

Subnets enable easier management of networks. For example, if each department within a company is allocated with a separate subnet, it is easier to set department specific policies, troubleshooting, etc.

Subnets make both the router and hosts forward packets more efficiently.

Router: If there is a large network (without subnets) with multiple branches, its very difficult for the router to store all the IP addresses used by individual systems in all branches (and HO), in its routing table. Even if it does, that would require higher memory & more processing capacity or the router’s operation becomes slow. If subnets are used, the router could have a smaller routing table that contains information about the subnets, and which sub-network each host is located, instead of storing all the IP addresses of individual hosts.

Host: When a host (computer) wants to communicate with another computer in the same subnet, it can forward packets directly to it (through the local switches). But if the computer is in another network, it can pass the packets to the router using the default gateway and the router determines which subnet the target host belongs to. Without subnets, the computers (or router) needs to store all the IP addresses in the network, which becomes a tedious task in big networks.

Subnet Vs VLAN:

Though a VLAN has a lot in common with the subnet (like restricting broadcast domains, security through isolation of different sub-networks, etc), there are some important differences between the two.

  • VLAN is a Layer-2 Concept & Subnet is a Layer-3 Concept (MAC address vs IP address).
  • VLAN’s allow for creation of different logical and physical networks but subnets allow for creation of different logical networks only.
  • If a network sniffer is employed, users from one subnet can discover the existence of other subnets, but this cannot happen with users of different VLAN’s.
  • With Subnets, since the physical network is same for all networks, the available backbone bandwidth for each subnet is shared and hence reduced.
  • VLAN’s are more efficient and easier to implement / manage than Subnets.
  • Within an enterprise, VLAN’s are more secure than subnets. But VLAN’s are also vulnerable – mostly from hacking attempts from outside the network.

The best practice is to have different VLAN’s in a network (through network switches) and then having a different subnet for each VLAN.

You could stay up to date on the various computer networking/ related IT technologies by subscribing to this blog with your email address in the sidebar box that says, ‘Get email updates when new articles are published’