I was wiping this old laptop to sell or give it away. Couldn’t resist putting Fedora Silverblue on it to try it out. It’s very slow but I was able to check my e-mails in the browser, big win.
I was wiping this old laptop to sell or give it away. Couldn’t resist putting Fedora Silverblue on it to try it out. It’s very slow but I was able to check my e-mails in the browser, big win.
Way too big of a broadcast domain. You’d start having perf issues if you were doing anything serious that would remotely come close to using even a fraction of the subnet.
I keep all my work stuff /22 or smaller typically. I struggle to see anyone needing anything more than /24 for home usage, and /23 for even the grandest of home lab setups if you didn’t subnet anything. The amount of random shit broadcasting is pretty nuts.
My setups are often lazy. I usually use one subnet, set my dhcp server to only hand out things starting from .100 and never run out of static assignments that way. Using a separate subnet means all your shit has to go through a layer 3 device even if they’re on an unmanaged switch or hub somewhere down the line.
I didn’t know there was a performance penalty to having big subnets. I’ll have to look it up and shrink them.
But this is relatively moot since all my devices talk via ipv6 now. The only thing without ipv6 support I have is Mikrotik devices that only expose their management interfaces over ipv4. Anyway these are only in one VLAN, the management one.
I have… hundreds… of miktrotik devices. They’re little wireless gateway white box looking ones. lol
We use them on a production floor to wirelessly connect automation equipment for videojet labeling and data collection. Wired hasn’t been great because of the environment and the fact the clowns leave the waterproof cases they live in open for some incomprehensible reason.
I can’t really give you any advice for ipv6 though.
Also I thought broadcasts only went to connected devices. Aka having a big subnet with 20 devices will have the same performance as a tiny subnet with 20 devices. Does the size of the subnet really make a difference, or is it only the number of actual devices?
So something sends out a broadcast packet and then the layer 3 device splits that packet out to each and every other device on the subnet. Network hardware has to use processing power to do this kind of thing, it’s pretty low demand but as a network grows it can get nuts. You’ll have all the requests of “Who has [ip]” or “Where is [mac]” etc. A lot of the random traffic then triggers broadcast responses too.
A big issue you have though is if you have any kind of thing doing autodiscovery… like add a printer, angry ip scanner, connect to a networked speaker, broadcast to a screen…etc… it’s gonna do some combination of a broadcast, or checking one by one on a specific port (usually starts low and goes high but i’m sure some moron starts at the end of the subnet and counts down.) There’s tons of little things that do this and some of them probably do it without us even thinking about it in the background. This might take certain tasks like network share discovery take an inordinate amount of time.
In businesses we usually have fairly high throughput network devices but our home devices less so. My gateway/firewall is layer 3, so is my core switch. I don’t think I have layer 3 configured on said core switch right now. My firewall ends up being my router and it has a NAT throughput of like 950mbit. My isp is gig fiber, so I already can’t utilize all of that. All the random shit going on in my network that needs to route also eats into that throughput because the firewall has limited processing power and memory. Then you start factoring in things like vpn (which my firewall hosts) which will drag down my throughput a shitload when in use and you start seeing where efficiencies can be more important.
Thankfully though, I don’t do much of anything important and my network is already overkill for anything I do. I do have options to offload the layer 3 traffic through the switch if it ever comes to it and simply have the gateway/firewall behave as a gateway for internet only.
Ah I misspoke. I have different VLANs, not just subnets. So nothing really goes through layer 3 to talk across subnets, as nothing is allowed to go from one VLAN to another. I use them to split the networks between devices that should not talk to each other.
Ah, most of the stuff I statically assign ends up providing services to dhcp devices. File shares, media servers, whatever.
Always struggled with the concept of isolated servers because usually I set them up for things I want to access. Even setting up a game server for friends i’m going to want to directly connect internally.
On the other hand in business, isolating things makes much more sense. I isolate old hosts that we can’t quite decommission or update for reasons, and setup as-isolated-as-reasonable ways for users to access these hosts like with rdp to a jumpbox that doesn’t have any other access beyond rdp and said server.