Layer 2 Vlan why IP range change?

I have a thourghly newbie question --

By using a layer 2 switch to VLAN physical ports located on said switch, which cuts off the transference of packets of any kind from one VLAN to the next, why must the IP scheme be altered?

or i.e.: how, if physical traffic is prevented from travelling from one VLAN to the next, can 192.168.1.10 ping 192.168.1.11 (same subnets) when they are on different VLANs?

For that matter, shouldn't I be able to (even though a documentation nightmare to be avoided at all costs) have 2 192.168.1.11s on different VLANs? (again same subnet)

I've read the tutorial, I have 2 networking books, I've Googled and I can't find an answer.
T.I.A. -MF

HI

You can have 2 PCs in 2 Different VLAN with IPs in same subnet

Explanation
~~~~~~~~

With VLAN created on a switch, the Switch creates a table called as the CAM table which keeps a map of the Switch Port Mac address, Connected PC's Mac Address & the VLAN ID apped to it.

Now lets assume 2 PCs connected to 2 different VLANs. with IP in the same Subnet. Now from PC 1 you are sending a PING to the other PC. Now a switch being a Data Link Device will first confirm whether the source & the destination MAC in the ICMP frame belong to the same VLAN. i this case it's not so the switch wiill not forward the frame.

You can also have 2 different PCs in 2 different VLAN having same IP.

Explanation
~~~~~~~~

When you assign a Static Ip to a PC, the PC before applying the IPs to the TCP/IP, it will generate GARP to its own IP address. If it gets a reply then it pops up with a IP conflict error other wise it applies the IP addrerss

Now in this instance there won't be any reply for the GARP Request because the Layer 2 Broad cast will be propagated to its member VLAN ports & the PC will accept the IP address

Thanks
Paul

That's what I thought. But I'm having MSSC (or whatever - you know, the certified engineers) telling me no, I must sub-net as well.

I certainly won't design my VLANs with identical IPs. I will have to place a layer3 switch to perform cross routing to printers and the internets access, and so identical IPs could become problematical, although I don't know that for sure.

I'm thinking that since I'm so wet behind the ears for all this that I will put the printers and the internet access on their own VLAN so that if I make a mistake the damage will be kept to a minimum. Printers do not launch hack attacks in the general run of things.

Thank you so much, that question has been driving me nuts.

u r always welome....

Take Care

Bye