Thanks Rick, so this is a 4th use and in your view it is the most common one to be encountered in real networks.

Here's a description of how secondary IP@ can be used for unequal load sharing (found on net, it is not my own finding):

"Static routes allow you to set up load balancing after a fashion. Keep in mind that the IOS load balances across routes first and not interfaces. The easiest way to configure multiple routes on the same interface is to use the secondary IP command

Router 1

!

interface serial 0

ip address 192.0.0.1 255.255.255.0

ip address 192.0.0.2 255.255.255.0 secondary ! second route on same interface

interface serial 1

ip address 192.1.0.1 255.255.255.0

ip address 192.1.0.2 255.255.255.0 secondary

ip route 200.2.0.0 255.255.255.0 196.0.0.4; goes to serial 0

ip route 200.2.0.0 255.255.255.0 196.0.0.5; goes to serial 0

ip route 200.2.0.0 255.255.255.0 196.1.0.4; goes to serial 1

Router 2

!

interface ethernet 0

ip address 200.2.0.1 255.255.255.0

!

interface serial 0

ip address 196.0.0.4 255.255.255.0

ip address 196.0.0.5 255.255.255.0 secondary

!

interface serial 1

ip address 196.1.0.4 255.255.255.0

ip address 196.1.0.5 255.255.255.0 secondary

The traffic would go out router 1 across the two IPs on serial 0 first then across 1 IP on serial 1

This gives you unequal load balancing."

Petru

Thank you for the explanation that you found. If you wanted multiple routes on an interface for some reason this would be a way to get it.

I did not say that secondary addressing used for changing addressing was the most common reason for secondary addressing. I believe that providing more IP addresses in a VLAN or on an interface is the most common use of secondary addressing. I just said that there was one more use to add to your list.

HTH

Rick

You're right Rick, I was quick and instead of reading "the OTHER common" I took it as "the MOST common".

It's good you helped me increase the list to 4.

Hi Richard,

 Sorry to have revived a very old thread. But, I just wanted to get some clarification on how secondary IP addresses could be used to re-ip a existing LAN subnet with minimal downtime.

In your example below, there is an old user subnet 192.168.5.0, and you plan to move to 172.22.0.0. Now, since all the existing user machines have an IP address from 192.168.5.x segment through DHCP, we cannot directly change the Vlan interface IP to 172.22.0.x (as it would cause downtime for all machines at once). Instead, what we can do is add the "secondary" command on 192.168.5.x IP, and let 172.22.0.0 be primary. See below

Interface vlan ABC

ip address 192.168.5.1 255.255.255.0 secondary

ip address 172.22.0.1 255.255.0.0

ip helper-address x.x.x.x

This way, all the user machines (one by one) which are currently on 192.168.5.x schema would move over to 172.22.x.x IP schema once the DHCP lease expires. Once the whole migration happens, we can move remove the "ip address 192.168.5.1 255.255.255.0 secondary" command altogether.

Please let me know if my understanding is correct?

Thanks

Mikey

Mikey

I believe that your understanding is correct. There is a small difference between what I suggested and what you are suggesting. In my suggestion 192.168.5 remained primary until there were no more devices in that subnet. In your suggestion 192.168.5 immediately becomes secondary and the new network is introduced as primary. I assume that this is to influence the DHCP negotiation, and that does make sense. One thing to be aware of in your approach, especially if you are running a dynamic routing protocol, is that IOS forms neighbor relationships based on primary IP address. I do not know if you are running a routing protocol or whether there might be any neighbors in that network. If not then you are good to go. If there are any neighbors then you need to be ready to address the impact on neighbor relationships.

And this does remind me of one other, I hope obvious point, which is that if you are running a routing protocol then you need to add a network statement for the new network, and as you remove the IP address for the old network that you should remove the network statement for the old network in your routing protocol.

HTH

Rick

Hi RIch,

We are running EIGRP on our LAN environment, and I would be adding the new subnet in the EIGRP process.

Will there be a minor blip in either or both of the cases below?

1) When the "secondary" command is added onto 192.168.5.x Interface? I believe this should not happen unless the user's DHCP lease expires, and it requests an IP from the new 172.22.x.x segment?

2) When new subnet is added onto EIGRP process, the router performs neighbor relationship only with the primary addresses ?

Appreciate your inputs.

Cheers

Mikey

Mikey

Knowing that you are running EIGRP and have a network statement for that vlan subnet does add a small wrinkle to the process. It is not clear whether there are any neighbors on that vlan interface. And that is where there would be something of a blip. For neighbors on other interfaces you are simply adding a new network to be advertised. Your router sends the update, the neighbors process the update and add the new entry to their tables. It is just ordinary EIGRP processing and no impact. If there is a neighbor on this vlan interface then it gets a bit more complicated and there will be at least a little impact. It starts with the fact that if you change the primary IP of this interface then you will also need to change the primary IP address of the neighbor interface. When you change the primary address of one of the interfaces then the neighbor relationship will be torn down. It can not be re-established until both interfaces have new addresses. So that is at least a small blip.

In making that kind of change where you potentially impact connectivity between neighbors you might want to plan it for a maintenance window. And as you start to make the changes you might want to do a reload in x minutes. Schedule the reload, make your changes. If everything is successful and you still have connectivity then cancel the reload. If something did not work as expected then let the reload go ahead and the reload will remove your changes and you will be back where you started.

HTH

Rick

Thanks Richard. There is only EIGRP neighbourship on the uplink interfaces towards the Core switches from these user switches. So, essentially, as you mentioned, I would only be adding the Network statements into the EIGRP process for those two new subnets.

Cheers

Mikey

Mikey

If there are EIGRP neighbors only on the uplink interfaces then there is no impact on routing as you add the new network statements for the new networks or as you remove the network statements for the networks being retired. If there are no neighbors on the other interfaces are you configuring them as passive in EIGRP? It will save a bit of processing if EIGRP does not keep looking for neighbors on those interfaces.

HTH

Rick

Hi Rich,

 Yes, that's right. All the interfaces except the uplinks are passived under Eigrp.

So, the minor blip would only be when we add the new network, and move the old them as secondary.

Cheers

Mikey

Appreciate all your help on getting this clarified Rich.

Cheers

MIkey

Mikey

You are quite welcome. I am glad that my explanations have been helpful.

And in the case where the affected interfaces are passive in EIGRP I would classify the impact of adding a network statement and removing a network statement as normal EIGRP convergence and not really as a blip.

HTH

Rick