subinterfaces

Answered Question
Aug 21st, 2009
User Badges:

Greetings!


I am playing with some equipment with the purpose of learning how things work. I have 2 linux servers connected to a router, each via the ethernet port. I think I should be able to create subinterfaces on the linux machines with ip addresses in different subnets. I think I should be able to ping any subinterface from one server to the other. Should I configure subinterfaces on the router and use them as the default gw for the server?


I have tried a few configurations but I can only ping the one interface on the router that is on the native vlan. I have not been successful in pinging across the router.


Any help would be very appreciated.

Correct Answer by Giuseppe Larosa about 7 years 11 months ago

Hello Tan,


to be able to use vlan based subinterfaces both the router and the linux boxes have to agree on:

encapsulation : 802.1Q

and vlan id tag


example

int f0/0

no ip address

no sh


int f0/0.10

enc dot1q 10

ip address 10.10.10.1 255.255.255.0


int f0/0.20

enc dot1q 20

ip address 10.10.11.1 255.255.255.0


the same has to be done on the linux boxes with the appropriate commands.


Hope to help

Giuseppe



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Correct Answer
Giuseppe Larosa Fri, 08/21/2009 - 02:19
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Tan,


to be able to use vlan based subinterfaces both the router and the linux boxes have to agree on:

encapsulation : 802.1Q

and vlan id tag


example

int f0/0

no ip address

no sh


int f0/0.10

enc dot1q 10

ip address 10.10.10.1 255.255.255.0


int f0/0.20

enc dot1q 20

ip address 10.10.11.1 255.255.255.0


the same has to be done on the linux boxes with the appropriate commands.


Hope to help

Giuseppe



nguyen-tan Mon, 08/24/2009 - 08:04
User Badges:

hi Giuseppe,


Thanks for your help. I have it working now. Is there a reason why you have to specify VLANs in this type of scenarios? Why can't you have subinterfaces without vlans?

Peter Paluch Mon, 08/24/2009 - 08:31
User Badges:
  • Cisco Employee,

Hello Nguyen,


Actually your question was probably meant to be: 'Why do you have to use VLAN tagging on subinterfaces?'


Note that by simply creating a subinterface on a physical interface, you are already virtualizing it. If the physical interface is a LAN interface, by creating a subinterface, you are creating a virtual LAN interface, that is, a VLAN. In other words, creating a subinterface on a LAN interface constitutes creating a VLAN.


Distinguishing between various VLANs on a single physical interface is another issue. There must be something added to the Ethernet frames that are received and sent on a interface with subinterfaces, otherwise, frames sent from two different subinterfaces on your Linux box or your router could not be properly differentiated at the other end. You need to use the VLAN tags for that purpose. Each subinterface needs a unique VLAN tag to provide uniqueness for each frame it sends and to know which received frames to process. On Cisco routers, defining a VLAN tag is a required task for a LAN subinterface, otherwise that subinterface will not be operational.


I hope this clarifies things a bit.


Best regards,

Peter


Giuseppe Larosa Mon, 08/24/2009 - 09:00
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Tan,

the short answer is for forwarding efficiency:

vlan-ids allow to multiplex / demultiplex traffic between different logical subinterfaces in a very simple and so efficient manner.


Otherwise each packet should be examined to decide to what subinterface it is related and this is easy only if the destination is an ip address of one of the subinterfaces.


What if a packet is sent with a destination that is behind one of the subinterfaces (that use the subinterface ip subnet as the next-hop to the final destination)?

How to understand which subinterface should handle the packet?


Be aware that subinterfaces of the same physical interface share the same source MAC address (that of the main interface)


Vlans allow to confine broadcast traffic.


An alternate way to do this would be to use a different mac address for each subinterface.

This would solve the ambiguity problem described above, but it wouldn't help to confine broadcast traffic as vlans do.


Hope to help

Giuseppe


Jon Marshall Fri, 09/04/2009 - 10:53
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

John


Yes absolutely.


Each subinterface is a logical interface and there is no requirement that the subnet masks are all the same on all the subinterfaces.


Jon

Actions

This Discussion