Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
289
Views
0
Helpful
3
Replies

Subinterfaces . . .

shikamarunara
Level 4
Level 4

‎09-26-2006 04:33 PM - edited ‎03-03-2019 05:15 AM

Hi,

Because my routers only have a single eth interface each, I would like to set up subinterfaces for each one (one for my inside network, one for my outside network). Also, I would like to set up HSRP for my subinterfaces between routers. Since I can't add IP addresses to my subinterfaces without a higher-level IOS, I've ordered full mem upgrades for both. My question is, will my idea work? When I add IP addresses to the subinterfaces right now, I get an error telling me that the main interface has to be set for ISL or dotq. Simple enough, the upgrades will let me do that. But adding those settings to the main interface is usually done when you want to do inter-vlan routing, no? Why would it matter if you're not routing between vlans?

-Shikamaru

Labels:
0 Helpful
3 Replies 3

scottmac
Level 10
Level 10

‎09-26-2006 07:00 PM

For what you are trying to do, adding a secondary address would be better, and does not require adding subinterrfaces.

Example:

(Config-intf)# ip addr 192.168.1.1 255.255.255.0 <-normal, primary interface address

(then add this)

(config-intf)# ip addr 10.10.10.10 255.255.255.0 SECONDARY <--adds an additonal IP address to the same physical interface

That being said, what you are trying to do is generally considered a very bad idea. You give up most security options, greatly complicate the use of (some/most) routing protocols, and completely give up segregation of the broadcast domains (remember that a broadcast MAC address has a destination of all-ones (ff.ff.ff.ff.ff.ff) regardless of the layer three address).

SECONDARY addresses, IMHO, pretty much exist to aid in the migration of a net/subnet from one IP address block to another (like a company re-design or integrating address blocks of a new branch / newly acquired company); then the old and newly migrated hosts can still work concurrently.

Good Luck

Scott

0 Helpful

shikamarunara
Level 4
Level 4
In response to scottmac

‎09-26-2006 07:22 PM

Thank you, Scott. You're idea sounds much more in line with what I am looking to do.

Question; does HSRP even support subinterfaces the way I'm looking to implement it? I assume it will work fine with a secondary address then?

-Shikamaru

0 Helpful

shikamarunara
Level 4
Level 4
In response to scottmac

‎09-26-2006 10:09 PM

In retrospect, this idea won't work in my scenario since I wouldn't be implement HSRP or NAT.

What are the "security options" I would forgo if I used subinterfaces?

-Shikamaru

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents