Subinterfaces on Ethernet ports?

On a 2621, I'm currently assigning several secondary IP's to one Fast Ethernet port. I'm wondering if it would be better to creating a separate subinterface on that port for each subnet. In other words, would it be better to have F0/1.1, F0/1.2, etc. each with a single primary IP, instead of a lengthy list of secondary IP's on F0/1?

One reason for favoring the subinterface approach is that it may be easier to monitor traffic using MRTG. I believe MRTG can monitor by ports, but not necessarily by IP address range (I don't know how you'd associate an address range to SMTP). By giving each subnet its own (sub)interface, could MRTG access each subinterface as a (virtual) standalone port via SMTP?

Does configuring lots of subinterfaces in this way generate more CPU load than having lots of secondary IP's on a single port?

Any other considerations?

Can't give you an answer in relation to monitoring the sub-interfaces using MRTG but I definitely favour the sub-interface config instead of multiple secondary IP addresses. The first advantage in using sub-interfaces is when you ping devices attached to the sub-interfaces, the router will actually use the IP address configured on the sub-interface as the source address. IF you had use the secondary address method, the router will use the primary IP address configured on the main (physical) interface as the source and hence make life a bit difficult when troubleshooting using ICMP. Further more, I believe that you can have up to 6 secondary addresses while the sub-interface approach gives you a lot more (may be 100s). I don't think that having more sub-interfaces creates that much more load (if any) on the router. What's more is that if you decided to trunk your interface on the 2621, sub-interface is the ONLY way for VLAN routing. Defnitely recommended. BTW, if you decided to trunk, make sure that your IOS is capable of doing it. Some IOS out there does not come with VLAN routing capability.

Thank you for your informative response!

Does anyone know if there is a real/practical limit on the number of subinterfaces which can be defined on a 2600 Ethernet port? Vincent suggests it may be in the hundreds, but it would be nice to RTFM something on that, or at least hear from someone who has actually created dozens or hundreds of subinterfaces this way.


The practical limit is about 300 (sub)interfaces per router. See IDB limit details in



Great reference (although the first part of the URL is invalid) - thanks!

In reading this reference, I learned about the "show idb" command. The article claims that "show idb" will report the maximum number of IDB's the platform can support:

"To see the maximum number of IDBs, the number of IDBs currently in use (along with their memory consumption), use the show idb IOS command."

...and provides this example [excerpt]:

Router#show idb

Maximum number of IDBs 4096

42 SW IDBs allocated (2440 bytes each)

[end of excerpt]

Sadly, when I run this command on my 2621 (12.0(7) XK1), I don't get the "maximum" report:

router#sho idb

4 SW IDBs allocated (2512 bytes each)

3 HW IDBs allocated (4288 bytes each)

HWIDB#1 1 FastEthernet0/0 (Ether)

HWIDB#2 2 Serial0/0 (Serial)

HWIDB#3 3 FastEthernet0/1 (Ether)

router# I'll have to presume that the IDB limit is set to 300 per the above reference.

Thanks again!