Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Subinterfaces . . .


Because my routers only have a single eth interface each, I would like to set up subinterfaces for each one (one for my inside network, one for my outside network). Also, I would like to set up HSRP for my subinterfaces between routers. Since I can't add IP addresses to my subinterfaces without a higher-level IOS, I've ordered full mem upgrades for both. My question is, will my idea work? When I add IP addresses to the subinterfaces right now, I get an error telling me that the main interface has to be set for ISL or dotq. Simple enough, the upgrades will let me do that. But adding those settings to the main interface is usually done when you want to do inter-vlan routing, no? Why would it matter if you're not routing between vlans?



Re: Subinterfaces . . .

For what you are trying to do, adding a secondary address would be better, and does not require adding subinterrfaces.


(Config-intf)# ip addr <-normal, primary interface address

(then add this)

(config-intf)# ip addr SECONDARY <--adds an additonal IP address to the same physical interface

That being said, what you are trying to do is generally considered a very bad idea. You give up most security options, greatly complicate the use of (some/most) routing protocols, and completely give up segregation of the broadcast domains (remember that a broadcast MAC address has a destination of all-ones (ff.ff.ff.ff.ff.ff) regardless of the layer three address).

SECONDARY addresses, IMHO, pretty much exist to aid in the migration of a net/subnet from one IP address block to another (like a company re-design or integrating address blocks of a new branch / newly acquired company); then the old and newly migrated hosts can still work concurrently.

Good Luck


Community Member

Re: Subinterfaces . . .

Thank you, Scott. You're idea sounds much more in line with what I am looking to do.

Question; does HSRP even support subinterfaces the way I'm looking to implement it? I assume it will work fine with a secondary address then?


Community Member

Re: Subinterfaces . . .

In retrospect, this idea won't work in my scenario since I wouldn't be implement HSRP or NAT.

What are the "security options" I would forgo if I used subinterfaces?


CreatePlease to create content