Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Subinterfaces in same vlan with VRF or maby BVI

Hi Forum

 

I´m trying to consolidate many old routers into one new router.

All the old routers is connected to the same internet facing subnet/vlan and each of the old router have an unique IP in that internet facing subnet/vlan.

My goal is to create many sub-interfaces on one physical interface (Connected to the internet subnet/vlan). Each sub-interface will be part of its own VRF.

No matter what I do it always leads me to the same problem…. The router reject to have more than one interface as a member of a subnet/vlan. Even when I uses BVI and virtual MAC address´ per BVI

 

Are there any ways to achieve this goal without buying many physical interfaces for the new router? 

Everyone's tags (1)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

 What you are trying to do is

 

What you are trying to do is not possible. Multiple sub-interface can not be part of same vlan. Why you need all 4 ips on that router and part of different vrf. Cant we delete 3 ips and have just one ip 1.1.1.1/28, all device below this router can change default gateway to 1.1.1.1, if there is any such setup. What is dependency of having all 4 ip addresses.

 

Cisco Employee

Hi, You can use secondary ip

Hi,

 

You can use secondary ip address as below and use same interface to configure multiple ips. I think this should solve your purpose.

 

R1#sh runn int e0/0
Building configuration...

Current configuration : 163 bytes
!
interface Ethernet0/0
 ip address 172.31.12.3 255.255.255.0 secondary
 ip address 172.31.12.4 255.255.255.0 secondary
 ip address 172.31.12.1 255.255.255.0
end

R1#

 

Thanks for rating the previous post.

 

Regards,

Akash

9 REPLIES
Cisco Employee

 Please share router config

 

Please share router config and error you are getting while configuring second subinterface. To check port, i have configured 2 port of 7200 with ip address of same /30 network and connect both interface physically. both interface on separate vrf, and ping was working fine.

 

Regards,

Akash

New Member

ip vrf vrf10 rd 10:10!ip vrf

ip vrf vrf10
 rd 10:10
!
ip vrf vrf20
 rd 20:20
!
ip vrf vrf30
 rd 30:30
!

 

bridge irb

!

interface FastEthernet4.1
 encapsulation dot1Q 1 native
 ip nat outside
 ip virtual-reassembly in
!

interface FastEthernet4.10
 encapsulation dot1Q 1
 ip vrf forwarding vrf10
 ip nat outside
 ip virtual-reassembly in
 bridge-group 10
 bridge-group 10 spanning-disabled
!
interface FastEthernet4.20
 encapsulation dot1Q 1
 ip vrf forwarding vrf20
 ip nat outside
 ip virtual-reassembly in
 bridge-group 20
 bridge-group 20 spanning-disabled
!
interface BVI10
 mac-address 0000.1111.2222
 ip vrf forwarding vrf10
 ip address 35.107.98.220 255.255.255.248
!
interface BVI20
 mac-address 3333.4444.5555
 ip vrf forwarding vrf20
 ip address 35.107.98.221 255.255.255.248
!
interface BVI30
 mac-address 6666.7777.8888
 ip vrf forwarding vrf30
 ip address 35.107.98.222 255.255.255.248

 

bridge 10 protocol ieee
bridge 10 route ip
bridge 20 protocol ieee
bridge 20 route ip
bridge 30 protocol ieee
bridge 30 route ip

!

 

 

 

When i try to change subinterface 10 20 or 30 to vlan 1 i get the following error

 

internet(config)#interface FastEthernet4.10
internet(config-subif)#encapsulation dot1Q 1

%Configuration of multiple subinterfaces of the same main
interface with the same VID (1) is not permitted.
This VID is already configured on FastEthernet4.1.

 

I currently testing the configuration on a Cisco 881 but if i succeed if will be moved to a 3925

 

Cisco Employee

Hello, As the error clearly

Hello,

 

As the error clearly says, you cannot have same vlan assigned to different subinterfaces of same Main interface.

The reason is obvious. Main interfaces sees the vlan id of the receiving packet to judge on which subinterface it actually received the packet. 

If two subinterfaces use same vlan, it would be impossible for the router to know on which which subinterface it received the packet. 

 

Hope this answer's your query.

Regards,

Mohit

New Member

Makes sense. But my question

Makes sense.

 

But my question is not why this config is not working!

The question is more if there is any way to have sub-interfaces of the same physical interface into same VLAN. (E.g. via BVI interfaces to present diff. MAC addresses on each sub-interface there by bypass the vlan limitation)

Im trying to avoid having a "octipus" of a router with many physsical interfaces connecting to the same internet vlan/subnet   

Cisco Employee

 I second Mohit on this.

 

I second Mohit on this. second thing, would like to understand your design. Why are you creating BVI interface and making sub-interface part of bridge-group. Cant we achieve same result with below config by configuring ip address directly on sub-interface. And since on each sub-interface you have configured encapsulation dot1q, so is this interface connected to a trunk interface and you are expecting vlan tagged packet. in that case, please put same vlan what you are expecting like "encap dpt1q 10", "encap dot1q 20" and "encap dot1q 30"

 

interface FastEthernet4.10
 encapsulation dot1Q 10
 ip vrf forwarding vrf10
 ip address 35.107.98.220 255.255.255.248
 ip nat outside
 ip virtual-reassembly in
!
interface FastEthernet4.20
 encapsulation dot1Q 20
 ip vrf forwarding vrf20
 ip address 35.107.98.221 255.255.255.248
 ip nat outside
 ip virtual-reassembly in
!

 

Regards,

Akash

New Member

Hi the interfaces in only

Hi

 

the interfaces in only assigned diff. VLAN to show the error i get when I try to assign a subinterface to vlan that allready have e subinterface assigned to it.

 

BVI was simply to se if binding a subinterface to BVI solved the problem. (But it did not)

 

I have attached a picture of the current setup ant what im trying to do.

Please keep in mind that my internet vlan is only 1 lan/subnet.

 

Cisco Employee

 What you are trying to do is

 

What you are trying to do is not possible. Multiple sub-interface can not be part of same vlan. Why you need all 4 ips on that router and part of different vrf. Cant we delete 3 ips and have just one ip 1.1.1.1/28, all device below this router can change default gateway to 1.1.1.1, if there is any such setup. What is dependency of having all 4 ip addresses.

 

New Member

I have a lot of old routers

I have a lot of old routers doing diff. VPNs and other LAN2LAN type connection.

Changing the IPs to one common IP will be a LOT of work reconfiguering remote endpoints. Some of them I do not control as they are under other companies control.

 

Cisco Employee

Hi, You can use secondary ip

Hi,

 

You can use secondary ip address as below and use same interface to configure multiple ips. I think this should solve your purpose.

 

R1#sh runn int e0/0
Building configuration...

Current configuration : 163 bytes
!
interface Ethernet0/0
 ip address 172.31.12.3 255.255.255.0 secondary
 ip address 172.31.12.4 255.255.255.0 secondary
 ip address 172.31.12.1 255.255.255.0
end

R1#

 

Thanks for rating the previous post.

 

Regards,

Akash

1150
Views
0
Helpful
9
Replies