Can a router have 2 of its interfaces on the same subnet?
JoeBirds
Member Posts: 49 ■■□□□□□□□□
in CCNA & CCENT
Picture a simple LAN with a 2 switches and a few PCs on each switch. Can a router have each of its interfaces connecting to each switch? I know it would definitely work for the LAN only traffic as the router wouldn't even come into play and the switches would simply forward the traffic directly to the destination. I still can't see how it wouldn't work but then when I google it, most people say it wouldn't. I know this would mess up the routing table, but I simply don't see how traffic wouldn't traverse.
Thanks in advanced.
Thanks in advanced.
Comments
-
networker050184 Mod Posts: 11,962 ModSo if you have the same subnet on two interfaces how does the router know where to send the traffic?An expert is a man who has made all the mistakes which can be made.
-
JoeBirds Member Posts: 49 ■■□□□□□□□□networker050184 wrote: »So if you have the same subnet on two interfaces how does the router know where to send the traffic?
A WAN link could certainly be used to forward the traffic. The router doesn't HAVE to use only 2 interfaces. Don't get me wrong, I know this would be completely impractical, but for a router with only one LAN connected to it, I don't see how it could not forward traffic out it's WAN interfaces. -
deth1k Member Posts: 312not sure about routers but you can with L3 switch using "ip unnumbered" on SVIs
-
Met44 Member Posts: 194Go back to the first example with the two switches... if the router attempts to ping a PC on the LAN, which interface does it choose to send the packet out of? What happens if the PC was connected to the other interface? The situation is the same if the router attempts to route packets between the LAN segments.
-
pogue Member Posts: 213From the host perspective, you're right, the host will forward out their ethernet ports so long as the default gateway is set to be in the same network it's IP address is in.
Now, if you could somehow configure two different "routed" (this is the key) ports for the same network, as met44 has stated, how would the router know which port to send it out of? The router does not know whether or not all the hosts are connected off both router ports. So, what does it do? "Load-balance"? If so, a single host connected off of one single router port will only receive half of it's packets.
No bueno.
Does it send it out of "both" ports??
Router don't do that. It's hard to come up with a single example, as your hypothetical situation goes against every concept of what routers do, but I can easily imagine a network topology that would generate a broadcast storm if a router routed the same packet to two different ports. This could easily take down a switched network connected to this hypothetical router.
Hopefully this clears things up a bit.
RussCurrently working on: CCNA:Security
Up next: CCNA:Voice -
JoshyJ Member Posts: 32 ■■□□□□□□□□Yes you can. The two switches need to be stacked and the two ports will be setup with etherchannel.
-
pogue Member Posts: 213Yes you can. The two switches need to be stacked and the two ports will be setup with etherchannel.
Well, yes.... But this is not technically what the OP was referring to. He was talking about configuring two different routed ports with two different IPs in the same subnet.
An etherchannel basically "smooshes" two ethernet ports together and makes them act as one, with a single IP address. (Unless doing inter-VLAN routing..)
RussCurrently working on: CCNA:Security
Up next: CCNA:Voice -
xXErebuS Member Posts: 230If you use IRB you can... but then the interfaces are not technically "routed" interfaces as I believe pogue was hinting at.
-
JoeBirds Member Posts: 49 ■■□□□□□□□□From the host perspective, you're right, the host will forward out their ethernet ports so long as the default gateway is set to be in the same network it's IP address is in.
Now, if you could somehow configure two different "routed" (this is the key) ports for the same network, as met44 has stated, how would the router know which port to send it out of? The router does not know whether or not all the hosts are connected off both router ports. So, what does it do? "Load-balance"? If so, a single host connected off of one single router port will only receive half of it's packets.
No bueno.
Does it send it out of "both" ports??
Router don't do that. It's hard to come up with a single example, as your hypothetical situation goes against every concept of what routers do, but I can easily imagine a network topology that would generate a broadcast storm if a router routed the same packet to two different ports. This could easily take down a switched network connected to this hypothetical router.
Hopefully this clears things up a bit.
Russ
I guess I'm just imagining the routing table listing the LAN (192.168.3.0/24, let's use) out both of those interfaces. When you said that the host will only get half of the packets if the router "load balanced", why would that be? The packets would have the same destination MAC address, they are just going out two ports. The switch would still forward each packet to the host as they all have the same desination MAC, they are just coming from 2 different router ports. I don't see why the half the packets would be dropped. The switch would forward each packet based on it's destination MAC, as it would stay the same even though the router is "load-balancing" out both of it's Fa ports.
Sorry if I'm being an annoyance, I just can't wrap my head around it. Lab time. -
karthik537 Registered Users Posts: 1 ■□□□□□□□□□Hi pogue,
Please find the hypothetical topology above.
In the figure lets say the Router R2 is having two different ip addresses of same subnet prefix on two ports.
Lets say the ip addresses of these 2 ports as 192.168.1.1 and 192.168.1.2 and the ip address of outside port of R2 as 213.10.25.1 (global unique address).
and the ip addresses of PC7 is 192.168.1.7
the ip addresses of PC5 is 192.168.1.5
the ip addresses of PC8 is 192.168.1.8
the ip addresses of PC9 is 192.168.1.9
the ip addresses of PC6 is 192.168.1.6
the ip addresses of PC10 is 192.168.1.10
and lets say we have dynamic NAT in R2 and the the traffic from all the above PC's will be mapped to 213.10.25.1 with different ports for every PC.
So, now if PC7 has requested http traffic, then in the way of receiving the response, when the traffic for PC7 comes from R1 to R2, lets say with the dynamic NAT, the destination address resoluted as 192.168.1.7:80. So, now here is the confusion on which port to go. Here at this point, why can't we have a mechanism like for a group of addresses in the subnet, the traffic has to go on a particular ip address. Like, the traffic for the ip addresses 192.168.1.7, 192.168.1.5 and 192.168.1.8 has to go on the port having the ip address 192.168.1.1 of Router R2. And the traffic for the ip addresses 192.168.1.9, 192.168.1.6 and 192.168.1.10 has to go on the port having the ip address 192.168.1.2 of Router R2. -
wrwarwick Member Posts: 104karthik537 wrote: »Hi pogue,
Please find the hypothetical topology above.
In the figure lets say the Router R2 is having two different ip addresses of same subnet prefix on two ports.
Lets say the ip addresses of these 2 ports as 192.168.1.1 and 192.168.1.2 and the ip address of outside port of R2 as 213.10.25.1 (global unique address).
and the ip addresses of PC7 is 192.168.1.7
the ip addresses of PC5 is 192.168.1.5
the ip addresses of PC8 is 192.168.1.8
the ip addresses of PC9 is 192.168.1.9
the ip addresses of PC6 is 192.168.1.6
the ip addresses of PC10 is 192.168.1.10
and lets say we have dynamic NAT in R2 and the the traffic from all the above PC's will be mapped to 213.10.25.1 with different ports for every PC.
So, now if PC7 has requested http traffic, then in the way of receiving the response, when the traffic for PC7 comes from R1 to R2, lets say with the dynamic NAT, the destination address resoluted as 192.168.1.7:80. So, now here is the confusion on which port to go. Here at this point, why can't we have a mechanism like for a group of addresses in the subnet, the traffic has to go on a particular ip address. Like, the traffic for the ip addresses 192.168.1.7, 192.168.1.5 and 192.168.1.8 has to go on the port having the ip address 192.168.1.1 of Router R2. And the traffic for the ip addresses 192.168.1.9, 192.168.1.6 and 192.168.1.10 has to go on the port having the ip address 192.168.1.2 of Router R2.
In the above case you wouldn't have a router in R2's place - it would be a switch. The function of a router is to route between two networks; you would never need to route between the same subnet. Remember the OSI model: routing operates at layer 3, and switching at layer 2. All of the PCs in your local LAN in the example would not need a router to talk to each other because of this.
As for your confusion, just remember the OSI model. You don't use a router to segment layer 2 domains. A router is just not used for the purpose that you are indicating. -
instant000 Member Posts: 1,745I couldn't even make a router take this misconfiguration. You get a warning message that the interface is misconfigured.
if the interface is already up, it just won't take the IP.
if the interface is down, it'll let you input the bad IP, but it'll stay ADMINISTRATIVELY down.*Mar 1 00:00:09.599: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down *Mar 1 00:00:09.599: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down *Mar 1 00:00:09.759: %SYS-5-RESTART: System restarted -- Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T14, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2010 by Cisco Systems, Inc. Compiled Tue 17-Aug-10 12:08 by prod_rel_team *Mar 1 00:00:09.779: %SNMP-5-COLDSTART: SNMP agent on host R1 is undergoing a cold start *Mar 1 00:00:09.839: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF *Mar 1 00:00:09.839: %CRYPTO-6-GDOI_ON_OFF: GDOI is OFF *Mar 1 00:00:10.599: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down *Mar 1 00:00:10.599: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down R1# R1#sh ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES unset administratively down down FastEthernet0/1 unassigned YES unset administratively down down R1#config t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#int range f0/0 - 1 R1(config-if-range)#no shut R1(config-if-range)#int f0/0 R1(config-if)# *Mar 1 00:00:43.575: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up *Mar 1 00:00:43.595: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up *Mar 1 00:00:44.575: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up R1(config-if)#ip *Mar 1 00:00:44.595: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up R1(config-if)#ip address 192.168.1.1 255.255.255.0 R1(config-if)#int f0/1 R1(config-if)#do sho ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 192.168.1.1 YES manual up up FastEthernet0/1 unassigned YES unset up up R1(config-if)#ip address 192.168.1.2 255.255.255.0 % 192.168.1.0 overlaps with FastEthernet0/0 R1(config-if)#do sho ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 192.168.1.1 YES manual up up FastEthernet0/1 unassigned YES unset up up R1(config-if)#shut R1(config-if)#do sh *Mar 1 00:01:36.923: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down *Mar 1 00:01:37.923: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down R1(config-if)#do sho ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 192.168.1.1 YES manual up up FastEthernet0/1 unassigned YES unset administratively down down R1(config-if)#ip address 192.168.1.2 255.255.255.0 % 192.168.1.0 overlaps with FastEthernet0/0 R1(config-if)#no shut % 192.168.1.0 overlaps with FastEthernet0/0 FastEthernet0/1: incorrect IP address assignment R1(config-if)#do sho ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 192.168.1.1 YES manual up up FastEthernet0/1 192.168.1.2 YES manual administratively down down R1(config-if)#end R1# *Mar 1 00:02:01.899: %SYS-5-CONFIG_I: Configured from console by console R1#
Currently Working: CCIE R&S
LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!) -
PCHoldmann Member Posts: 450IRB is the only way to make this work.
Here's my lab config:
######################
bridge irb
!
interface FastEthernet1/0
no ip address
speed auto
duplex auto
bridge-group 1
!
interface FastEthernet1/1
no ip address
speed auto
duplex auto
bridge-group 1
!
interface BVI1
ip address 192.168.1.1 255.255.255.0
!
bridge 1 protocol ieee
bridge 1 route ip
######################
The BVI interface is basically the same thing as an SVI (VLAN) interface on a layer 3 switch. Any IP configuration would be done here.There's no place like ^$
Visit me at Route, Switch, Blog -
Priston Member Posts: 999 ■■■■□□□□□□I've never heard of BVI, could it be used like Etherchannel. Using 2 links between a 2811 and a gateway.A.A.S. in Networking Technologies
A+, Network+, CCNA -
networker050184 Mod Posts: 11,962 ModWhy not just actually use an actual etherchannel in that scenario? BVI for sutff like this is just adding unneeded complexity. Design it right and don't hack L2 networks together.An expert is a man who has made all the mistakes which can be made.
-
Priston Member Posts: 999 ■■■■□□□□□□At first I didn't realize 2811s supported Etherchannel but I guess they do.A.A.S. in Networking Technologies
A+, Network+, CCNA -
wintermute000 Banned Posts: 172THe standard answer is that a router cannot. Not sure re: the 'hacks' described above.
However interestingly many appliances can do this e.g. most linux based implementations, they can assign as many floating IPs in the same interface as you want. Ditto with firewalls presenting virtual IPs or an ASA NATting multiple IPs in the same subnet.
You can also use secondary IPs on a router interface but there are strong caveats to doing this.
The 'correct' way of doing what you want is to use multilayer switching and have two interfaces on the same VLAN, then the IP is on the SVI or BVI. You can do this with a 'true' multilayer switch or a switch card in a router. -
PCHoldmann Member Posts: 450You would only be able to do etherchannel to a single switch or a stack, not two standalone switches.
Whether this "should" be done or not would depend on your design goals.There's no place like ^$
Visit me at Route, Switch, Blog