Options
secondary addressing vs. subinterfaces - vlan tagging
smcclenaghan
Member Posts: 139
in CCNA & CCENT
Ok, does this sound correct?
Secondary addressing (ie, when a second ip address is configured on the same physical interface without using subinterfaces) allows two networks to work on the same physical and logical interface.
So, if we had a router's Fa0/0 configured as follows:
interface Fa0/0
ip address 192.168.2.0 255.255.255.0 secondary
ip address 192.168.1.0 255.255.255.0
And we have a directly connected switch (Switch-01) off Fa0/0 with:
PC 1 on vlan 1 (192.168.1.0/24) with IP 192.168.1.111 and MAC: AAAA:AAAA:AAAA
PC 2 on vlan 2 (192.168.2.0/24) with IP 192.168.2.222 and MAC: BBBB:BBBB:BBBB
Default gateways of 192.168.1.1 and 192.168.2.2, both with same MAC of router's Fa0/0: CCCC:CCCC:CCCC)
If PC 1 wanted to send to PC 2, PC 1 would realize PC2 is on a different network and create a frame destined for CCCC:CCCC:CCCC (MAC of its gateway). Switch-01 would get this frame and forward to the router based on Switch-01's mac-address table.
192.168.1.1 receives this frame, strips the header, checks its routing table (for 192.168.2.222) and notices it is on the directly connected network 192.168.2.0/24. However PC2 has been quiet lately (or maybe just off) and so there's no entry for it in the router's arp table.
The router arps and I THINK here is the major difference between secondary addressing and subinterface addressing.
In the case of secondary addressing, Switch-01 doesn't get any VLAN tag info with the router's ARP. (How could it? VLAN info can't be applied to secondary IP info like it can with subinterfaces). So our switch takes the router's ARP for 192.168.2.222 and forwards it out ALL ports. (We don't care what happens after that).
In the case of subinterfaces, the switch receiving our router's ARP does get VLAN tag info (because it is configured within the subinterfaces). Now our switch gets an arp for 192.168.2.222 and only sends it out ports mapped to VLAN 2.
I hope I haven't made this more convoluted than it warrants, but I wanted to be really really clear. For the pros on here... am I even close to understanding the differences between secondary addressing and subinterfacing addressing?
I also get, that with secondary addressing, you open yourself to split horizon issues with routing protocols, etc.. but for this post, I'm mostly concerned with making sure I understand how secondary addressing works with VLAN tagging.
Secondary addressing (ie, when a second ip address is configured on the same physical interface without using subinterfaces) allows two networks to work on the same physical and logical interface.
So, if we had a router's Fa0/0 configured as follows:
interface Fa0/0
ip address 192.168.2.0 255.255.255.0 secondary
ip address 192.168.1.0 255.255.255.0
And we have a directly connected switch (Switch-01) off Fa0/0 with:
PC 1 on vlan 1 (192.168.1.0/24) with IP 192.168.1.111 and MAC: AAAA:AAAA:AAAA
PC 2 on vlan 2 (192.168.2.0/24) with IP 192.168.2.222 and MAC: BBBB:BBBB:BBBB
Default gateways of 192.168.1.1 and 192.168.2.2, both with same MAC of router's Fa0/0: CCCC:CCCC:CCCC)
If PC 1 wanted to send to PC 2, PC 1 would realize PC2 is on a different network and create a frame destined for CCCC:CCCC:CCCC (MAC of its gateway). Switch-01 would get this frame and forward to the router based on Switch-01's mac-address table.
192.168.1.1 receives this frame, strips the header, checks its routing table (for 192.168.2.222) and notices it is on the directly connected network 192.168.2.0/24. However PC2 has been quiet lately (or maybe just off) and so there's no entry for it in the router's arp table.
The router arps and I THINK here is the major difference between secondary addressing and subinterface addressing.
In the case of secondary addressing, Switch-01 doesn't get any VLAN tag info with the router's ARP. (How could it? VLAN info can't be applied to secondary IP info like it can with subinterfaces). So our switch takes the router's ARP for 192.168.2.222 and forwards it out ALL ports. (We don't care what happens after that).
In the case of subinterfaces, the switch receiving our router's ARP does get VLAN tag info (because it is configured within the subinterfaces). Now our switch gets an arp for 192.168.2.222 and only sends it out ports mapped to VLAN 2.
I hope I haven't made this more convoluted than it warrants, but I wanted to be really really clear. For the pros on here... am I even close to understanding the differences between secondary addressing and subinterfacing addressing?
I also get, that with secondary addressing, you open yourself to split horizon issues with routing protocols, etc.. but for this post, I'm mostly concerned with making sure I understand how secondary addressing works with VLAN tagging.
Comments
-
Optionssmcclenaghan
Member Posts: 139
Figures... as soon as I type that chapter on War and Peace, I find something online which is making me think that when you use secondary IP addressing, that address must be in the same vlan.
So on Switch-01, I'd also add:
interface Vlan1
ip address 10.0.1.103 255.255.255.0 secondary
ip address 10.0.0.103 255.255.255.0
I think this is it, but if someone could confirm, I'd find it insanely useful. -
Options
Dieg0M
Member Posts: 861
When you use a secondary address, the second subnet shares the same broadcast domain as your primary subnet. Therefore, they have to be in the same VLAN.Follow my CCDE journey at www.routingnull0.com -
Optionssmcclenaghan
Member Posts: 139
Thank you for the clarification, DeigOM. That makes a lot more sense.
