Cisco IPv4 IP Address – Implementing a Secondary IP Address

ciscoipip addressipv4

I am familiar with adding a secondary ip address to cisco device interfaces in order to work around corner case scenarios, for example having 2 ip subnets within the same vlan, needing to expand when one subnet is exhausted or to migrate the default gateway of a host from one address to another etc.
The implementation scenarios I have seen Customers/clients use seem to point towards poor network design but I am not sure whether its usage is also perfectly valid either?

I would like to know what are the main pitfalls related to using a secondary ip addresses on an interface, i.e use of the same broadcast domain, any impact upon TTL, impact on DHCP, sharing of mac address, sub-optimal routing between hosts etc?

Best Answer

The use of secondary IP interface addresses on Cisco routers at least do not seem to have major pitfalls necessarily but moreover some limitations I've found it is useful to be aware of.

  • A flat network using secondary addresses/multiple subnets will avoid the need employ dot1q trunking but will generate more broadcast traffic (if the purpose is to be able to increase the number of hosts). Depending on design this can impact upon network performance, specifically the hosts/clients.
  • Routing protocols:
    • In EIGRP neighbour adjacencies will not form on secondary ip addresses full stop.
    • In OSPF then secondary addressed networks are considered as stubs so no hello packets are sent on them and will not form adjacencies either.
    • In BGP then since it acts as an application on top of TCP then its doesn't seem to care if they are primary or secondary due to the TCP process just attempting to match a source address received with an available BGP peer to form neighborship... So this can work but be careful not to mismatch primary and secondary.
  • Packets sourced from the router will be from the primary interface address (Routers on a segment should normally agree on what the primary subnet is).
  • Multicast PIM interface configuration needs routers that connect to each other to use the same subnet as the primary address as opposed to secondary.

To avoid issues then I'll use primary addressing wherever possible and secondary in corner case scenarios.

Related Topic