|
Feature |
Product |
Release introduced |
|---|---|---|
|
Secondary IP Interfaces |
5320 Series |
Fabric Engine 8.10 Only 5320-48P-8XE and 5320-48T-8XE support more than one VRF with IP configuration. |
|
5420 Series |
Fabric Engine 8.10 |
|
|
5520 Series |
Fabric Engine 8.10 |
|
|
5720 Series |
Fabric Engine 8.10 |
|
|
7520 Series |
Fabric Engine 8.10 |
|
|
7720 Series |
Fabric Engine 8.10 |
|
|
VSP 4900 Series |
VOSS 8.10 |
|
|
VSP 7400 Series |
VOSS 8.10 |
The ability to add Secondary IP Interfaces on a Layer 2 VLAN means that you can have both primary and secondary IP subnets as local routes and increase the number of connected hosts. This feature is useful for subnets that have used all available host IP addresses.
You can configure Secondary IP Interfaces on VLAN interfaces only; you cannot configure a Secondary IP Interface for a brouter port or CLIP interface. Both the Global Router (VRF 0) and user-defined VRFs support Secondary IP Interfaces on associated VLANs. The secondary addresses share the same routeable MAC with the primary IP address.
A VLAN interface can support up to 32 secondary IP addresses. The total number of secondary IP addresses you can create on the same switch depends on available resources. For scaling information, see Fabric Engine Release Notes.
DHCP Smart Relay makes DHCP Relay aware of Secondary IP Interfaces. DHCP Smart Relay can also work with a subset of VRRP addresses. For more information, see DHCP Smart Relay for Secondary IP Interfaces.
You must configure a primary IP address on the VLAN before you can add secondary addresses.
You cannot remove a primary IP address if a secondary address exists.
Primary and secondary subnets must be unique across all VLANs, including within the same VLAN. Subnets cannot overlap, meaning you cannot configure a subnet range that would be included within another subnet range.
When the command originates on the switch, the ping and traceroute commands both support secondary IP addresses as the source IP address. If you do not specify a source address as part of the command, the switch automatically uses the a secondary address in the subnet.
Protocol exchange, both unicast and multicast, occurs only on the primary subnet. Control packets use the primary IP address, including neighbor or peer relationships, and election processes.
Note
IGMP interfaces accept and process all IGMP reports received for subnets that belong to that interface, either primary or secondary.
Routing protocols do not advertise secondary subnets; you must configure redistribution of direct routes to announce secondary subnets.
The switch sends all broadcast packets within the VLAN to all hosts regardless of subnet.
You cannot configure the following features on a secondary subnet:
BFD
IP security features
LLDP
Proxy ARP
UDP
Virtual Inter-Switch Trunk (vIST) peers
The following feature restrictions exist for Secondary IP Interfaces:
You cannot configure a MAC offset for secondary IP addresses.
You cannot configure RSMLT on a VLAN with secondary IP addresses.
You cannot configure a DvR Gateway IP address that exists in a secondary subnet. DvR-One-IP always selects the primary IP address.
You cannot configure a secondary IP address as the source IP for a Fabric Extend tunnel.
For more information, see the following tasks: