|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Quick question about secondary addresses
On Sat, 31 Jul 2004, Jesper Skriver wrote: > > On Fri, Jul 30, 2004 at 10:21:06AM -0700, Dan Lockwood wrote: > > > I'm in a debate with a guy over the use of 'ip address x.x.x.x s.s.s.s > > secondary' on Cisco gear. I seem to remember reading that the use of > > secondary addresses is a bad idea, but I can't recall the details of > > why. Process switched? > > No, traffic to hosts within a subnet configured as secondaries > will be CEF switched. > > The only "bad" thing I can think of with secondaries, is that it's often > not what you want, why not split it on layer 2 as well, and get the > benefit of a smaller broadcast domain ? A few other possible issues: 1) routing protocols (i.e. ospf) will not form adjacencies with devices in the secondary address subnets...so if you're doing this to get more address space on a particular ethernet without renumbering, if you need OSPF on the ethernet, all the OSPF speakers have to be in the primary subnet. 2) If you're doing this to separate customers, it doesn't really. They're all free to steal each others IPs. Better solutions would be VLAN trunking back to the router with a subint for each subnet or a L3 switch effectively doing that all in one box. 3) Human error. More than once I've seen someone change an interface's primary IP by "adding a secondary" and hitting return before typing "secondary". Maybe it would have been better/safer if the command were "secondary ip addr ..." :) ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
|