C.Chaundy@its.unimelb.EDU.AU (09/04/90)
We are just beginning to install cisco routers to raplace a level 2 bridged network on our campus and want to use the secondary IP address feature to ease the transition to a fully subnetted network. We were intending to add a secondary address in the subnet to which we wish to migrate a group of hosts to the ethernet interface that is connected to the current bridged backbone, change the IP numbers of the hosts, and finally delete the secondary address and configure a different interface with this address (and move the physical cable). Does this sound like the right approach? We are also connected to the wider world by a cisco unit connected to our backbone and most systems simply point their default route at its address. When we added the secondary IP address to the 'local' cisco, our 'gateway' cisco did not learn about the new subnet and I had to configure an explicit ip route into the unit (both units are configured for RIP). Is this to be expected, i.e., the secondary network number is not advertised by RIP? Regards, Chris Chaundy Technical Manager, Networks, Information Technology Services, The University of Melbourne Internet: C.Chaundy@its.unimelb.EDU.AU (DTE 505233430003) Phone: +61 3 344 7045 Cables Unimelb Fax: +61 3 347 4803 Telex AA35185 Post: Parkville, Victoria 3052 Australia
swatt@noc.net.yale.edu (Alan S. Watt) (09/06/90)
Chris Chandry of The University of Melbourne writes: ---------------------------------------------------------------------- We are just beginning to install cisco routers to raplace a level 2 bridged network on our campus and want to use the secondary IP address feature to ease the transition to a fully subnetted network. We were intending to add a secondary address in the subnet to which we wish to migrate a group of hosts to the ethernet interface that is connected to the current bridged backbone, change the IP numbers of the hosts, and finally delete the secondary address and configure a different interface with this address (and move the physical cable). Does this sound like the right approach? We are also connected to the wider world by a cisco unit connected to our backbone and most systems simply point their default route at its address. When we added the secondary IP address to the 'local' cisco, our 'gateway' cisco did not learn about the new subnet and I had to configure an explicit ip route into the unit (both units are configured for RIP). Is this to be expected, i.e., the secondary network number is not advertised by RIP? ---------------------------------------------------------------------- In most respects, using secondary addresses is equivalent to having multiple interfaces on the same cable. You have stumbled upon one of the exceptions. Assume you have a simple configuration: ===============+============================ (cable A) | | (interface A: 128.128.1.1 255.255.255.0) +------+--------+ | | | cisco box | | | +------+--------+ | (interface B: 128.128.2.1 255.255.255.0) | ===============+============================ (cable B) Now assume you have the class B network 128.128.0.0 assigned, and subnetted on an 8-bit boundary. Also assume interface A has address 128.128.1.1 and interface B has address 128.128.2.1. In this configuration, the router would advertise subnet 128.128.2.0, plus any other networks learned about through interface A onto interface B. It would also advertise subnet 128.128.1.0, plus any other networks learned about through interface B onto interface A. It would *NOT* advertise 128.128.1 out via interface A nor 128.128.2 out via interface B. If you add secondary addresses (say 128.128.3.0 255.255.255.0 on interface A), the same rules apply. 128.128.3 will be advertised out via interface B, but not out via interface A. This behavior is reasonable, just "not what I want" in some circumstances. A further caveat is the router will never generate a datagram with a source of a secondary interface address. You can "ping" a secondary address and the return datagram comes back correctly sourced; you can "telnet" to a secondary address and everything will work. But no SNMP traps, log messages, or routing updates will go out sourced as a secondary address. This can cause "routed" on some systems (Suns) to complain about "packet from unknown router" when they receive a routing update from an address they do not believe is on a directly attached network. What will work is: 1) Assign subnet or network numbers to cables just as you would if you had routers instead of bridges. 2) Assign secondary addresses to appropriate interface(s) of the router. My convention is the gateway between the core network and a subnet is always node "1" in each subnet. I call the subnets created by these secondary addresses "virtual subnets". 3) Configure hosts on the virtual subnets to *not* run a routing protocol, but instead have a static default route to appropriate secondary interface address. 4) Configure any additional cisco routers on this cable to be in on the secret, either by further secondary addresses or by interface routes. I don't recommend trying to make UNIX-based routers smart about such a scheme, as they will attempt to forward directed broadcasts for the secondary subnets (they don't know it's a broadcast and haven't saved the MAC header to figure it out the way cisco does). Configure them instead to have a static default route to a smart cisco gateway. Ordinary host configurations are thus kept very simple; you need only specify IP address, subnet mask, and default gateway. Hosts on two different virtual subnets on the same cable will route packets to each other via the cisco box. This means the same packet will appear twice on the same cable, so this is not a good solution if traffic on a particular cable is very heavy. I use secondary addresses heavily; at one point there were 8 networks running on a sigle cable. - Alan S. Watt High Speed Networking, Yale University Computing and Information Systems Box 2112 Yale Station New Haven, CT 06520-2112 (203) 432-6600 X394 Watt-Alan@Yale.Edu Disclaimer: "Make Love, Not War -- Be Prepared For Both" - Edelman's Sporting Goods [and Marital Aids?]