Cisco 3620 e0/0 Second IP

Yep, you use the IP ADDRESS address mask SECONDARY command, and here it is, excerpted from Cisco's site:

Assigning Multiple IP Addresses to Network Interfaces
Cisco IOS software supports multiple IP addresses per interface. You can specify an unlimited number of secondary addresses. Secondary IP addresses can be used in a variety of situations. The following are the most common applications:

•There might not be enough host addresses for a particular network segment. For example, suppose your subnetting allows up to 254 hosts per logical subnet, but on one physical subnet you must have 300 host addresses. Using secondary IP addresses on the routers or access servers allows you to have two logical subnets using one physical subnet.

•Many older networks were built using Level 2 bridges, and were not subnetted. The judicious use of secondary addresses can aid in the transition to a subnetted, router-based network. Routers on an older, bridged segment can easily be made aware that many subnets are on that segment.

•Two subnets of a single network might otherwise be separated by another network. You can create a single network from subnets that are physically separated by another network by using a secondary address. In these instances, the first network is extended, or layered on top of the second network. Note that a subnet cannot appear on more than one active interface of the router at a time.



--------------------------------------------------------------------------------

Note If any router on a network segment uses a secondary address, all other routers on that same segment must also use a secondary address from the same network or subnet.


--------------------------------------------------------------------------------


To assign multiple IP addresses to network interfaces, use the following command in interface configuration mode:


 Command  Purpose  
Router(config-if)# ip address ip-address mask secondary
 Assigns multiple IP addresses to network interfaces.
 






--------------------------------------------------------------------------------

Note IP routing protocols sometimes treat secondary addresses differently when sending routing updates. See the description of IP split horizon in the "Configuring IP Enhanced IGRP," "Configuring IGRP," or "Configuring RIP" chapters for details.


--------------------------------------------------------------------------------


See the " Creating a Network from Separated Subnets Example" section at the end of this chapter for an example of creating a network from separated subnets.

JonSH is correct in that you need to use the ip address <ip> <mask> secondary command.
I think your inital mistake is your trying to subnet the interface like a serial link.  I don't believe the IOS allows you to subinterface a regular Ethernet link like a serial link, except when using it as a trunk port for multiple vlans.

So you would just do

config term
interface e0/0
ip address <ip> <mask>    (this would be for your first ip)
ip address <ip> <mask> secondary (second ip)
end

-=[ Felix ]=-

Sub interfaces and secondary addresses each address specific kinds of issues.

Since you weren't clear on the difference, it may be that a secondary address is not the solution to the original problem.  WHY do you wish to assign a second address?  What are you hoping to achieve by that route?

PennGwyn raises an interesting point.  

Secondary IP addresses are used to run two completely separate brodcast domains (different IP networks) on the same ethernet

Subinterfaces are putting different VLANS on the same interface as a TRUNKED port, which is almost the same thing except it would have to be connected to a port on a switch that is also TRUNKED and has the same VLAN definitions (or a router with a TPMIM card installed, etc).  

I'm assuming since it's a 3620 and no switch was mentioned, you want a secondary IP, not vlans on a sub-int.

THank you all for the input.. for some reason I was just alerted that posts had been made.. excuse my delay.

To make a long stroy short there are two subnets on the ethernet interface of the 3620... there is one host in the second subnet... and a router.. it is for a specific task basically routing traffic from one machine across a frame relay link... I need to setup a route to this second router but since it is not in the same subnet I need an ip address in that subnet to route the traffic across.. since I only have one ethernet card in the router I just want to attach a second Ip to the ethernet interface and then statically define the route... can I use the secondary for this?

Thnks

Yeah, I think you can.  You might have to add the route manually tho.  I'm not sure a secondary will get picked up for the routing table.

It should show up as a connected interface in your routing table.
show ip route
will show you the routing table.
If it is just a few hosts you should be fine with adding a secondary ip.  Though from a security perspective you would not be isolating this box off from the other segment since they would be on the same switch and broadcast domain.

-= Felix |=-

Got it thank you all for your help... any ideas on how many "secondary" ip addresses you can add to a single interface?

Hmm...I've never seen an upper limit.....on the other hand, if you really need a lot, I suggest you might need to reexamine your addressing design...

yes I understand I was just asking the question.

Thakns

Make sure you have "no ip redirects" set on the E0/0 interface.  It knows that both the server and the other router are on the same physical segment, but neither of them has any way to know it.

A second port, either on the 3620 or (better!) the server, would be a better option, but would cost some money.

I've seen legacy networks brought into a router port with a dozen secondary interfaces.  I don't recommend this (I didn't create that mess), but it can be done....

Interestingly enough.. I finally had a chance to work on this..
I got the ip added to the eo/o as a secondary...  the subnet was 255.255.255.248 the primary ip subnet is 255.255.255.0 (dont think that should matter)  but when I added it I was able to ping the ip that I just added from telnet session but I was not able to ping another ip in the 248 subnet which I am sure is on the same physical subnet.. any ideas why?

Thanks

because the router doesn't echo packets out the same interface as though they were routed.  No one-armed routers :)

What?

I could not ping the host on the same subnet...

Here is what I am trying to do..

I have two ip subnets on the same physical subnet.  The second has only two ips in it.. one is the address for the router and the other is the address of another host in the same physical subnet.. I need to pass traffic through the one E0/0 for both ip subnets.. can this be done?

A qualified yes.  I don't think you can pass traffic from one subnet to the next on the same physical interface asyou have it set up with secondary IP. Essentially you are trying to make a one-armed router.  By definition a router either drops a packet or routes it out a new port.  it doesn't echo the packet back to its source physical network.

even if the logical subnet is different...

Primary IP 10.1.1.1 255.255.255.0
Secondary 10.2.1.1 255.255.255.248

Cant route from the .2 to the .1 and back and forth?

Earlier JonSh you said

•There might not be enough host addresses for a particular network segment. For example, suppose your subnetting allows up to 254 hosts per logical subnet, but on one physical subnet you must have 300 host addresses. Using secondary IP addresses on the routers or access servers allows you to have two logical subnets using one physical subnet.

How would you route between the two subnets if you cant echo packets back out?  Because when your machine sees that the requested ip is not in its subnet it is going to the next hop... and if the request is in the second subnet which you placed on that same e0 then it will need to echo.. right?

Thanks...

Yep - We call it a "One-armed router" and we try to avoid it as often as possible.  You should be able to do it with your Cisco 3620 and IOS, but be careful; it becomes easy to swamp the router when a lot of traffic is crossing that single arm.  Me, I'd buy some extra routers (cheap ones) and build some segmenttion :)