Secondary address range

Hello

The network I've inherited has the following:

interface Vlan7
 ip address 192.168.125.10 255.255.255.0 secondary
 ip address 192.168.7.13 255.255.255.0
 ip route-cache same-interface


My question is: Even tho they are non-contiguous, from a routing view aren't they
within the same subnet and therefore not necessarily need a router to communicate between devices, one using .7 and the other using .125??
s_coad5Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gmbaxterCommented:
they are separate class C networks:

192.168.125.10/24
192.168.7.13/24

If they were sub-netted with /16, they would then be within the same network.
s_coad5Author Commented:
Hmm

Vlans are logical subnet, so two seperate ip ranges under 1 Logical subnet seems
confusing. The switches only have Vlan 7 on trunks, but the .125 network is up and running.

It wasn't until the default gate-way was admin downed, that we noticed that we could not ping between the 2 ranges.

Seems odd!
s_coad5Author Commented:
Servers on .7 network cannot ping servers on .125 network. Since both are on same vlan It's not like I can add the 125 vlan to trunk. I imagine I will need to breakup the Vlan 7 and create a new Vlan 125, then add vlan 125 to trunks.
Defend Against the Q2 Top Security Threats

Were you aware that overall malware worldwide was down a surprising 42% from Q1'18? Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that analyzes the top threat trends impacting companies worldwide. Learn more by viewing our on-demand webinar today!

s_coad5Author Commented:
Is there a way to adda static in oder for this communication between .7 and .125 to work in the mean time?
pwindellCommented:
1. The only way the two ranges can communicate is by having a real LAN Router to route between them.  As far as the Server itself,...they are both on the same Nic,...so hitting the server on one IP is the same as hitting it on the other IP,...they both "ARP" back to the same MAC,...and in reality,...it is the MAC that machines actually communicate over,..not the IP#.

2. Fundamentally,...what you have,...from the beginning,...is just plain "BAD".   You need to find out why this was done in the first place and then find a more proper way to deal with the situation (whatever in the world that situation was) so that you no longer have this kind of network setup.   You need to get rid of it so that you have a normal IP Config,...that is ultimately the proper solution to the whole situation.
s_coad5Author Commented:
I agree it is "Bad". So, the only way to rectify this is to remove the secondary ip off current vlan 7 and then create new vlan 125 makiing sure this new vlan is trunked etc...?
pwindellCommented:
I agree it is "Bad". So, the only way to rectify this is to remove the secondary ip off current vlan 7 and then create new vlan 125 makiing sure this new vlan is trunked etc...?

I can't really answer that.  You have to find out why someone did it that way in the first place,...and then change the circumstances of the environment so that doing such a thing is no longer required.  You can't just get rid of it without knowing what you might break if you did so.
s_coad5Author Commented:
Ok

After some investigation, I contacted designers of this network. They stated the following:

"The secondary IP address was configured because of how the network was configured "before" the Cisco switches were installed.
Prior to the Cisco switch installation there was a single logical and physical network segment with devices in either the 192.168.125.0 "OR" the 192.168.7.0 subnets.
 
The AT&T router at Data Center was actually configured with the multiple secondary IP Subnets. After discovering this, we added the Secondary interface on the
“DataCenter_3750G-Internet” switch.


The reason the “DataCenter_3750G-Internet” switch has Secondary IP Address included is because:

Prior to our engagement, additional IP address space was needed and the existing switch infrastructure was not able to be configured with multiple VLANs.
During the night of the installation, with the time available, we could not identify every end-device with a 192.168.125.X IP address down to the switchport level,
create a new VLAN and assign all of the end-devices to the new VLAN.

The secondary IP address was configured on the switch to hopefully achieve higher throughput than low end AT&T router"

Based on this, would it be ok to remove the .125 range and create a new vlan for it?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
s_coad5Author Commented:
thanx
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Management

From novice to tech pro — start learning today.