Solved

Secondary address range

Posted on 2012-03-26
9
334 Views
Last Modified: 2012-05-12
Hello

The network I've inherited has the following:

interface Vlan7
 ip address 192.168.125.10 255.255.255.0 secondary
 ip address 192.168.7.13 255.255.255.0
 ip route-cache same-interface


My question is: Even tho they are non-contiguous, from a routing view aren't they
within the same subnet and therefore not necessarily need a router to communicate between devices, one using .7 and the other using .125??
0
Comment
Question by:s_coad5
  • 6
  • 2
9 Comments
 
LVL 11

Assisted Solution

by:gmbaxter
gmbaxter earned 167 total points
ID: 37765926
they are separate class C networks:

192.168.125.10/24
192.168.7.13/24

If they were sub-netted with /16, they would then be within the same network.
0
 

Author Comment

by:s_coad5
ID: 37766045
Hmm

Vlans are logical subnet, so two seperate ip ranges under 1 Logical subnet seems
confusing. The switches only have Vlan 7 on trunks, but the .125 network is up and running.

It wasn't until the default gate-way was admin downed, that we noticed that we could not ping between the 2 ranges.

Seems odd!
0
 

Author Comment

by:s_coad5
ID: 37766991
Servers on .7 network cannot ping servers on .125 network. Since both are on same vlan It's not like I can add the 125 vlan to trunk. I imagine I will need to breakup the Vlan 7 and create a new Vlan 125, then add vlan 125 to trunks.
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 

Author Comment

by:s_coad5
ID: 37766999
Is there a way to adda static in oder for this communication between .7 and .125 to work in the mean time?
0
 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 333 total points
ID: 37767927
1. The only way the two ranges can communicate is by having a real LAN Router to route between them.  As far as the Server itself,...they are both on the same Nic,...so hitting the server on one IP is the same as hitting it on the other IP,...they both "ARP" back to the same MAC,...and in reality,...it is the MAC that machines actually communicate over,..not the IP#.

2. Fundamentally,...what you have,...from the beginning,...is just plain "BAD".   You need to find out why this was done in the first place and then find a more proper way to deal with the situation (whatever in the world that situation was) so that you no longer have this kind of network setup.   You need to get rid of it so that you have a normal IP Config,...that is ultimately the proper solution to the whole situation.
0
 

Author Comment

by:s_coad5
ID: 37768094
I agree it is "Bad". So, the only way to rectify this is to remove the secondary ip off current vlan 7 and then create new vlan 125 makiing sure this new vlan is trunked etc...?
0
 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 333 total points
ID: 37768327
I agree it is "Bad". So, the only way to rectify this is to remove the secondary ip off current vlan 7 and then create new vlan 125 makiing sure this new vlan is trunked etc...?

I can't really answer that.  You have to find out why someone did it that way in the first place,...and then change the circumstances of the environment so that doing such a thing is no longer required.  You can't just get rid of it without knowing what you might break if you did so.
0
 

Accepted Solution

by:
s_coad5 earned 0 total points
ID: 37771841
Ok

After some investigation, I contacted designers of this network. They stated the following:

"The secondary IP address was configured because of how the network was configured "before" the Cisco switches were installed.
Prior to the Cisco switch installation there was a single logical and physical network segment with devices in either the 192.168.125.0 "OR" the 192.168.7.0 subnets.
 
The AT&T router at Data Center was actually configured with the multiple secondary IP Subnets. After discovering this, we added the Secondary interface on the
“DataCenter_3750G-Internet” switch.


The reason the “DataCenter_3750G-Internet” switch has Secondary IP Address included is because:

Prior to our engagement, additional IP address space was needed and the existing switch infrastructure was not able to be configured with multiple VLANs.
During the night of the installation, with the time available, we could not identify every end-device with a 192.168.125.X IP address down to the switchport level,
create a new VLAN and assign all of the end-devices to the new VLAN.

The secondary IP address was configured on the switch to hopefully achieve higher throughput than low end AT&T router"

Based on this, would it be ok to remove the .125 range and create a new vlan for it?
0
 

Author Closing Comment

by:s_coad5
ID: 37959974
thanx
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Is this network design suitable? 3 80
Wireshark coloring help 4 56
Prevent DDOS attack 16 74
switch design question 6 36
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question