The secondary IP address feature allows addresses from multiple subnets to be configured under the same interface simultaneously, which can be useful typically on a LAN segment under various circumstances. When secondary IP addresses are used, there might be issues advertising that prefix over the primary network and vice-versa under the same interface, since different routing protocols behave differently with secondary addresses.
When Routing Information Protocol (RIP) or Interior Gateway Routing Protocol (IGRP) are used as the routing protocol, enabling split horizon prevents the network of the secondary addresses from being advertised over the primary network.
Enhanced Interior Gateway Routing Protocol (EIGRP) can form neighbor relationship using only the primary address, and the rule of split-hozizon also applies to EIGRP.
Open Shortest Path First (OSPF) can also form adjacency only over the primary network, and it expects both the primary and secondary network to be included under OSPF as part of the same area, since an interface can only belong to one area at a time.
Integrated Intermediate System-to-Intermediate System (IS-IS) uses its own Protocol Data Unit (PDU) and does not rely on IP for exchanging routing protocol information. But, the router receiving the hellos checks if at least one of the IP addresses being received from the neighbor is part of the same subnet as its own configured address. If there are multiple routers on a LAN segment with a primary and secondary network, it must be ensured that the router configured with the secondary address becomes the Designated Intermediate System (DIS) for that segment. Otherwise, it might result in inconsistent topology description, as some routers do not accept certain other routers as neighbors since they are not part of the same subnet, and each set of routers has its own view of which is the DIS and how they are connected.
To disable split horizon for RIP and IGRP, issue the no ip split-horizon eigrpas-number command under the interface on which secondary addresses are configured. The routes that are advertised also depend on whether the subnets of the primary and secondary addresses belong to the same major network or a different one.
For EIGRP, make sure that both the primary and secondary networks are included under the routing process by issuing the networkip-address [subnet-mask] command. Since the split horizon rule applies to EIGRP also, disable it by issuing the no ip split-horizon eigrpas-number command under the interface on which secondary addresses are configured.
For OSPF, ensure that both the primary and secondary network are included under the routing process and configured to be part of the same area by issuing the network ip-address wildcard-mask area area-id command.
For ISIS, make sure that the router configured with secondary address is elected as the DIS by increasing its interface priority by issuing the isis prioritynumber-value [level-1 | level-2] command under the interface configuration mode.
Hi team, I have a doubt between doing a PC and also a VPC, i mean, we have 2 LEAFs (101 and 102).Those leafs have 2 physical link (PC) to a device.Also, we would like to create a logical group (VCP) with these 2 PC, x1 of 101 and x1 of 102.But, how w...
Hello, I am facing an odd problem with the router being overwhelmed with even a small ddos towards a host and not directly towards the router which would somewhat make more sense. For example with 250.000 flows synflood with around 800k packets ...
Hello Team, i know Licenses are managed as smart licenses from Cisco IOS XE Fuji 16.9.1 and later. Right-to-Use licenses are deprecated from Cisco IOS XE Fuji 16.9.1. But this is not Fuji IOS and it is Gibraltar.. s...
Hello I have to establish an optical link with the traffic to be encrypted between two switches WS-C3850-48T and WS-C2960X-24PS-L. According to the specification, 2960 switches do not support MACSec. So, if there is any possibility for L2 e...
Hello everyone.I'm new to the Cisco U community. I heard about Cisco U on the Cisco Meraki community.So I have a Meraki Mx84 and Mx64, I would like to integrate Cisco U as my DNS. how to do it?thank you for everythingCisco U and Meraki Mx