On a cisco 2821 running 15.1(3)T1
From this cisco DOC, common use of secondary IP addresses on an interface are
•
There might not be enough host addresses for a particular network segment. For example, suppose your subnetting allows up to 254 hosts per logical subnet, but on one physical subnet you must have 300 host addresses. Using secondary IP addresses on the routers or access servers allows you to have two logical subnets using one physical subnet.
•Many older networks were built using Level 2 bridges, and were not subnetted. The judicious use of secondary addresses can aid in the transition to a subnetted, router-based network. Routers on an older, bridged segment can easily be made aware that many subnets are on that segment.
•Two subnets of a single network might otherwise be separated by another network. You can create a single network from subnets that are physically separated by another network by using a secondary address. In these instances, the first network is extended, or layered on top of the second network. Note that a subnet cannot appear on more than one active interface of the router at a time.
On the WAN interface I've added two Secondary Public IP's (from the same subnet) to use for NAT to internal hosts. Is this a common scenario or is there a more typical way to acheive this. This assumes, I do not want to put a Public IP on an interface on the internal server.
interface GigabitEthernet0/1
description WAN$ETH-WAN$
ip address x.x.x.1 255.255.255.240
ip address x.x.x.2 255.255.255.240 secondary
ip address x.x.x.3 255.255.255.240 secondary
permit tcp any host x.x.x.2 eq smtp
permit tcp any host x.x.x.3 eq smtp
ip nat inside source static tcp 192.168.10.2 25 x.x.x.2 25 extendable
ip nat inside source static tcp 192.168.10.3 25 x.x.x.3 25 extendable
Thanks,
Dan Foxley
