cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4570
Views
20
Helpful
5
Replies

subinterfaces on ISR1111 under SD-WAN

agredanoen
Level 1
Level 1

Hi experts,

 

is it possible to create sub-interfaces on ISR-1111 for LAN ports using vManage?

 

If so, could someone could share a document or link where it states how this is accomplished?

 

Hope you can help

 

Thanks in advance

 

Best Regards

 

Enrique Agredano

5 Replies 5

rbncarvalho
Level 1
Level 1

Hi agredanoen

 

You can setup subinterfaces in that router.

 

The process depends if you have CLI mode or vManage mode. If it's CLI then just create it as before on regular IOS.

 

If it's vManage you need this.

  • Create a feature template - WAN Edge Interface -for the parent interface, say, GigabitEthernet0/0/0 and place it under VPN0 section on the Device Template
    • The feature template for this interface only needs interface naming and no shut, you may want to change the MTU over to 1504, since this interface will need to accommodate the additional 4 Byte from the VLAN Tag.
  • Then create another feature template for the Subinterface - WAN Edge Interface - GigabitEthernet0/0/0.100, make all the configurations you'll do to a regular interface.
    • Apply this feature template to the VPN0 as well.

Some notes, don't forget to change MTU, either raise the value on the parent interface, or lower the value on the subinterface, also interface names are case sensitive, you need to make sure that the naming is exactly what the router has.


The router will then create the subinterface, no shut the parent interface, and then it will create the Tunnel interface that matches the subinterface naming, here's an example:

 

interface GigabitEthernet0/0/0
no shutdown
arp timeout 1200
no ip address
ip redirects
ip mtu 1500
mtu 1500
negotiation auto
exit
!
interface GigabitEthernet0/0/0.4030
no shutdown
encapsulation dot1Q 4030
ip address x.x.x.x 255.255.255.0
ip mtu 1460
exit
!
interface GigabitEthernet0/0/0.900
no shutdown
encapsulation dot1Q 900
ip address y.y.y.y 255.255.255.224
ip mtu 1460
ip nat outside
exit
!
interface Tunnel900000
no shutdown
ip unnumbered GigabitEthernet0/0/0.900
no ip redirects
ipv6 unnumbered GigabitEthernet0/0/0.900
no ipv6 redirects
tunnel source GigabitEthernet0/0/0.900
tunnel mode sdwan
exit
!
interface Tunnel4030000
no shutdown
ip unnumbered GigabitEthernet0/0/0.4030
no ip redirects
ipv6 unnumbered GigabitEthernet0/0/0.4030
no ipv6 redirects
tunnel source GigabitEthernet0/0/0.4030
tunnel mode sdwan
exit
!
Branch-03#show sdwan control local-properties
<snip>
PUBLIC PUBLIC PRIVATE PRIVATE PRIVATE MAX RESTRICT/ LAST SPI TIME NAT VM
INTERFACE IPv4 PORT IPv4 IPv6 PORT VS/VM COLOR STATE CNTRL CONTROL/ LR/LB CONNECTION REMAINING TYPE CON
STUN PRF
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
GigabitEthernet0/0/0.4030 x.x.x.x 12426 x.x.x.x :: 12426 1/0 mpls up 2 no/yes/no No/No 0:00:00:14 0:08:02:14 N 5
GigabitEthernet0/0/0.900 y.y.y.y 12346 y.y.y.y :: 12346 1/1 public-internet up 2 no/yes/no No/No 0:00:00:10 0:07:11:20 N 5

 

Please rate helpful posts

Mark as solution if it helped you

 

Best Regards, 

Best Regards,
Please rate helpful posts,

Ruben Carvalho CCIE#57952

Hi rbncarvalho



Thanks for your reply,



I am actually looking for such procedure but for LAN connections, which i understand involves SVI interfaces



Would the procedure you kindly shared still applies for LAN ports?



Thanks again



Enrique


Hey,

 

yes it will apply to Lan Ports, also reg the above post, as far as I remember, you have to adjust MTU by decreasing 4 bytes to accomodate Vlan not increase it, just cross check on that.

 

Thanks,

Tushar Gaba

to connect the ISR1111-4P with 2 MPLS links and use HA with TLOC Layer 2, I need 4 interfaces. How can I do if the ISR1111 has only 2 WAN interfaces

You can use 2 WAN ports for MPLS, 1 LAN port for TLOC and 1 LAN port for LAN.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: