Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1858
Views
1
Helpful
2
Replies

Subinterfaces on NX-OS Ethernet Interfaces

Go to solution
j.a.m.e.s
Level 4
Level 4

‎09-03-2018 03:52 AM - edited ‎03-08-2019 04:03 PM

Could anyone assist with the following queries around sub-interfaces please? I ask specifically about the N9K platform.

 

1. When creating a sub-interface, do I also have to create an associated L2 vlan to match the .1q tag?

vlan 500 <-- needed or not ?
 name 10.0.0.0/24
interface Eth1/1.1
 no switchport
 encapsulation dot1q 500
 ip address 10.0.0.254/24

2. Are the dot1q tags locally significant to the interface, or are the following sub-interfaces both part of the same broadcast domain?

interface Eth1/1.1
 no switchport
 encapsulation dot1q 500
 ip address 10.0.0.254/24
interface Eth1/5.1
 no switchport
 encapsulation dot1q 500
 ip address 10.0.0.1/24

3. How about the following, are these in the same broadcast domain?

vlan 500
 name 10.0.0.0/24
inter vlan 500 <--- SVI
 ip address 10.0.0.1/24
inter Eth1.1.1 <--- SubIF with .1q tag 500
 no switchport
 encapsulation dot1q 500
 ip address 10.0.0.254/24

4. I can see that port-channels support sub-interfaces and VPC now supports route-peering over a VPC with the "layer3 peer-router command". Would VPC support the use of subinterfaces with IP addresses or does it expect the use of trunked VLANs and SVIs to peer with?

 

Thank you in advance for any assistance on these queries. The N9K interfaces configuraiton guide doesn't address the above.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎09-03-2018 01:13 PM

Hi James,

You have a very nice set of questions at hand!

1. When creating a sub-interface, do I also have to create an associated L2 vlan to match the .1q tag?

No. The subinterface's encapsulation dot1q command is entirely sufficient. A VLAN created using the vlan vlan-id command is entirely independent from any VLAN on any routed subinterface.

2. Are the dot1q tags locally significant to the interface, or are the following sub-interfaces both part of the same broadcast domain?

They are locally significant. Each routed subinterface fully terminates the respective VLAN and does not allow it to "span deeper" into or across the switch; the VLAN ends right there, on the subinterface itself.

3. How about the following, are these in the same broadcast domain?

No, they are not. The L2 VLAN created by vlan 500 is only relevant to switchports (L2 interfaces). Routed subinterfaces are entirely independent of this VLAN, even if configured with encapsulation dot1q 500

4. I can see that port-channels support sub-interfaces and VPC now supports route-peering over a VPC with the "layer3 peer-router command". Would VPC support the use of subinterfaces with IP addresses or does it expect the use of trunked VLANs and SVIs to peer with?

vPC is a Layer2 technology, and will very likely remain a Layer2 technology only. The layer3 peer-router command is only a hack around the TTL manipulation of packets routed across the peer-link, but does not change the underlying nature of vPC which remains Layer2. You cannot configure a routed (no switchport) Port-channel as a vPC. Consequently, with vPC, the only option is to go for a set of SVIs on both vPC peers.

Please feel welcome to ask further!

Best regards,
Peter

View solution in original post

2 Replies 2

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎09-03-2018 01:13 PM

Hi James,

You have a very nice set of questions at hand!

1. When creating a sub-interface, do I also have to create an associated L2 vlan to match the .1q tag?

No. The subinterface's encapsulation dot1q command is entirely sufficient. A VLAN created using the vlan vlan-id command is entirely independent from any VLAN on any routed subinterface.

2. Are the dot1q tags locally significant to the interface, or are the following sub-interfaces both part of the same broadcast domain?

They are locally significant. Each routed subinterface fully terminates the respective VLAN and does not allow it to "span deeper" into or across the switch; the VLAN ends right there, on the subinterface itself.

3. How about the following, are these in the same broadcast domain?

No, they are not. The L2 VLAN created by vlan 500 is only relevant to switchports (L2 interfaces). Routed subinterfaces are entirely independent of this VLAN, even if configured with encapsulation dot1q 500

4. I can see that port-channels support sub-interfaces and VPC now supports route-peering over a VPC with the "layer3 peer-router command". Would VPC support the use of subinterfaces with IP addresses or does it expect the use of trunked VLANs and SVIs to peer with?

vPC is a Layer2 technology, and will very likely remain a Layer2 technology only. The layer3 peer-router command is only a hack around the TTL manipulation of packets routed across the peer-link, but does not change the underlying nature of vPC which remains Layer2. You cannot configure a routed (no switchport) Port-channel as a vPC. Consequently, with vPC, the only option is to go for a set of SVIs on both vPC peers.

Please feel welcome to ask further!

Best regards,
Peter

Go to solution
j.a.m.e.s
Level 4
Level 4
In response to Peter Paluch

‎09-04-2018 12:48 AM

An awesome response...thank you Peter.

Regards
James
0 Helpful
Customers Also Viewed These Support Documents