[c-nsp] RE: VLAN subinterfaces on 7609 Router

Jay Ford jay-ford at uiowa.edu
Thu Mar 3 19:22:16 EST 2005 

On Wed, 2 Mar 2005, Michael Loftis wrote:
> Hummm...maybe it was incident that it was working in the shop here.  I
> can't recall at what point we used it, but it just seems stupid that it
> wouldn't work....there again it's reasons like this that have slowly driven
> us away from Cisco.
>
> So it sounds like this is one of Cisco's lovely unsupported but what is
> often common configuration.  Hell I couldn't get by w/o a configuration
> like that here.

Yes, the lack of support for sub-ints is very annoying.  I told my local
Cisco people that I was not pleased with losing this & other functionality
when "upgrading" from an old 7513 to a new 6500+720.

Note that the box does let you configure the sub-ints, even though they don't
completely work.  For me the packets seemed to get correctly shuffled, but
SNMP stats were trash.  The official Cisco answer was (as has been discussed
here) that sub-ints are only supported for MPLS on WAN-type (OSM & perhaps
FlexWAN) interfaces, not on "normal" LAN interfaces.  The supported
alternative is to make the interface a "switchport" & define VLAN interfaces
for what would have been the sub-ints:
   vtp mode transparent
   !
   vlan 666
    name vlan_whatever
   !
   vlan 667
    name other_vlan
   !
   interface GigabitEthernet1/1
    description tagged external link
    no ip address
    switchport
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 666,667
    switchport mode trunk
   !
   interface Vlan666
    description what should have been sub-int GigabitEthernet1/1.666
    <ip... config>
   !
   interface Vlan667
    description what should have been sub-int GigabitEthernet1/1.666
    <ip... config>

This is almost a replacement, & the stats do seem to work.  However, it's
way kludgier than the sub-int version:
   interface GigabitEthernet1/1.666
    description uiowa-iastate via ICN GigEther
    encapsulation dot1Q 666
    <ip... config>
   !
   interface GigabitEthernet1/1.667
    description uiowa-ICN for commodity Internet via ICN GigEther
    encapsulation dot1Q 667
    <ip... config>

It also has the major downside of losing the ability to do .1q tagging on a
link without any other visibility inside the box.  I just want a tagged
external link, but Cisco makes me drag in box-wide VLAN numbers & potential
inter-port layer-2 switching & crap to get it.  Argh!

________________________________________________________________________
Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: jay-ford at uiowa.edu, phone: 319-335-5555, fax: 319-335-2951

More information about the cisco-nsp mailing list