Configuring Layer 3 Subinterfaces

This module describes how to configure the dot1q VLAN subinterfaces on a Layer 3 interface, which forwards IPv4 and IPv6 packets to another device using static or dynamic routing protocols. You can use Layer 3 interfaces for IP routing and inter-VLAN routing of Layer 2 traffic.

Restrictions for Configuring Layer 3 Subinterfaces

  • This feature is not supported on the C9500-12Q, C9500-16X, C9500-24Q, C9500-40X models of the Cisco Catalyst 9500 Series Switches.

  • Subinterfaces cannot be created on Layer 3 EtherChannels.

  • Subinterfaces are not supported on StackWise Virtual Link (SVL) .

  • Subinterfaces with Software-Defined Access (SD-Access) and Multiprotocol Label Switching (MPLS) are not supported.

  • You cannot configure more than 4,000 Layer 3 VLAN interfaces. The sum of all the routed interfaces, SVI interfaces and subinterfaces should be equal to 4000 or less.

  • Do not configure encapsulation on the native VLAN of an IEEE 802.1Q trunk without the native keyword. Always use the native keyword of the dot1q vlan command when the VLAN ID is the ID of the IEEE 802.1Q native VLAN.

  • If you configure normal-range VLANs on subinterfaces, you cannot change the VLAN Trunking Protocol (VTP) mode from Transparent.

Information About Layer 3 Subinterfaces

A dot1q VLAN subinterface is a virtual Cisco IOS interface that is associated with a VLAN ID on a routed physical interface. A parent interface is a physical port. Subinterfaces can be created only on Layer 3 physical interfaces. A subinterface can be associated with different functionalities such as IP addressing, forwarding policies, Quality of Service (QoS) policies, and security policies.

Subinterfaces divide the parent interface into two or more virtual interfaces on which you can assign unique Layer 3 parameters such as IP addresses and dynamic routing protocols. The IP address for each subinterface should be in a different subnet from any other subinterface on the parent interface.

You can create a subinterface with a name that consists of the parent interface name (for example, HundredGigabitEthernet 1/0/33) followed by a period and then by a number that is unique for that subinterface. For example, you can create a subinterface for HundredGigabitEthernet interface 1/0/33 named HundredGigabitEthernet 1/0/33.1, where .1 indicates the subinterface.

One of the uses of subinterfaces is to provide unique Layer 3 interfaces to each VLAN that is supported by the parent interface. In this scenario, the parent interface connects to a Layer 2 trunking port on another device. You can configure a subinterface and associate the subinterface to a VLAN ID using 802.1Q trunking.

You can configure subinterfaces with any normal range or extended range VLAN ID in VLAN Trunking Protocol (VTP) transparent mode. Because VLAN IDs 1 to 1005 are global in the VTP domain and can be defined on other network devices in the VTP domain, you can use only extended range VLANs with subinterfaces in VTP client or server mode. In VTP client or server mode, normal-range VLANs are excluded from subinterfaces.

Use bridge groups on VLAN interfaces (also called fall-back bridging) to bridge nonrouted protocols. Bridge groups on VLAN interfaces are supported on the route processor (RP) software.

You can configure the same VLAN ID on a Layer 2 VLAN or Layer 3 VLAN interface and on a Layer 3 subinterface.

The following features and protocols are supported on Layer 3 subinterfaces:

  • Addressing and routing—IPv4 and IPv6.

  • Unicast routing—Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), Routing Information Protocol (RIP), Border Gateway Protocol (BGP), and static routing.

  • Multicast routing—Internet Group Management Protocol (IGMP), Protocol-Independent Multicast Sparse Mode (PIM-SM), and Source Specific Multicast (SSM).

  • First-Hop Redundancy Protocol (FHRP) protocols—Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), and Gateway Load Balancing Protocol (GLBP).

  • Bidirectional Forwarding Detection (BFD), Unicast Reverse Path Forwarding (uRPF), and Equal-Cost Multipath (ECMP).

  • Maximum transmission unit (MTU) and IPv4 fragmentation.

  • Virtual routing and forwarding (VRF) lite.

  • Router access control list and policy-based routing (PBR).

  • Quality of Service (QoS)—Marking and policing.

  • Services—Network Address Translation (NAT) IPv4, Security Group Access Control List (SGACL) enforcement, DHCP Server/Relay, SGT Exchange Protocol (SXP), and NetFlow.

How to Configure Layer 3 Subinterfaces

You can configure one or more subinterfaces on a routed interface. Configure the parent interface as a routed interface.

Procedure

  Command or Action Purpose
Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode. Enter your password, if prompted.
Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.
Step 3

interface {type switch / slot / port.subinterface}

Example:

Device(config)# interface HundredGigabitEthernet 1/0/33.201

Selects an interface and enters subinterface configuration mode. (To remove an interface, use the no form of this command.)

Step 4

encapsulation dot1q vlan-id [native]

Example:

Device(config-subif)# encapsulation dot1q 33 native

Configures 802.1Q encapsulation for the subinterface. The range is from 1 to 4000. (To remove 802.1Q encapsulation for the subinterface, use the no form of this command.)

Step 5

end

Example:

Device(config-subif)# end

Exits subinterface mode and returns to privileged EXEC mode.

Example: Configuring Layer 3 Subinterfaces

This example shows how to configure subinterfaces on layer 3 interfaces:

Device> enable
Device# configure terminal
Device(config)# interface HundredGigabitEthernet 1/0/33.201
Device(config-subif)# encapsulation dot1q 33 native
Device(config-subif)# end

Feature Information for Layer 3 Subinterfaces

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1. Feature Information for Layer 3 Subinterfaces

Feature Name

Releases

Feature Information

Layer 3 Subinterfaces

Cisco IOS XE Gibraltar 16.10.1

Layer 3 interfaces forward IPv4 and IPv6 packets to another device using static or dynamic routing protocols. You can use Layer 3 interfaces for IP routing and inter-VLAN routing of Layer 2 traffic.