Configuring Layer 3 Subinterfaces

This module describes how to configure the dot1q VLAN subinterfaces on a Layer 3 interface, which forwards IPv4 and IPv6 packets to another device using static or dynamic routing protocols. You can use Layer 3 interfaces for IP routing and inter-VLAN routing of Layer 2 traffic.

Restrictions for Configuring Layer 3 Subinterfaces

  • Subinterfaces cannot be created on Layer 3 EtherChannels.

  • Subinterfaces are not supported on StackWise Virtual Link (SVL) system.

  • Subinterfaces with Software-Defined Access (SD-Access) and Multiprotocol Label Switching (MPLS) are not supported.

  • Subinterfaces, physical routed interfaces, and VLAN interfaces share the same hardware resources. The combination of all three interfaces cannot exceed the platform limits.

  • For a given physical interface, only one subinterface can have the encapsulation as native.

  • For a given physical interface, each subinterface should have a unique encapsulation ID.

  • A physical interface cannot be used for Layer 3 services (no IP address configurations are supported on the physical interface) if one of the subinterface is configured as native.

  • Do not configure encapsulation on the native VLAN of an IEEE 802.1Q trunk without the native keyword. Always use the native keyword of the dot1q vlan command when the VLAN ID is the ID of the IEEE 802.1Q native VLAN.

  • If you configure normal-range VLANs on subinterfaces, you cannot change the VLAN Trunking Protocol (VTP) mode from Transparent.

Information About Layer 3 Subinterfaces

A dot1q VLAN subinterface is a virtual Cisco IOS interface that is associated with a VLAN ID on a routed physical interface. A parent interface is a physical port. Subinterfaces can be created only on Layer 3 physical interfaces. A subinterface can be associated with different functionalities such as IP addressing, forwarding policies, Quality of Service (QoS) policies, and security policies.

Subinterfaces divide the parent interface into two or more virtual interfaces on which you can assign unique Layer 3 parameters such as IP addresses and dynamic routing protocols. The IP address for each subinterface should be in a different subnet from any other subinterface on the parent interface.

You can create a subinterface with a name that consists of the parent interface name (for example, GigabitEthernet 1/0/33) followed by a period and then by a number that is unique for that subinterface. For example, you can create a subinterface for GigabitEthernet interface 1/0/33 named GigabitEthernet 1/0/33.1, where .1 indicates the subinterface.

One of the uses of subinterfaces is to provide unique Layer 3 interfaces to each VLAN that is supported by the parent interface. In this scenario, the parent interface connects to a Layer 2 trunking port on another device. You can configure a subinterface and associate the subinterface to a VLAN ID using 802.1Q trunking.

You can configure subinterfaces with any normal range or extended range VLAN ID in VLAN Trunking Protocol (VTP) transparent mode. Because VLAN IDs 1 to 1005 are global in the VTP domain and can be defined on other network devices in the VTP domain, you can use only extended range VLANs with subinterfaces in VTP client or server mode. In VTP client or server mode, normal-range VLANs are excluded from subinterfaces.

You can configure the same VLAN ID on a Layer 2 VLAN or Layer 3 VLAN interface and on a Layer 3 subinterface.

The following features and protocols are supported on Layer 3 subinterfaces:

  • IPv4 addressing and routing.

  • Unicast routing—Open Shortest Path First (OSPF), Border Gateway Protocol (BGP), and static routing.

  • Multicast routing—Internet Group Management Protocol (IGMP), Protocol-Independent Multicast Sparse Mode (PIM-SM), and Source Specific Multicast (SSM).

  • First-Hop Redundancy Protocol (FHRP) protocols—Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), and Gateway Load Balancing Protocol (GLBP).

  • Unicast Reverse Path Forwarding (uRPF), and Equal-Cost Multipath (ECMP).

  • Virtual routing and forwarding (VRF) lite.

  • Router access control list and policy-based routing (PBR).

  • Quality of Service (QoS)—Marking and policing.

  • Services—DHCP Server/Relay and NetFlow.

How to Configure Layer 3 Subinterfaces

You can configure one or more subinterfaces on a routed interface. Configure the parent interface as a routed interface.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. interface {type switch / slot / port.subinterface}
  4. encapsulation dot1q vlan-id [native]
  5. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode. Enter your password, if prompted.
Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.
Step 3

interface {type switch / slot / port.subinterface}

Example:

Device(config)# interface GigabitEthernet 1/0/33.201

Selects an interface and enters subinterface configuration mode. (To remove an interface, use the no form of this command.)

Step 4

encapsulation dot1q vlan-id [native]

Example:

Device(config-subif)# encapsulation dot1q 33 native

Configures 802.1Q encapsulation for the subinterface. The range is from 1 to 4000. (To remove 802.1Q encapsulation for the subinterface, use the no form of this command.)

Step 5

end

Example:

Device(config-subif)# end

Exits subinterface mode and returns to privileged EXEC mode.

Example: Configuring Layer 3 Subinterfaces

This example shows how to configure subinterfaces on layer 3 interfaces:

Device> enable
Device# configure terminal
Device(config)# interface GigabitEthernet 1/0/33.201
Device(config-subif)# encapsulation dot1q 33 native
Device(config-subif)# end

Additional References

Related Documents

Related Topic Document Title

For complete syntax and usage information for the commands used in this chapter.

Command Reference (Catalyst 9400 Series Switches)

Technical Assistance

Description Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/support

Feature History for Layer 3 Subinterfaces

This table provides release and related information for features explained in this module.

These features are available on all releases subsequent to the one they were introduced in, unless noted otherwise.

Release

Feature

Feature Information

Cisco IOS XE Gibraltar 16.10.1

Layer 3 Subinterfaces

Layer 3 interfaces forward IPv4 and IPv6 packets to another device using static or dynamic routing protocols. You can use Layer 3 interfaces for IP routing and inter-VLAN routing of Layer 2 traffic.

Use Cisco Feature Navigator to find information about platform and software image support. To access Cisco Feature Navigator, go to https://cfnng.cisco.com/.