Courseiva
InterfacesInterface Config

ip address [ip] [mask] secondary

Assigns a secondary IP address to an interface, allowing the interface to be reachable on multiple subnets simultaneously.

Syntax·Interface Config
ip address [ip] [mask] secondary

When to Use This Command

  • Connecting a router to a network that has run out of IP addresses in the primary subnet, requiring an additional subnet on the same VLAN.
  • Migrating a network from one IP subnet to another without disrupting connectivity, by adding the new subnet as secondary before removing the old one.
  • Providing redundancy by having two different subnets on the same interface for failover or load balancing.
  • Allowing a router to act as a gateway for multiple subnets on a single physical interface, such as in a multitenant environment.

Command Examples

Assign a secondary IP to GigabitEthernet0/0

interface GigabitEthernet0/0 ip address 192.168.1.1 255.255.255.0 ip address 10.0.0.1 255.255.255.0 secondary
Router(config-if)# ip address 192.168.1.1 255.255.255.0
Router(config-if)# ip address 10.0.0.1 255.255.255.0 secondary
Router(config-if)# end
Router# show ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol
GigabitEthernet0/0         192.168.1.1     YES manual up                    up
GigabitEthernet0/0         10.0.0.1        YES manual up                    up

The first command assigns the primary IP 192.168.1.1/24. The second command adds 10.0.0.1/24 as a secondary IP. The 'show ip interface brief' output shows both IPs on the same interface, both marked as 'up'.

Verify secondary IP configuration

show ip interface GigabitEthernet0/0
GigabitEthernet0/0 is up, line protocol is up
  Internet address is 192.168.1.1/24
  Broadcast address is 255.255.255.255
  Address determined by non-volatile memory
  MTU is 1500 bytes
  Helper address is not set
  Directed broadcast forwarding is disabled
  Secondary address 10.0.0.1/24
  Outgoing access list is not set
  Inbound  access list is not set

The output shows the primary IP under 'Internet address' and the secondary IP listed separately as 'Secondary address'. This confirms both IPs are active on the interface.

Understanding the Output

When using 'show ip interface brief', each secondary IP appears as a separate line for the same interface, with its own IP address and status. The primary IP is listed first, followed by secondary IPs. In 'show ip interface', the primary IP is shown under 'Internet address' and secondary IPs are listed as 'Secondary address' lines. Both IPs must be in different subnets. If the interface is down, both IPs will show as down. A common issue is overlapping subnets between primary and secondary IPs, which IOS will reject with an error message.

CCNA Exam Tips

1.

CCNA exam tip: Secondary IPs are used when you need to have multiple subnets on the same VLAN without using subinterfaces.

2.

CCNA exam tip: The 'secondary' keyword must be used; without it, the command replaces the primary IP.

3.

CCNA exam tip: Secondary IPs are often used in migration scenarios to allow hosts from old and new subnets to coexist.

4.

CCNA exam tip: Remember that secondary IPs do not support DHCP relay; the 'ip helper-address' only works with the primary IP.

Common Mistakes

Mistake: Forgetting the 'secondary' keyword, which overwrites the primary IP and breaks connectivity.

Mistake: Assigning a secondary IP in the same subnet as the primary IP, which IOS rejects with 'overlap error'.

Mistake: Assuming secondary IPs are supported on all interface types; they are not supported on tunnel interfaces or dialer interfaces.

Related Commands

ip address [ip] [mask]

Assigns an IPv4 address and subnet mask to an interface, enabling IP communication on that interface.

show ip interface

Displays the status and configuration of all IP interfaces on a Cisco router, including IP address, protocol status, and interface statistics, used for verifying interface IP configuration and troubleshooting connectivity issues.

show ip interface brief

Displays a summary of all IP interfaces on the device, including their IP address, status, and protocol state, used for quick verification of interface configuration and connectivity.

Practice for the CCNA 200-301

Test your knowledge with hundreds of CCNA practice questions covering all exam domains.

Practice CCNA Questions