I have a netvanta 3140 with some pretty hefty config. I inherited this, but I think one of my secondary public IPs Subnet is wrong. My main subnet is x.x.x.x 255.255.255.240 mask. All of the secondary IPs (which are in the useable block) are set as x.x.x.x 255.255.255.255 mask. to me this means that that interface has only ONE IP. One of my secondary IPs has a mask of 255.255.255.240. I cannot ping this address and hosts with same configs don't work on this interface. I can post examples but I have gone over the ACL and policies a LOT. Since I don't seem to be able to edit this secondary IP in the GUI, if I delete it will the router delete all policies and acls associated with it? It looks like I have to delete it and then re-add it...
Here's my pertinent config...
Thanks!
The router should not delete the policies associated with it. A workaround would be to add a new secondary IP with a 255.255.255.255 mask and then delete the one with the 255.255.255.240 mask. Making this change may be easier with the CLI than with the GUI.
As a rule, there are two reasons for using a secondary interface on a router. One would be for the device to respond directly to more than one IP within the subnet of the primary IP. These should be done with a /32 mask, 255.255.255.255. The other reason would be if more than one subnet exists on the wire, in which case the mask should match that of the other devices on the link.
I like to use individual Loopback IP's instead of secondary IP's