You would use the sub-interfaces (Fa0/0.1, Fa0/0.2) if you had multiple VLANs on a switch. I don't think the secondary IP is used much. Also as I remember it the secondary IP is there for the traffic to route to but the primary IP is actually the one recognized if that makes sense. If you use the secondary IP for your second VLAN it shouldn't work because when you are doing those sub interfaces you will be defining the encapsulation as well which should match up to a VLAN on your switch.
thanks for the answer.
When I'm understanding correctly, than is the sub-interface command for connecting differnet VLANs to one Ethernet port on the router. And the alternative to configure a secondary IP address is an "old" method which is not used very often today.
Adding the sub interfaces is referred to as router on a stick. That is what you should be familiar with for the CCNA. The secondary IP I'm sure has many applications, I just haven't come across many. At a previous job we used it to change from 192.168.x.x to 10.x.x.x subnets. That way we could configure the equipment ahead of time before we went onsite to do the swap. That way we could changover the live network and not have as many issues.
Secondary IP address simply associates another IP range to the same Layer 2 VLAN. Nothing more, nothing less. For IPv4, only primary addresses participate in routing, are advertised, etc. Quick and dirty way to add IPs to a VLAN. Not recommended.
Dot1q is an encapsulation used for trunking, and is typically seen on routers only when setup for VRF or Router-On-A-Stick. You can break-out a physical interface to multiple sub-interfaces which are treated as separate networks from a logical perspective.
I don't get this part of your post "For IPv4, only primary addresses participate in routing, are advertised, etc."
Let's say I have the following configuration:
ip address 192.168.100.1 255.255.255.0
ip address 10.10.10.1 255.255.255.0 secondary
router ospf 10
net 192.168.100.0 0.0.0.255 area0
net 10.10.10.0 0.0.0.255 area0
What you mean is the network 10.10.10.0/24 does not participate in OSPF?
that is a quite good question ..
i'll tell you my belief
if i have multiple subnets connected to a switch let's say 192.168.1.0/24 and 10.10.10.0/24
and i have only 1 router with 1 interface, and i need to set it as a default gateway to the 2 networks, wht should i do ?
i'll implement secondry ip address or subinterfaces .. both are okay with this ..
but what if those 2 networks where mapped to Vlan 10 and Vlan 20 ?
will the secondary address automatically work as gateway for vlan in the same subnet and the primary address work as gateway for vlan in its subnet ?
The answer is NO because there is a single ACCESS link between the router and the swich and the ACCESS link carries only one Vlan ..
so the solution is to turn this single link to the TRUNK mode on the switch and to the dot1.Q encapsulation mode on the router ..
but the command "Encapsulation dot1.Q <vlan id>" is not a valid command on the main interface .. you can implement the dot1.q encapsulation only on subinterfaces ..
so if you've vlans .. you are obligated to the subinterfaces to be able to implement the dot1.Q encapsulation method so you can use the single link for multiple vlans traffic
if they are just 2 subnets in the same default vlan then you've the choice to use subinterfaces technique or the secondary ip technique and recommende to use subinterfaces