Allocate secondary IP block on physical interface while using VRRP cluster

Hi there,

I'm trying to establish a BGP peering session straight from the external Firewall interface into the Microsoft Edge Routers to establish both a Private and a Microsoft peering session. MS peering requires you to allocate public IP's for this peering to work whilst the Private peering would work with just Private IP addressing.

Is it possible to allocate different IP blocks into the same physical interface for this purpose?

Each MS peering session requires you to allocate a /30 subnet, so the idea would be to allocate two larger /27 IP blocks (one for Private and one for Public) and break these down into individual, smaller /30 subnets for each of the peering sessions that need to be established (I need 4 private peering sessions and 4 public ones). 

We will be using the FWs in VRRP cluster mode since I believe Cluster XL wouldn't allow you to have separe virtual IP subnets off the same physical interface.



Regardless of the clustering mechanism, it is not supported to have multiple subnets configured on the same physical interface.
It's also not considered best practice.
Maybe these IPs could be assigned on the loopback interface?
