07-25-2007 10:14 AM - edited 03-05-2019 05:29 PM
Hello.
I'm a bit new here, and I'm not quite sure where to post this. I have a 7206vxr router, and a lot of catalyst switches. I have a management net consisting of 64 addresses. 90.xxx.85.0/255.255.255.192. It's routed to the internet as well. (through the 7206) My problem is the 7206 router. I've made a loopback interface with the IP of 90.xxx.85.20 with a subnet mask of 255.255.255.255. when i run no shut on interface loopback0, I can't get hold of anything on the outside of the 7206 (e.g. The Internet).
no fancy configuration on the loopback, just this:
interface loopback0
ip address 90.xxx.85.20 255.255.255.255
This is of course, an available ip address in my range.
The only extra route info on this subnet (except the default route) is this line:
ip route 90.xxx.85.0 255.255.255.192 90.xxx.90.2
90.2 is a pix.
Anyone with a clue to what happens when i activate the subinterface loopback0?
07-25-2007 03:04 PM
You are blackholing the internet routes. You shouldn't assign an IP to the loopback address that overlaps with a subnet that is part of the routing table.
07-25-2007 04:43 PM
Hi Edison but if we see the highest bit match theory pertaing to ip route so it should not bother us here.
like i suspect if see the ip route the there will be host root for the loopback ip and a static route for that 90.x.x.x network.
just my comments. Thanks EM-
07-26-2007 05:31 AM
Edison:
That's what I was afraid of, there are no routing protocols involved, so it should be pretty straightforward.
ephraim_mani:
Uh, my english is not very good, I didn't quite catch the essence of your post, but I'll post the info on 'sh ip route' that concerns this:
90.xxx.90.0/30 is directly connected, FastEthernet3/0.104
S 90.xxx.85.0/26 [1/0] via 90.xxx.90.2
Thanks,
\\markraves
07-26-2007 06:57 AM
Mark,
Based on the ip route you just posted, this should work as there isn't any overlap.
I guess I didn't understand your question well, can you post the router config - with the loopback configured and without ?
07-26-2007 10:14 AM
Hello,
Um, I can post the router config without.. I'm sitting now 30miles from the location, and I have no other way inside than through the management net. So if I bring up the loopback, I get thrown out. I'll post the config as it is today: (edited out customers, dhcp pools)
The loopback here works from inside the 90.xxx.85.0, but It's crummy to have it outside the net where everything else is. I was hoping to get it in the 90.xxx.85.0/26 net.
router#sh run
Building configuration...
Current configuration : 19423 bytes
!
! Last configuration change at 08:24:47 CEST Tue Jul 3 2007
! NVRAM config last updated at 18:47:06 CEST Thu Jul 12 2007
!
version 12.3
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname router
!
boot-start-marker
boot system flash disk0:c7200-js-mz.123-6a.bin
boot system flash slot0:c7200-js-mz.123-6a.bin
boot-end-marker
!
enable secret 5 xxxxxxxxxxxxxxxxxx.
!
clock timezone CET 1
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
no aaa new-model
ip subnet-zero
no ip source-route
!
!
no ip domain lookup
ip domain name somethingorother.com
ip name-server 212.20.193.130
ip name-server 217.68.109.10
no ip dhcp conflict logging
!
ip cef
no vlan accounting
!
!
interface Loopback0
ip address 172.16.16.16 255.255.255.255
!
interface FastEthernet0/0
description ### WAN INTERFACE ###
ip address 90.xxx.95.238 255.255.255.252
no ip redirects
no ip proxy-arp
ip nat outside
no ip route-cache cef
no ip route-cache
duplex full
!
interface FastEthernet3/0
description ### LAN INTERFACE ###
no ip address
no ip redirects
no ip proxy-arp
no ip route-cache cef
no ip route-cache
duplex full
!
interface FastEthernet3/0.101
description ### Management ###
encapsulation dot1Q 101
no ip route-cache
!
interface FastEthernet3/0.104
description ###FIREWALL-PIX###
encapsulation dot1Q 104
ip address 90.xxx.90.1 255.255.255.252
no ip redirects
no ip proxy-arp
no ip route-cache
!
!
ip nat pool ADSL-NAT-POOL 90.xxx.95.238 90.xxx.95.238 netmask 255.255.255.252
ip nat inside source list 8 pool ADSL-NAT-POOL overload
ip classless
ip route 0.0.0.0 0.0.0.0 90.xxx.95.237 name DEFAULT-GW
ip route 90.xxx.85.0 255.255.255.192 90.xxx.90.2
ip route 90.xxx.90.8 255.255.255.248 90.xxx.90.2
ip route 172.16.16.16 255.255.255.255 Loopback0
ip route 172.16.17.0 255.255.255.0 FastEthernet3/0.102
no ip http server
!
!
access-list 8 permit 172.20.200.0 0.0.0.255
access-list 8 permit 172.20.201.0 0.0.0.255
access-list 8 permit 172.20.202.0 0.0.0.255
access-list 8 permit 172.20.203.0 0.0.0.255
access-list 8 permit 10.0.36.0 0.0.0.255
access-list 8 permit 10.0.34.0 0.0.0.255
access-list 8 permit 10.0.0.0 0.0.0.255
access-list 8 permit 172.16.17.0 0.0.0.255
access-list 101 permit ip 90.xxx.85.0 0.0.0.63 any
access-list 102 permit ip host xx.xxx.57.xxx any
access-list 103 permit icmp 90.xxx.85.0 0.0.0.63 host 172.16.16.16 echo-reply
!!
tftp-server flash:
!
dial-peer cor custom
!
gatekeeper
shutdown
!
ntp clock-period 17180006
ntp update-calendar
ntp server 90.xxx.85.3
!
!
end
07-27-2007 06:52 AM
Based on the config posted, there isn't a reason why it should work.
Can you post the show ip route with the loopback assigned to that network and without it ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: