Jon Marshall Thu, 11/01/2007 - 08:05
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Vlan interfaces are generally used for management on switches. Loopbacks are often used for management on routers. That's the primary difference.


Jon

paul.matthews Thu, 11/01/2007 - 08:57
User Badges:
  • Silver, 250 points or more

It has long been recommended that a loopback address be used for management on routers. The thinking behind that is that if there is any way to your router you can get to the loopback - if you used a real interface address if that was the interface that was down, you would lose access.


With switches, there is a degree of separation between physical interface state and vlan interface state, so that position does not stand the same.


The main reason for using a loopback on a switch as the management address is that it would fall in line with a simple policy "we always use lo0 as management, lo1 - 9 as tunnel end points" sort of thing, and there is no need to modify the policy for routers or switches, and standard security configs may be a little easier.

carl_townshend Mon, 11/05/2007 - 03:20
User Badges:

what kind of address would we put on the loopback, would it be the same as the ethernet address of the lan connected ?

paul.matthews Mon, 11/05/2007 - 08:37
User Badges:
  • Silver, 250 points or more

It would normally be a different address than on any interface!


To a degree it woul depend upo other uses for loop[back addresses. If purely for management, I would use a pool of management addresses, and allocate a single address for each device's loopback address, configured with a /32 mask, and advertised as such.

nicolas.vallot Thu, 11/22/2007 - 16:17
User Badges:

Hi,


If you assign a /32 address to a loopback interface, how can you connect to that interface ?

What address do I need to set on a lapop that I connect to that switch ?


Cheers


Jon Marshall Fri, 11/23/2007 - 00:37
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi Nicholas


You need to make sure that /32 address is advertised in your routing protocol.


On the laptop you should set your default-gateway to the L3 interface for your subnet eg


router interface fa0/0 192.168.5.1 255.255.255.0


or if on L3 switch


int vlan 10

ip address 192.168.5.1 255.255.255.0


laptop

IP 192.168.5.10

Default-gateway 192.168.5.1


if the loopback is on the L3 switch/router where your laptops default-gateway is located then it should just work.


If the loopback is on a different device as i say you will need to either have static routes on your L3 switch/router or use a routing protocol.


HTH


Jon

nicolas.vallot Thu, 11/29/2007 - 12:48
User Badges:

Hi Jon,


Thanks for the detailed answer, I have chosen for the easiest solution, include the loopback network in the routing protocol.


It works like a charm.


Thanks again

Actions

This Discussion