Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
729
Views
10
Helpful
7
Replies

Loopback

whinkle
Level 1
Level 1

‎11-01-2007 07:22 AM - edited ‎03-05-2019 07:21 PM

Why use the loopback interface for management as opposed to VLAN1?

Labels:
0 Helpful
7 Replies 7

Jon Marshall
Hall of Fame
Hall of Fame

‎11-01-2007 08:05 AM

Hi

Vlan interfaces are generally used for management on switches. Loopbacks are often used for management on routers. That's the primary difference.

Jon

paul.matthews
Level 5
Level 5

‎11-01-2007 08:57 AM

It has long been recommended that a loopback address be used for management on routers. The thinking behind that is that if there is any way to your router you can get to the loopback - if you used a real interface address if that was the interface that was down, you would lose access.

With switches, there is a degree of separation between physical interface state and vlan interface state, so that position does not stand the same.

The main reason for using a loopback on a switch as the management address is that it would fall in line with a simple policy "we always use lo0 as management, lo1 - 9 as tunnel end points" sort of thing, and there is no need to modify the policy for routers or switches, and standard security configs may be a little easier.

carl_townshend
Spotlight
Spotlight
In response to paul.matthews

‎11-05-2007 03:20 AM

what kind of address would we put on the loopback, would it be the same as the ethernet address of the lan connected ?

0 Helpful

paul.matthews
Level 5
Level 5
In response to carl_townshend

‎11-05-2007 08:37 AM

It would normally be a different address than on any interface!

To a degree it woul depend upo other uses for loop[back addresses. If purely for management, I would use a pool of management addresses, and allocate a single address for each device's loopback address, configured with a /32 mask, and advertised as such.

0 Helpful

nicolas.vallot
Level 1
Level 1
In response to paul.matthews

‎11-22-2007 04:17 PM

Hi,

If you assign a /32 address to a loopback interface, how can you connect to that interface ?

What address do I need to set on a lapop that I connect to that switch ?

Cheers

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to nicolas.vallot

‎11-23-2007 12:37 AM

Hi Nicholas

You need to make sure that /32 address is advertised in your routing protocol.

On the laptop you should set your default-gateway to the L3 interface for your subnet eg

router interface fa0/0 192.168.5.1 255.255.255.0

or if on L3 switch

int vlan 10

ip address 192.168.5.1 255.255.255.0

laptop

IP 192.168.5.10

Default-gateway 192.168.5.1

if the loopback is on the L3 switch/router where your laptops default-gateway is located then it should just work.

If the loopback is on a different device as i say you will need to either have static routes on your L3 switch/router or use a routing protocol.

HTH

Jon

0 Helpful

nicolas.vallot
Level 1
Level 1
In response to Jon Marshall

‎11-29-2007 12:48 PM

Hi Jon,

Thanks for the detailed answer, I have chosen for the easiest solution, include the loopback network in the routing protocol.

It works like a charm.

Thanks again

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card