11-01-2007 07:22 AM - edited 03-05-2019 07:21 PM
Why use the loopback interface for management as opposed to VLAN1?
11-01-2007 08:05 AM
Hi
Vlan interfaces are generally used for management on switches. Loopbacks are often used for management on routers. That's the primary difference.
Jon
11-01-2007 08:57 AM
It has long been recommended that a loopback address be used for management on routers. The thinking behind that is that if there is any way to your router you can get to the loopback - if you used a real interface address if that was the interface that was down, you would lose access.
With switches, there is a degree of separation between physical interface state and vlan interface state, so that position does not stand the same.
The main reason for using a loopback on a switch as the management address is that it would fall in line with a simple policy "we always use lo0 as management, lo1 - 9 as tunnel end points" sort of thing, and there is no need to modify the policy for routers or switches, and standard security configs may be a little easier.
11-05-2007 03:20 AM
what kind of address would we put on the loopback, would it be the same as the ethernet address of the lan connected ?
11-05-2007 08:37 AM
It would normally be a different address than on any interface!
To a degree it woul depend upo other uses for loop[back addresses. If purely for management, I would use a pool of management addresses, and allocate a single address for each device's loopback address, configured with a /32 mask, and advertised as such.
11-22-2007 04:17 PM
Hi,
If you assign a /32 address to a loopback interface, how can you connect to that interface ?
What address do I need to set on a lapop that I connect to that switch ?
Cheers
11-23-2007 12:37 AM
Hi Nicholas
You need to make sure that /32 address is advertised in your routing protocol.
On the laptop you should set your default-gateway to the L3 interface for your subnet eg
router interface fa0/0 192.168.5.1 255.255.255.0
or if on L3 switch
int vlan 10
ip address 192.168.5.1 255.255.255.0
laptop
IP 192.168.5.10
Default-gateway 192.168.5.1
if the loopback is on the L3 switch/router where your laptops default-gateway is located then it should just work.
If the loopback is on a different device as i say you will need to either have static routes on your L3 switch/router or use a routing protocol.
HTH
Jon
11-29-2007 12:48 PM
Hi Jon,
Thanks for the detailed answer, I have chosen for the easiest solution, include the loopback network in the routing protocol.
It works like a charm.
Thanks again
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: