Loopback0 CAT3550

Answered Question
May 30th, 2008

I am trying to set up a loopback0 port on my 3550-24. I want to use it as my management port. It lets me configure the loop back.

interface Loopback0

ip address 10.244.244.24 255.255.255.255

ip broadcast-address 10.244.244.255

But I can never ping it from my work station. I can't figure out what I am doing wrong. Can anyone help me please?

Thanks

Michael M. Williams

Network Systems Analyst

Information Technology Services

Tarleton State University

I have this problem too.
0 votes
Correct Answer by Richard Burts about 8 years 6 months ago

Mike

There are at least 2 issues here. First and most important you need to enter the command ip routing to enable ip routing. Currently your switch is operating as a layer 2 only switch. You need to enable layer 3 processing to forward packets between VLANs and subnets. Without ip routing enabled it certainly will not do what you want it to do.

Second issue is the attempt to configure the static route. Here is what you entered:

ip route 0.0.0.0 10.244.244.24 255.255.255.255

it appears to contain the destination address, the next hop address, and the mask. But the mask needs to go immediately after the destination address. And the mask is inverted. so it should be:

ip route 0.0.0.0 0.0.0.0 10.244.244.24

Also as a layer 3 switch I am not convinced that the switch uses the loopback interface in the same way that IOS routers do. So even after you address these two problems there may still be some issues

HTH

Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Wilson Samuel Fri, 05/30/2008 - 08:01

Hi Michael,

Could you please let us see the config of the switch. Also, if I'm not wrong, you may try enabling Routing on the switch by "ip routing" and see if that helps.

HTH,

Kind Regards,

Wilson Samuel

michael.m.williams Fri, 05/30/2008 - 08:08

Wilson,

here is my config.

version 12.2

no service pad

service timestamps debug uptime

service timestamps log datetime

service password-encryption

!

hostname network-office

!

enable secret xxxxx

!

no aaa new-model

clock timezone CST -6

clock summer-time CDT recurring

ip subnet-zero

!

!

!

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

no ip rcmd domain-lookup

ip rcmd rcp-enable

ip rcmd remote-host cwuser 165.95.23.140 cwuser

!

!

!

!

!

interface Loopback0

ip address 10.244.244.24 255.255.255.255

ip broadcast-address 10.244.244.255

!

interface FastEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 9

switchport mode trunk

duplex full

spanning-tree portfast

!

interface FastEthernet0/2

switchport access vlan 9

switchport mode dynamic desirable

spanning-tree portfast

!

interface FastEthernet0/3

switchport access vlan 9

switchport mode dynamic desirable

spanning-tree portfast

!

interface FastEthernet0/4

switchport access vlan 9

switchport mode dynamic desirable

spanning-tree portfast

!

interface FastEthernet0/5

switchport access vlan 9

switchport mode dynamic desirable

spanning-tree portfast

!

interface FastEthernet0/6

switchport access vlan 9

switchport mode dynamic desirable

spanning-tree portfast

!

interface FastEthernet0/7

switchport access vlan 104

switchport mode dynamic desirable

spanning-tree portfast

!

interface FastEthernet0/8

switchport access vlan 9

switchport mode dynamic desirable

spanning-tree portfast

!

interface FastEthernet0/9

switchport access vlan 3

switchport mode dynamic desirable

spanning-tree portfast

!

interface Vlan1

no ip address

!

interface Vlan9

ip address xxx.xx.21.113 255.255.255.128

!

ip default-gateway xxx.xx.21.125

ip classless

ip http server

ip http secure-server

!

!

logging trap critical

logging xxx.xx.23.140

snmp-server community TSUroCN RO

snmp-server community TSUrwCN RW

snmp-server contact

snmp-server system-shutdown

snmp-server enable traps snmp authentication lin

snmp-server enable traps cluster

snmp-server enable traps entity

snmp-server enable traps envmon fan shutdown sup

snmp-server enable traps vtp

snmp-server enable traps vlancreate

snmp-server enable traps vlandelete

snmp-server enable traps flash insertion removal

snmp-server enable traps port-security

snmp-server enable traps config-copy

snmp-server enable traps config

snmp-server enable traps hsrp

snmp-server enable traps bridge newroot topology

snmp-server enable traps stpx inconsistency root

y

snmp-server enable traps syslog

snmp-server enable traps rtr

snmp-server enable traps mac-notification

snmp-server enable traps vlan-membership

snmp-server host xxx.xx.23.140 TSUroCN

!

control-plane

!

!

line con 0

line vty 0 4

password xxxxxxxx

login

line vty 5 15

login

!

ntp clock-period 17180256

ntp server 10.1.1.1 key 0 prefer

end

network-office#

i get this error when i try to enter a route.

network-office#config t

Enter configuration commands, one per line. End with CNTL/Z.

network-office(config)#interface loopback0

network-office(config-if)#ip route 0.0.0.0 10.244.244.24 255.255.255.255

%Inconsistent address and mask

network-office(config)#

Thanks

mike

mahmoodmkl Fri, 05/30/2008 - 08:21

Hi

In which vlan is u r system connected.can u verify plz.

Thanks

Mahmood

michael.m.williams Fri, 05/30/2008 - 08:38

Mahmood,

The switch IP that I have now and workstation are in the same VLAN. The IP I want to use for LooPback0 is not within any VLAN. I have a 6500 series that is using the same loopback0 IP range and I have no problem pining it. But when I try the 3550 I can't get it to work.

Thanks

Mike

mahmoodmkl Fri, 05/30/2008 - 08:53

HI

R u locally connected to this switch..?

If u then u need to use the default-gateway on ur system as the ip address of the SVI i.e vlan 9 as per u r config.

If u r not locally connected then u need either advertise u r loopback ip in any routing protocol or u need to have static routes for this network.

Thanks

Mahmood

michael.m.williams Fri, 05/30/2008 - 09:03

Mahmood,

I am connected locally. How would I advertise my loopback. Where would I put the static route?

thanks

Mike

thotsaphon Fri, 05/30/2008 - 09:18

Hi Mike,

Please do "sh ip int brief" and "sh ip route" commands. To make sure that you add "ip routing" command in the switch. Because you are trying to let switch routes the networks!

let us know how things work out

Thot

michael.m.williams Fri, 05/30/2008 - 10:05

Thot,

sh ip int brief

FastEthernet0/4 unassigned YES unset down down

FastEthernet0/5 unassigned YES unset down down

FastEthernet0/6 unassigned YES unset up up

FastEthernet0/7 unassigned YES unset down down

FastEthernet0/8 unassigned YES unset up up

FastEthernet0/9 unassigned YES unset up up

FastEthernet0/10 unassigned YES unset down down

FastEthernet0/11 unassigned YES unset down down

FastEthernet0/12 unassigned YES unset down down

FastEthernet0/13 unassigned YES unset down down

FastEthernet0/14 unassigned YES unset down down

FastEthernet0/15 unassigned YES unset down down

FastEthernet0/16 unassigned YES unset down down

FastEthernet0/17 unassigned YES unset down down

FastEthernet0/18 unassigned YES unset down down

FastEthernet0/19 unassigned YES unset down down

FastEthernet0/20 unassigned YES unset down down

FastEthernet0/21 unassigned YES unset down down

FastEthernet0/22 unassigned YES unset down down

FastEthernet0/23 unassigned YES unset up up

FastEthernet0/24 unassigned YES unset up up

GigabitEthernet0/1 unassigned YES unset down down

GigabitEthernet0/2 unassigned YES unset down down

Loopback0 10.244.244.24 YES manual up up

show ip route

network-office#show ip route

Default gateway is xxx.xx.21.125

Host Gateway Last Use Total Uses Interface

ICMP redirect cache is empty

network-office#

it only show the DF for VLAn 9, which is what the trunk port is config for.

thanks

mike

michael.m.williams Fri, 05/30/2008 - 10:14

Mahmood,

I enable ip routing.

Gateway of last resort is not set

10.0.0.0/32 is subnetted, 1 subnets

C 10.244.244.24 is directly connected, Loopback0

xxx.xx.0.0/25 is subnetted, 1 subnets

C xxx.xx.21.0 is directly connected, Vlan9

network-office#

Still can't ping it.

Thanks

mike

mahmoodmkl Fri, 05/30/2008 - 10:02

Hi

Whats the gateway on u r system,is it the ip address of svi ie. vlan9 of ur switch if so then u need to enable ip routing on u r switch n try.

Thanks

Mahmood

michael.m.williams Fri, 05/30/2008 - 10:10

Mahmood,

network-office#show ip route

Default gateway is xxx.xx.21.125

Host Gateway Last Use Total Uses Interface

ICMP redirect cache is empty

network-office#

It is the gateway for VLAn 9.

What do I need to do to add gateway for Loopback0?

Thanks

mike

mahmoodmkl Fri, 05/30/2008 - 10:13

Hi

As informed earlier u need to enable ip routing.

u need not add gateway for loopback as it will be listed as directly connected on u r switch.

Just verify that u have the proper gateway config on u r system i.e PC.

Thanks

Mahmood

Correct Answer
Richard Burts Fri, 05/30/2008 - 10:18

Mike

There are at least 2 issues here. First and most important you need to enter the command ip routing to enable ip routing. Currently your switch is operating as a layer 2 only switch. You need to enable layer 3 processing to forward packets between VLANs and subnets. Without ip routing enabled it certainly will not do what you want it to do.

Second issue is the attempt to configure the static route. Here is what you entered:

ip route 0.0.0.0 10.244.244.24 255.255.255.255

it appears to contain the destination address, the next hop address, and the mask. But the mask needs to go immediately after the destination address. And the mask is inverted. so it should be:

ip route 0.0.0.0 0.0.0.0 10.244.244.24

Also as a layer 3 switch I am not convinced that the switch uses the loopback interface in the same way that IOS routers do. So even after you address these two problems there may still be some issues

HTH

Rick

michael.m.williams Fri, 05/30/2008 - 10:29

Rick,

Here is what i got when I typed in the static route.

Password:

network-office#config t

Enter configuration commands, one per line. End with CNTL/Z.

network-office(config)#ip route 0.0.0.0 0.0.0.0 10.244.244.24

%Invalid next hop address (it's this router)

network-office(config)#

Thanks

mike

Richard Burts Fri, 05/30/2008 - 11:48

Mike

It may not feel like it but I think we are making progress. You say that ip routing is enabled and the most recent show ip route confirms it:

Gateway of last resort is not set

10.0.0.0/32 is subnetted, 1 subnets

C 10.244.244.24 is directly connected, Loopback0

xxx.xx.0.0/25 is subnetted, 1 subnets

C xxx.xx.21.0 is directly connected, Vlan9

network-office#

You were not getting that output before and seeing the connected interface subnets is confirmation that ip routing is enabled. This is essential to getting the loopback to work.

This output also shows what appears to be another problem.

Gateway of last resort is not set

Probably it would make sense to configure a default route using the same next hop that was specified in your default gateway command.

I am sorry that the form of the static route that I gave you produced an error. I looked at what you had tried to configure in a previous post and to correct it. I took what I thought was a specification of next hop and put it into the right place without realizing that the address was the loopback interface address. Perhaps I should not have made assumptions about what you were trying to do and should have just asked what you were trying to achieve with the static route. Once I understood that perhaps my advice would have been better.

If you take the static route that I gave you and change the next hop to be your default gateway address I believe that it should work.

ip route 0.0.0.0 0.0.0.0 xxx.xx.21.125

HTH

Rick

michael.m.williams Fri, 05/30/2008 - 12:06

Rick,

Here is what i got

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is 165.95.21.125 to network 0.0.0.0

10.0.0.0/32 is subnetted, 1 subnets

C 10.244.244.24 is directly connected, Loopback0

xxx.xx.0.0/25 is subnetted, 1 subnets

C xxx.xx.21.0 is directly connected, Vlan9

S* 0.0.0.0/0 [1/0] via xxx.xx.21.125

Still can't ping it.

thanks

Mike

glen.grant Fri, 05/30/2008 - 10:10

When you hook up your pc are you putting in the default gateway for the vlan you are attached to? If connected to a port in vlan 9 then your pc nic card gateway would be xxx.xx.21.113 and your netmask on your pc should be 255.255.255.128

michael.m.williams Fri, 05/30/2008 - 10:17

Glen,

Yes, my PC is coming off a port of the switch i am trying to config loopback0 on. The IP of my PC is xxx.xx.21.60, subnet is 255.255.255.128.

thanks

mike

thotsaphon Fri, 05/30/2008 - 10:31

Mike,

PC should be configured look like this:

xxx.xx.21.60 mask 255.255.255.128 GW xxx.xx.21.113

To make sure that this pc is connecting to the port assigned to the vlan9

I want you to configure "ip routing" command in the configuration mode.I want to see "int vlan 9 up up" in the "sh ip int brief" command.

Please let us know how things work out!

Thot

michael.m.williams Fri, 05/30/2008 - 11:26

Thot,

I did the changes you stated and I was able to ping the loopback0 Ip, but i was not able to reach any other device on the network.

I have configurted ip routing

network-office#sh ip in brief

Interface IP-Address OK? Method Status Protoc

Vlan1 unassigned YES NVRAM up up

Vlan9 xxx.xx.21.113 YES NVRAM up up

FastEthernet0/1 unassigned YES unset up up

Loopback0 10.244.244.24 YES manual up up

Thanks

Mike

thotsaphon Fri, 05/30/2008 - 11:41

Mike,

Thanks for updating the status. I want to know that this switch is a core switch(for routing networks),isn't it?

if not, then who? and what is the interface mode do you connect the core switch? trunking by using f0/1?

HTH

Thot

michael.m.williams Fri, 05/30/2008 - 11:45

Thot,

i want to do this for all my access switches. This one is a 3550. Right now we are using the production VLAN for both data and management and I want to move awayfrom that. My Core switch already has a loopback0 port and i wanted to use the same IP range for all my other switches. From what i read Loopback0 port could do this for me, but i can't get it to work.

I use fa 0/1 on this switch as a trunk.

Thanks

mike

thotsaphon Fri, 05/30/2008 - 11:54

Mike,

Bingo! This switch has to be configured as Layer2 Switch as you did. So no "ip routing" command on it. You CANNOT use a loopback ip address for management at the Layer2 switch(in your case). you have to only pick one vlan(Active!) to do that. And configuring "ip default gateway" to point to your core-switch.

HTH

Thot

Richard Burts Fri, 05/30/2008 - 12:05

Mike

I am not sure that I would go quite as far as Thot and say "the switch HAS to be configured as layer 2". But first we really need to know how you want your network to operate. It seems that previous to this discussion and the changes that you made in it, the network was a group of layer 2 switches which were trunked to a core which did all of the routing.

You can keep that architecture or you can choose to change it by enabling ip routing on the access switches (at least all the access switches that are layer 3 capable). Making the change from a layer 2 switch to layer 3 is a decision that should be intentionally made. I believe that we pushed you into this change because we made assumptions about what you were trying to accomplish and without understanding the existing environment.

Thot MAY be right that you should go back to the layer 2 operation and remove ip routing from this switch. You can still accomplish your basic objective which seems to be that you want management to be in a separate VLAN from production data. So you would configure some VLAN for management. That is the interface vlan x that you would configure with an IP address.

And Thot certainly IS right that if you go back to layer 2 operation that you can not use a loopback interface.

HTH

Rick

michael.m.williams Fri, 05/30/2008 - 12:16

Rick,

Ok, thanks I will use a seperate VLAN for management. I didn't want to change to entire architecture of my network to make it work. I was trying to find an out of bound solution to manage my switches. Maybe i went about all wrong. So the best way is just to creat a seperat VLAN to manage my switches? Or is there another way? i have 100+ switch that all have different management IP in multiply production VLAN. I want to make things easier.

Thanks

mike

Mike

michael.m.williams Fri, 05/30/2008 - 12:09

Thot,

That would explains why it doesn't work. Cisco has documentation that loopback0 would work with 3550. So even after I enable routing it will not work?

thanks

mike

Richard Burts Fri, 05/30/2008 - 12:19

Mike

Interface loopback 0 COULD work - if you make the right set of changes. But as I said in a previous post these changes would be a significant change in the architecture of your network.

You asked a question about how to get interface loopback 0 to work. And we have been very energetic in trying to make it work. Perhaps we should have spent a little more time trying to figure out what the fundamental objective was. There is a strategy to get management interfaces on the switch separate from the data VLAN when operating as layer 2 switch and there is a strategy to get management interface that is separate when operating as layer 3 switch. When you can tell us which strategy you prefer we can help you implement it.

If you go the layer 3 strategy with a loopback interface then you will need to make sure that your switch has routing information about how to reach the various remote destinations. And you need to make sure that other devices in your network have information about how to get ot the address of your loopback interface. Probably that is a bunch of static routes or it is a dynamic routing protocol.

HTH

Rick

michael.m.williams Fri, 05/30/2008 - 12:23

Rick,

After you folks made me wiser on this I believe the best way to do it is via layer 2. Adding multiple static route will become time consuming and complicated. I am trying to make things easier.

Any suggestions?

Thanks

mike

thotsaphon Fri, 05/30/2008 - 12:22

Rick,

Nice explanation as always! 5p

Mike,

Creating a separate vlan for switch management is a good way to go.

Thanks

Thot

michael.m.williams Fri, 05/30/2008 - 12:25

Thot,

I got the message. I will go this route. Thanks for your help. Thanks for making me smarter.

Super help i really appricate it!!!

Richard Burts Sat, 05/31/2008 - 12:19

Mike

This has been a very interesting conversation. I am glad that it has been helpful to you. I think that there is a lesson in it for those of us who frequently answer questions on the forum. When someone asks a question (how do I ...) we frequently focus in on the answer to that question. But sometimes instead of focusing on those details we should look for the bigger picture: what are they really trying to do, what is the context of the question? And sometimes that would help us realize that what they think they want to do is not really the way to accomplish their real objective.

Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read a question and can know that they will read responses which did resolve the question.

The forum is an excellent place to learn about Cisco networking. I encourage you to continue your participation in the forum.

HTH

Rick

Actions

This Discussion