need help understanding configuration

Unanswered Question
Aug 12th, 2008

Hello,

I have a 3845 and going through the configuration, I see that there is an IDS module.

In the config, I see loopback interfaces but am unsure what they are used for....

interface Loopback0

ip address 192.168.0.3 255.255.255.0

!

interface Loopback1

ip address 216.24.224.1 255.255.255.0 secondary

ip address 216.24.238.2 255.255.255.0

!

interface Loopback2

ip address 220.220.220.220 255.255.255.0

!

interface Loopback3

ip address 11.11.11.11 255.255.255.0

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Richard Burts Tue, 08/12/2008 - 08:26

Nelson

You have not given us enough information here to be very helpful. If you want help in understanding what the loopback interfaces are used for then you should post the router config. Without knowing what is in the config how can we help explain to you what the loopback interfaces may be used for?

HTH

Rick

Giuseppe Larosa Tue, 08/12/2008 - 10:11

Hello Nelson,

the loopback interfaces and their addresses are used to provide some IP subnets to advertise in the BGP process:

router bgp 17358

no synchronization

bgp log-neighbor-changes

network 216.24.224.0

network 216.24.238.0

network 216.24.239.0

these subnets should be advertised to eBGP peer 209.167.212.241 if permitted by ACL 101:

neighbor 209.167.212.241 distribute-list 101 out

and so it is:

access-list 101 permit ip host 216.24.239.0 host 255.255.255.0

access-list 101 permit ip host 216.24.238.0 host 255.255.255.0

access-list 101 permit ip host 216.24.224.0 host 255.255.255.0

This is usually a LAB trick when missing physical interfaces or to represent in the lab the real IP subnets.

Hope to help

Giuseppe

Giuseppe Larosa Tue, 08/12/2008 - 10:13

Hello Nelson,

a last note in this case the aggregate-address are useless:

aggregate-address 216.24.224.0 255.255.255.0

aggregate-address 216.24.239.0 255.255.255.0

the subnets are already /24

Hope to help

Giuseppe

pipsadmin Tue, 08/12/2008 - 10:22

So I can safely remove the 2 aggregate-address?

What about the loopback, can I remove that? What is it used for and I'm wondering if I can remove it...

Giuseppe Larosa Tue, 08/12/2008 - 11:01

Hello Nelson,

>> So I can safely remove the 2 aggregate-address?

the one for net 216.24.239.0/24 is needed:

216.24.239.1 255.255.255.128

the other one can be removed

>> What about the loopback, can I remove that? What is it used for and I'm wondering if I can remove it..

loop3 is used :

interface IDS-Sensor4/0

description IDS-GOT$IDMADDR:11.11.11.100$

ip unnumbered Loopback3

loop1 is used by NAT pool is here you need it !

loop0 and loop2 look like unused and could be removed without any issues

Hope to help

Giuseppe

Actions

This Discussion