Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2402
Views
5
Helpful
8
Replies

How to setup loopback address in our environment?

HWangLoyalty_2
Level 1
Level 1

‎11-25-2008 08:15 AM - edited ‎03-06-2019 02:39 AM

Hi ALL:

We have three sites on our company. There are Core switch(65xx)+ several L2 switches (37xx) in every site. we used to use management vlan (not Vlan1) on all devices. But we want to use loopback address for management again.My question are:

1.Do we need setup loopback address in our situation because SVI (management vlan)was already here? Both loopback and SVI are virtual address in case the physical address is down

2.I check the previous topic in this forum.Some guys recommend that L2 switch does not need it (use SVI), but L3 switch need it. But actually in our L3 core switch, we use SVI instead of physical IP address.

3.If you think all devices need loopback.How to choose the IP address scale? Do we need use submask as 32 for every devices because I only know it could save address space instead of 24 bit submask? But we use the private address in our environment.

We could use lots of address space for that. we also do not setup static route for every L2 switch if we choose 24 bit submask.

Please advice! Thank you very much.

Labels:
0 Helpful
8 Replies 8

Jon Marshall
Hall of Fame
Hall of Fame

‎11-25-2008 08:56 AM

Huan

If you had a routed access-layer ie. your 3750 switches were acting as L3 devices then i would recommend going with loopbacks on all your switches for management.

However you are running L2 from the access-layer so i would stick to using a vlan for managing your switches. You have already done the right thing by not using vlan 1.

Jon

0 Helpful

HWangLoyalty_2
Level 1
Level 1
In response to Jon Marshall

‎11-25-2008 11:35 AM

we are not enable "ip routing" in our 3750 switches. only setup "default GW" in every 3750 switch to point to core switch. I think they are still L2 switches.

Thanks!

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame

‎11-25-2008 08:59 AM

Loopbacks are recommended on regular routers so you don't have to depend on a physical interface for management connectivity. You can reach the router in question via any available physical interface - provided the loopback is being advertised.

As for switches, the loopback can be configured in Layer3 switches (not allowed in Layer2 switches) but it's not required. The SVI (switch virtual interface) will remain up/up as long as an associated switchport is up/up that is part of that Vlan. If the switchport is a trunk port, the SVI will automatically be up/up unless you prune that Vlan from the trunk.

In short, the SVI has similar characteristics as the loopback since it can be reachable via any physical interface as long as the Layer3 information is being advertised.

As for the use of /32 vs /24, it's recommended to use /32 for IP address preservation.

HTH,

__

Edison.

0 Helpful

HWangLoyalty_2
Level 1
Level 1
In response to Edison Ortiz

‎11-25-2008 11:51 AM

I apprecaite your help

Could you tell me why the loopback address is not allowed in L2 switches?

If we use /32 submask, the following situation will occur, for example:

lo0 on core: 172.20.99.1/32

lo0 on 3750 switch connected core: 172.20.99.10/32

SVI of management on core: 172.20.88.1/24

SVI of management on 3750 switch connected core: 172.20.88.10/24

I have to add static route on our core to ensure that lo0 of 3750 is reachable. The command should be like that:

ip route 172.20.99.10 255.255.255.255 172.20.88.10

Is it reasonablee because SVI is also virtual IP address?

If I use the /24, I think the this question could not be happened.

Please go ahead for advice! Thanks again

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to HWangLoyalty_2

‎11-25-2008 01:02 PM

Could you tell me why the loopback address is not allowed in L2 switches?

Hardware design. Only one Layer3 interface is allowed to be up/up in the switch and this interface must be reachable. Kind of hard to reach a loopback if there isn't a way to get there via a routable Vlan :)

I have to add static route on our core to ensure that lo0 of 3750 is reachable. The command should be like that:

ip route 172.20.99.10 255.255.255.255 172.20.88.10

That's correct.

Is it reasonablee because SVI is also virtual IP address?

Both switches share the same Vlan, so in order to reach a Layer3 interface that sits behind that Vlan, you need to reach it via the SVI.

If I use the /24, I think the this question could not be happened.

With /24, it wouldn't work as both loopbacks would share the same subnet.

You wouldn't be able to create a static route in the Core router as that subnet is already in the routing table as 'connected' route.

HTH,

__

Edison.

Please rate helpful posts

HWangLoyalty_2
Level 1
Level 1
In response to Edison Ortiz

‎11-25-2008 02:09 PM

Thanks for your two cents!

1.You mean I could not setup loopback address on the L2 switch if SVI was already UP if this is Hardware design. But in our devices (3750 switch), loopback interface is UP except management SVI is UP. I did not understand why you say "Only one Layer3 interface is allowed to be up/up in the switch "?

2.If we have to assign loopback address in our environemnt, I will use submask/32+ static route solution.Is it correct?

3. In your experience, how to setup them in other companies with the similar situation? Keep management SVI is OK or pick up Loopback address?

Thanks again!

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to HWangLoyalty_2

‎11-25-2008 02:26 PM

You mean I could not setup loopback address on the L2 switch if SVI was already UP if this is Hardware design. But in our devices (3750 switch), loopback interface is UP except management SVI is UP. I did not understand why you say "Only one Layer3 interface is allowed to be up/up in the switch "?

3750 is a Layer3 switch. You can disable routing but the hardware remains L3 capable. With that said, if you want to route a subnet being held in the 3750, you need to enable routing in the device.

If we have to assign loopback address in our environemnt, I will use submask/32+ static route solution.Is it correct?

I recommend implementing dynamic routing protocols instead (EIGRP or OSPF).

In your experience, how to setup them in other companies with the similar situation? Keep management SVI is OK or pick up Loopback address?

It depends on the company. Old timers like to use loopback for management since they learned this concept from routers. Using a SVI for management in switches is perfectly ok. Actually, many companies create a 'management Vlan' that is shared in all switches in the LAN.

HTH,

__

Edison.

0 Helpful

HWangLoyalty_2
Level 1
Level 1
In response to Edison Ortiz

‎11-25-2008 02:49 PM

Thanks a lot!

I think we will keep managment SVI for montoring and management instead of loopback address.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card