Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Loopback

Why use the loopback interface for management as opposed to VLAN1?

7 REPLIES
Hall of Fame Super Blue

Re: Loopback

Hi

Vlan interfaces are generally used for management on switches. Loopbacks are often used for management on routers. That's the primary difference.

Jon

Re: Loopback

It has long been recommended that a loopback address be used for management on routers. The thinking behind that is that if there is any way to your router you can get to the loopback - if you used a real interface address if that was the interface that was down, you would lose access.

With switches, there is a degree of separation between physical interface state and vlan interface state, so that position does not stand the same.

The main reason for using a loopback on a switch as the management address is that it would fall in line with a simple policy "we always use lo0 as management, lo1 - 9 as tunnel end points" sort of thing, and there is no need to modify the policy for routers or switches, and standard security configs may be a little easier.

New Member

Re: Loopback

what kind of address would we put on the loopback, would it be the same as the ethernet address of the lan connected ?

Re: Loopback

It would normally be a different address than on any interface!

To a degree it woul depend upo other uses for loop[back addresses. If purely for management, I would use a pool of management addresses, and allocate a single address for each device's loopback address, configured with a /32 mask, and advertised as such.

New Member

Re: Loopback

Hi,

If you assign a /32 address to a loopback interface, how can you connect to that interface ?

What address do I need to set on a lapop that I connect to that switch ?

Cheers

Hall of Fame Super Blue

Re: Loopback

Hi Nicholas

You need to make sure that /32 address is advertised in your routing protocol.

On the laptop you should set your default-gateway to the L3 interface for your subnet eg

router interface fa0/0 192.168.5.1 255.255.255.0

or if on L3 switch

int vlan 10

ip address 192.168.5.1 255.255.255.0

laptop

IP 192.168.5.10

Default-gateway 192.168.5.1

if the loopback is on the L3 switch/router where your laptops default-gateway is located then it should just work.

If the loopback is on a different device as i say you will need to either have static routes on your L3 switch/router or use a routing protocol.

HTH

Jon

New Member

Re: Loopback

Hi Jon,

Thanks for the detailed answer, I have chosen for the easiest solution, include the loopback network in the routing protocol.

It works like a charm.

Thanks again

185
Views
10
Helpful
7
Replies