02-03-2018 04:55 PM - edited 03-08-2019 01:41 PM
I am try to setup a couple of Loopback address on my Cisco 2851 Router....
Here are parts of my config file:
interface GigabitEthernet0/0
description INSIDE
ip address 192.168.0.50 255.255.255.0
ip access-group 100 in
no ip redirects
no ip unreachables
ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no cdp enable
no mop enabled
********************
access-list 1 remark INSIDE_IF=GigabitEthernet0/0
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 100 remark *** GigabitEthernet0/0 SCORPNET ***
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
************************
So I was trying to create Loopback address:
interface Loopback0
ip address 192.168.0.20 255.255.255.0
!
interface Loopback1
ip address 192.168.0.21 255.255.255.0
!
interface Loopback2
ip address 192.168.0.22 255.255.255.0
!
interface Loopback3
ip address 192.168.0.23 255.255.255.0
I get an error that 192.168.0.0 overlapping with each of the loopback address....
Can someone let me know what I may be doing wrong...
Thanks.......
Solved! Go to Solution.
02-03-2018 05:08 PM - edited 02-03-2018 05:08 PM
You cannot use the same IP subnet on multiple different interfaces which is what the router is telling you.
Each interface needs to use a different subnet.
Jon
02-03-2018 11:58 PM
Hello
@DAVID RICHWALSKI wrote:
so that is why I am getting the message:
% 192.168.0.0 overlaps with Loopback0
% 192.168.0.0 overlaps with Loopback0
% 192.168.0.0 overlaps with Loopback0%Default route without gateway, if not a point-to-point interface, may impact performance
SETUP: new interface GigabitEthernet0/0 placed in "shutdown" state
So if I understand right I cannot have ANY loopback on the 255.255.255.0 subnet correct?
No that inst correct - you CAN but as stated by Jon/Philip you cannot have the same subnet on multiple interfaces be it loopbacks or any other interface.
192.168.0.20
255.255.255.0
192.168.0.21
255.255.255.0
192.168.0.22
255.255.255.0
etc...
All the above are in the same subnet,
what will work is
192.168.0.20
255.255.255.0
192.168.1.20
255.255.255.0
192.168.2.21
255.255.255.0
etc..
or as stated by philip
192.168.0.20
255.255.255.255
192.168.0.21
255.255.255.255
192.168.0.22
255.255.255.255
res
Paul
02-05-2018 01:56 AM
Hi paul.......I just dont understand why it will not work I followed your directions
I added ip subnet-zero to my startup-config
I tried both :
192.168.0.20
255.255.255.255
192.168.0.20
255.255.255.0
I still get the overlap error
02-03-2018 05:08 PM - edited 02-03-2018 05:08 PM
You cannot use the same IP subnet on multiple different interfaces which is what the router is telling you.
Each interface needs to use a different subnet.
Jon
02-03-2018 05:45 PM
so that is why I am getting the message:
% 192.168.0.0 overlaps with Loopback0
% 192.168.0.0 overlaps with Loopback0
% 192.168.0.0 overlaps with Loopback0%Default route without gateway, if not a point-to-point interface, may impact performance
SETUP: new interface GigabitEthernet0/0 placed in "shutdown" state
So if I understand right I cannot have ANY loopback on the 255.255.255.0 subnet correct?
02-03-2018 11:58 PM
Hello
@DAVID RICHWALSKI wrote:
so that is why I am getting the message:
% 192.168.0.0 overlaps with Loopback0
% 192.168.0.0 overlaps with Loopback0
% 192.168.0.0 overlaps with Loopback0%Default route without gateway, if not a point-to-point interface, may impact performance
SETUP: new interface GigabitEthernet0/0 placed in "shutdown" state
So if I understand right I cannot have ANY loopback on the 255.255.255.0 subnet correct?
No that inst correct - you CAN but as stated by Jon/Philip you cannot have the same subnet on multiple interfaces be it loopbacks or any other interface.
192.168.0.20
255.255.255.0
192.168.0.21
255.255.255.0
192.168.0.22
255.255.255.0
etc...
All the above are in the same subnet,
what will work is
192.168.0.20
255.255.255.0
192.168.1.20
255.255.255.0
192.168.2.21
255.255.255.0
etc..
or as stated by philip
192.168.0.20
255.255.255.255
192.168.0.21
255.255.255.255
192.168.0.22
255.255.255.255
res
Paul
02-04-2018 10:25 AM
I am extremely thankful for the help but I tried bot suggestions and i still cannot get it to work..so I have included my config file for you to look at I you may:
!
! Last configuration change at 20:37:56 CST Sun Jan 21 2018
! NVRAM config last updated at 20:40:29 CST Sun Jan 21 2018 by scorpion
! NVRAM config last updated at 20:40:29 CST Sun Jan 21 2018 by scorpion
version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec show-timezone
service password-encryption
service sequence-numbers
!
hostname ***********
!
boot-start-marker
boot-end-marker
!
!
security authentication failure rate 3 log
security passwords min-length 6
logging count
no logging buffered
no logging rate-limit
enable secret 5 **************
enable password 7 *******************
!
no aaa new-model
!
no process cpu extended history
no process cpu autoprofile hog
clock timezone CST -6 0
clock summer-time CDT recurring
!
dot11 syslog
ip source-route
no ip gratuitous-arps
!
!
ip cef
!
!
!
no ip bootp server
ip domain name ************
ip host ******************
ip name-server ***************
ip name-server ***************
ip name-server ***************
ip name-server ***************
ip inspect name protocol dns
ip inspect name protocol ftp
ip inspect name protocol https
ip inspect name protocol icmp
ip inspect name protocol tcp
ip inspect name protocol udp
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
crypto pki token default removal timeout 0
!
!
!
!
license udi pid CISCO2851 sn ************
username ******** privilege 15 secret 5 **************
!
redundancy
!
!
ip tcp synwait-time 10
ip ssh authentication-retries 5
ip ssh port ****** rotary 1
ip ssh rsa keypair-name *******
ip ssh logging events
ip ssh version 2
ip ssh dh min size 4096
!
!
!
buffers tune automatic
!
!
!
!
interface GigabitEthernet0/0
description INSIDE
ip address 192.168.0.50 255.255.255.0
ip access-group 100 in
no ip redirects
no ip unreachables
ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface GigabitEthernet0/1
description PrimaryWANDesc_SPECTRUM$FW_OUTSIDE$$ETH-WAN$
mac-address *************
ip address dhcp client-id GigabitEthernet0/1
ip address dhcp hostname ***********
ip access-group 101 in
ip mask-reply
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat outside
ip inspect protocol out
ip virtual-reassembly in
duplex auto
speed auto
ntp disable
no cdp enable
no mop enabled
!
interface ATM0/0/0
no ip address
shutdown
no atm ilmi-keepalive
!
ip forward-protocol nd
ip http server
ip http access-class 2
ip http authentication local
no ip http secure-server
!
ip flow-export version 5
ip flow-export destination
!
ip nat inside source list 1 interface GigabitEthernet0/1 overload
!
ip access-list extended DenyStdSSH
deny tcp any any eq 22
permit tcp any any eq
!
logging trap debugging
logging source-interface GigabitEthernet0/0
logging *********
!
access-list 1 remark INSIDE_IF=GigabitEthernet0/0
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 100 remark *** GigabitEthernet0/0 ***
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 100 remark *******************************
access-list 101 remark *** GigabitEthernet0/1 SPECTRUM ***
access-list 101 remark --- SPECTRUM DHCP ---
access-list 101 permit udp any eq bootps any eq bootpc log
access-list 101 remark *******************************
access-list 101 remark --- DNS ---
access-list 101 permit udp any eq domain any
access-list 101 permit tcp any eq domain any
access-list 101 remark *******************************
access-list 101 remark --- SSH ALTERNATE PORT ---
access-list 101 permit tcp any any eq
access-list 101 remark *******************************
access-list 101 remark --- DNSCRYPT ---
access-list 101 permit udp any any eq
access-list 101 permit udp any any eq
access-list 101 permit tcp any any eq
access-list 101 remark *******************************
access-list 101 remark --- PLEX MEDIA SERVER ---
access-list 101 permit tcp any any eq
access-list 101 remark *******************************
access-list 101 remark --- FTPS Explicit (Passive) ---
access-list 101 permit tcp any any eq
access-list 101 permit tcp any any eq
access-list 101 permit tcp any any eq
access-list 101 permit tcp any any eq
access-list 101 permit tcp any any eq
access-list 101 permit tcp any any eq
access-list 101 permit tcp any any eq
access-list 101 remark *******************************
access-list 101 remark --- SFTP (SSH) ---
access-list 101 permit tcp any any eq
access-list 101 remark *******************************
access-list 101 remark --- SOFTETHER VPN ---
access-list 101 permit tcp any any eq
access-list 101 remark *******************************
access-list 101 remark --- DAMEWARE ---
access-list 101 permit tcp any any eq
access-list 101 remark *******************************
access-list 101 remark --- XBOX LIVE ---
access-list 101 permit tcp any any eq www
access-list 101 permit tcp any any eq 3074
access-list 101 permit udp any any eq 88
access-list 101 permit udp any any eq isakmp
access-list 101 permit udp any any eq 3074
access-list 101 permit udp any any eq 3544
access-list 101 permit udp any any eq non500-isakmp
access-list 101 remark *******************************
access-list 101 remark --- ICMP ---
access-list 101 permit icmp any any parameter-problem
access-list 101 permit icmp any any net-unreachable
access-list 101 permit icmp any any host-unreachable
access-list 101 permit icmp any any port-unreachable
access-list 101 permit icmp any any packet-too-big
access-list 101 permit icmp any any administratively-prohibited
access-list 101 permit icmp any any ttl-exceeded
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any echo
access-list 101 deny icmp any any log
access-list 101 remark *******************************
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 224.0.0.0 31.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip any any log
no cdp run
!
!
!
!
!
!
control-plane
!
!
!
!
mgcp profile default
!
!
!
!
!
!
line con 0
exec-timeout 60 0
login local
transport preferred none
transport output telnet
line aux 0
exec-timeout 0 1
no exec
line vty 0 4
access-class DenyStdSSH in
exec-timeout 20 0
privilege level 15
password 7 *******************
login local
rotary 1
transport preferred ssh
transport input ssh
transport output ssh
!
scheduler allocate 20000 1000
ntp logging
ntp update-calendar
ntp server 192.168.0.15 prefer source GigabitEthernet0/0
end
02-04-2018 11:48 AM
Hello
what exactly are you trying to do ?
Jus create loopbacks correct?
res
paul
02-04-2018 12:18 PM
yes just create 3 loopback .....
02-03-2018 06:03 PM - edited 02-03-2018 06:03 PM
Change your loopback subnet masks to 255.255.255.255. They should also be in a different subnet than Gigabit0/0.
02-03-2018 10:02 PM
Well since I only have that single subnet I guess I won't be able to get it to work......
Thanks fo the help
02-04-2018 12:32 PM
As others also noted, here is how you can create 3 loopbacks with 3 different IPs,
see example:
interface Loopback0
ip address 192.168.0.20 255.255.255.255
!
interface Loopback1
ip address 192.168.0.21 255.255.255.255
!
interface Loopback2
ip address 192.168.0.22 255.255.255.255
HTH
02-04-2018 06:05 PM
Hello I did that exactly and still get the overlap error
02-05-2018 12:13 AM
02-05-2018 01:56 AM
Hi paul.......I just dont understand why it will not work I followed your directions
I added ip subnet-zero to my startup-config
I tried both :
192.168.0.20
255.255.255.255
192.168.0.20
255.255.255.0
I still get the overlap error
02-05-2018 07:34 AM - edited 02-05-2018 07:34 AM
You have used 192.168.0.0/24 on gi0/0 which means your loopbacks cannot use any IP from that subnet.
It is that simple.
Jon
02-05-2018 02:17 PM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: