Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6167
Views
18
Helpful
19
Replies

Loopback not reachable

mtechnology
Level 1
Level 1

‎02-22-2007 10:27 PM - edited ‎03-03-2019 03:53 PM

i have a network setuop as attached.

All the access switches are 4506 with SUP 2 plus (l3 capable but are being used as L2)

These get connected to Core switches which are 4506 with SUP V.

Each access switch is configurd with a VLAN 1 ip address as well as a loopback address. We want to use the loopback IP for remote monitoring. Default route is configured on each access switch.

But i am not able to reach the switches via the loopback IPs. The trace drops at the core routers.

Am i missing something with this setup ?

1 person had this problem
Labels:
0 Helpful
19 Replies 19

Danilo Dy
VIP Alumni
VIP Alumni
In response to mtechnology

‎02-24-2007 07:36 AM

I read from some Ciso document many years ago (book or online, I can't remember) that whatever subnet/network mask you put in the loopback ip address, it will always treat it as /32 or 255.255.255.255. Therefore, your subnetting only affects your documentation not your configuration - that will makes you waste a lot of ip address assignment for loopback interfaces. I maybe mistaken, wait for experts to reply.

sundar.palaniappan
Level 10
Level 10
In response to Danilo Dy

‎02-24-2007 08:17 AM

There are some things the original poster would have to address to remedy this problem.

-loopbacks on core and access switch is using overlapping addresses.

-there's no route on the core switch to the access switch's loopback address.

BTW, access switch is routing. It has a default route to the core.

The problem is the core switch doesn't know how to route the loopback on the access switch. Reconfigure the loopbacks to a host address on the access/core switches (or) use an address/mask that's not overlapping with the other switch's address space.

Add a static route on the core switch to the loopback address/network of the access switch. Alternatively, you can also run a dynamic routing protocol between the access and core switch.

If you don't want to renumber the addresses, you can add a static host (/32) route on the core switch to access switch's loopback address and that would work as well. Longer prefix should be preferred over the connected network's shorter mask. Your static route would be something like:-

ip route 134.251.20.98 255.255.255.255 134.251.21.4

HTH

Sundar

mtechnology
Level 1
Level 1
In response to sundar.palaniappan

‎02-24-2007 09:39 AM

Sundar thanks for the explanation.

just one thing.i didn't understand when you say Reconfigure the loopbacks to a host address on the access/core switches (or) use an address/mask that's not overlapping with the other switch's address space.

say i reconfigured the loopbacks on the core to 172.16.100.0/24 and on the access switches i configured a loopback 172.16.200.0/24 (200.1, 200.2 ..and so on) what would be my static route on the core would like.

Will it be ip route 172.16.200.0 255.255.255.0 VLAN1 which i dont think will work either.

So in sum i would need to have a /32 on each access or as you said route the /32 from the core which will serve the purpose due to longer mask but doesn't seem to be a good soultion.

0 Helpful

sundar.palaniappan
Level 10
Level 10
In response to mtechnology

‎02-24-2007 10:14 AM

Can I ask you, why do you want to configure loopbacks? Both loopback & vlan interfaces are virtual interfaces and they would remain up as long as there's one port on the switch in which vlan1 is active. You don't stand to gain by using a loopback in your setup. Instead, you can configure a vlan interface, preferably a vlan other than vlan 1, for management purposes and add a default gateway/route on the access switches to point to the core switch's managment vlan's address.

This setup would ensure the management traffic remains separate from the user vlan traffic. Any disruption in the user vlan wouldn't affect the management traffic.

HTH

Sundar

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to mtechnology

‎02-24-2007 08:46 AM

Hi

I agree with Sundar and Medan on this. If you do not want to run a dynamic routing protocol on your access switches in which case you would need to turn on ip routing anyway then you need to use /32 addresses for your loopbacks and then on your core switches you would need a route added for each switch ie.

ip route "/32 loopback address" 255.255.255.255 "vlan 1 interface of access switch".

You would then need to ensure that these static routes on your core are redistributed into your dynamic routing protocol.

If each switch has an IP address out of the same subnet for loopbacks this won't work because you need to have individual routes for each loopback via the relevant vlan 1 interface.

This is what i did to get it working in my lab - please see previous mail.

HTH

Jon

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card