Re: Using Loopback Interfaces for management connectivity

makkers · ‎03-18-2005

I am struggling to really understand how to use a Loopback interface for management purposes on my Cat4507 switches and looking for any guidance.

I have 4 x 4507's 2 for aggregation(L3) and 2 for access layer (L2). There are 6 vlans doing the L3 thing and default vlan 1 is not used.

If I assign a loopback interface with a 32bit mask I cannot ping it from any other switch.

Really I do not want to manage the switches for Cworks or Openview telnet etc on one of the vlan IP addresses.

Am I missing the point here somewhere?

Any advice / guidance much appreciated.

lgijssel · ‎03-18-2005

The following questions might help you on your way:

In which ip range did you configure the loopbacks?

Are you using a routing protocol that can handle vlsm to advertise these host routes?

Have you setup ip routing correctly for this subnet?

It must be a config error, we have been using this setup also and it works.

Regards,

Leo

steve.busby · ‎03-18-2005

Hi,

Are you adding the loopback ip address to your routing protocol?

The only way other boxes are going to know about the loopback address is if you advertise it out someway.

As far as management from CW2K goes, the later releases RME3.4+ have a much better mechanism to determine the correct management IP (loopback in your case).

No comment on Openview, as it's been a few years since I've used that platform.

HTH

Steve

Martin Ermel · ‎03-21-2005

Concerning OpenView, this likes to use the address that is resolved in DNS or a hosts file. If multiple addresses of one device are resolved differently in DNS, the lowest IP address is used. In general the mechanism starts with the lowest IP address and uses the first that can be resolved. Depending on the version of OpenView, there are config file to determine the IP address for SNMP communication.

Martin

makkers · ‎03-23-2005

Thanks to all for the responses they have been really helpful and got the thought processes going.

To answer some of the questions asked:

The loopback interfaces are configured with a 172.16.1.0 /32 address

Using EIGRP which automaticllly supports vlsm and the range has been added to the routing protocol and is being advertised

I believe that I have set up the routing ok, but could be wrong!

It will be a config / user error as thats what I do!

I have attached a chooped down version of the config below for reference:

Current configuration : 9493 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log datetime msec

no service password-encryption

service compress-config

!

hostname Access_02

!

logging buffered 65536 informational

enable secret 5 [removed]

!

ip subnet-zero

ip domain-name [removed]

!

spanning-tree mode rapid-pvst

spanning-tree extend system-id

power dc input 2500

!

redundancy

mode rpr

main-cpu

auto-sync standard

!

vlan dot1q tag native

!

interface Loopback0

ip address 172.16.1.4 255.255.255.255

!

interface GigabitEthernet1/1

description To Aggregation_01 Port 7/1

switchport trunk encapsulation dot1q

switchport mode dynamic desirable

logging event link-status

udld port aggressive

!

! [All ports removed]

!

interface GigabitEthernet7/18

shutdown

!

interface Vlan1

no ip address

!

interface Vlan136

no ip address

!

interface Vlan137

no ip address

!

interface Vlan138

no ip address

!

interface Vlan139

no ip address

!

interface Vlan140

ip address 155.111.111.111 255.255.255.0 [phoney]

!

interface Vlan141

no ip address

!

router eigrp 100

network 155.111.0.0

network 172.16.1.0 0.0.0.0

auto-summary

!

ip classless

no ip http server

!

snmp-server community [removed] RO

snmp-server community [removed] RW

snmp-server enable traps tty

!

banner exec ^C

[removed]

Richard Burts · ‎03-23-2005

Unfortunately you are correct about there being a configuratin error. Under router eigrp 100 you specify network 172.16.1.0 0.0.0.0 and this mask indicates that you are looking for host address 172.16.1.0. But the address on the loopback is 172.16.1.4 so it does not match. You can correct this either by changing the mask in the network statement network 172.16.1.0 0.0.0.255 or you can change the address in the network statement network 172.16.1.4 0.0.0.0. Either of these should make it work.

HTH

Rick

HTH

Rick