Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
679
Views
0
Helpful
10
Replies

Easy question!

paltel
Level 1
Level 1

‎08-26-2005 11:25 AM - edited ‎03-03-2019 10:22 AM

Which ip address should we assign to the loopback interface?? :)

Labels:
0 Helpful
10 Replies 10

kamlesh.sharma
Level 3
Level 3

‎08-26-2005 11:40 AM

Hi,

It depends on your requirement if your are using this loopback for OSPF then it should be /32. and if you are using this for publishing any network like in a lab environment then you should use subnetmask accordingly.

KAmlesh Sharma

0 Helpful

paltel
Level 1
Level 1
In response to kamlesh.sharma

‎08-26-2005 11:52 AM

umm, to be the source address for the tacacs request to the AAA server, i used 1.1.1.1/32 but it seems routing problem when the AAA try to send its rsponse

0 Helpful

ruwhite
Level 7
Level 7

‎08-26-2005 12:58 PM

Any /32 from within your network.... Make certain you have a network statement in OSPF "covering" the loopback, if you intend to use it to route stuff to.

:-)

Russ.W

0 Helpful

paltel
Level 1
Level 1
In response to ruwhite

‎08-27-2005 12:17 AM

the problem is that i have routers connecting outside my network, let us say that i have router connected at the public network with subnet 2.2.2.64/255.255.255.224 and my AAA server connected to other subnet and i used 1.1.1.1/32 for my loopback interface. This router send a request to the AAA server and the AAA server sent its response to where realy i don't know because i can't examine that "out of my network".

0 Helpful

ruwhite
Level 7
Level 7
In response to paltel

‎08-27-2005 04:45 AM

If hosts from outside your network are trying to connect to this loopback address, shouldn't you use a public address on it? 1.1.1.1/32 is a public address, but is it a part of the space you actually can use?

:-)

Russ.W

0 Helpful

paltel
Level 1
Level 1
In response to ruwhite

‎08-27-2005 06:15 AM

it not from my subnets range :). actually i can use any ip address but i will advertise this IP, right?

0 Helpful

ruwhite
Level 7
Level 7
In response to paltel

‎08-29-2005 03:44 AM

Any IP address you choose must be advertised to be reachable, yes.... But, if the advertised IP address is leaving your network, either use an agreed upon private address, or something out of your public range. Otherwise, you might conflict with some other address, making your address unreachable. In any case, it's not polite to step on someone else's address space (hijack it). In fact, one reason why this host may not be reachable from outside your network, if that's where you're trying to reach it from is the address you're advertising may be filtered out, uRPF'd, etc.

Perhaps you could explain a bit more about what it is you're trying to do (?), so we could help you choose the righ IP address/etc.

:-)

Russ.W

0 Helpful

Not applicable

‎08-30-2005 05:14 AM

0 Helpful

paltel
Level 1
Level 1
In response to

‎08-30-2005 11:41 AM

Sure i will not choose IP address used by another one, In fact even i did, it is not a problem because as i know that we have some subnets at our region and only these subnets are advertised and the ISP will not advertise this IP,else if set IP address within our subnets, right?

Thank you

0 Helpful

dinodemarco
Level 1
Level 1
In response to paltel

‎08-31-2005 08:45 AM

If you are only concerned about TACACS authentication then you don't really need to use a loopback. You can use the "ip tacacs source-interface" command and specify an interface with an IP address that you know is reachable from anywhere in your network.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card