Just looking for a confirmation check here - don't do this nearly enough.
I have an existing Internet setup w/ (2) routers, connected to (2) ISPs running BGP. The routers each announce the same /24 block to each ISP. The Internet routers have a static route for this /24 block pointing to the firewall, which in turns is configured to use NAT on the subnet. Very straight forward.
I have a requirement to configure Loopbacks on these Internet Edge routers and I would like to configure them out of the /24 that is statically routed to the firewall.
I've attached a diagram w/ some example IP blocks for reference.
Will there be a problem having the /24 statically routed to the firewall, while at the same time having a few IPs configured as loopbacks?
**Update - Loopbacks are not for BGP, they will be used to support a GRE tunnel.
This would work but it just looks messy and a bit pitchy patchy if that's even a valid thing to say.. because if you peer with loopbacks, if your connection with ISP1 goes down, BGP will try going over ISP2 and fail and then ISP1 will just send all your traffic via learned routes from ISP2 but remember the BGP neighbourships with ISP1 have failed which brings the question why? It can work however with a lot of /32 static routes and OSPFing but again one ISP fails all traffic will go over the other ISP anyway why bother sending the trafffic to the other router... I could be wrong but.. that's my two cents
I should have included this in my original post - which I will edit/update - but the Loopbacks are not for BGP. They are to support a future GRE tunnel.
Ohhhh sorry man I was shooting from the hip there... come to think of it that shouldn't be problem.... more specific always wins but again I could be wrong ;)
If you wish to use addressing from this subnet on the internet rtrs lan interfaces and loopbacks then you'll need to cid'r the loopbacks out of the subnet
The Loopback isn’t addressed from the subnet that the router interfaces are addressed out of. Take a look at the diagram and you will see that the loopbacks would be addressed out of a subnet that is statically routed via the firewall.
That subnet isn’t terminated on the firewall, but rather used by the firewall for NATing.
Apologies must of reviewed incorrectly - If its only used for NAT then yes it should be okay - You'll just need to exclude it