Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
10640
Views
30
Helpful
7
Replies

What IP address should be assigned to loopback interface

Go to solution
linustsang
Level 1
Level 1

‎02-05-2018 08:54 PM - edited ‎03-05-2019 09:52 AM

Many tutorials are using 1.1.1.1, 2.2.2.2,etc. as the loopback address.

I am confused about what IP address is actually assigned in the real networking environment?

Should it use the IP from ISP or use Private IP?

Can somebody tell me about this?

Thanks in advance!

2 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Richard Burts

‎02-06-2018 01:20 PM - edited ‎02-06-2018 01:30 PM

Rick raises an interesting issue about a loopback using public or private IP.

In Enterprises, a loopback is likely not to be a public IP (at least using IPv4) unless perhaps its an ISP router. To avoid the NAT issue using private IPs from the Internet, if any direct external/Internet access is allowed to the device, you likely can access it using one of its external interfaces that has a public IP.

You can also do this with internal interfaces using private IPs, but you normally use a loopback IP for the reason as then you don't need to "know" whether the interface in question is up.

As a common (?) example of all the forgoing, we have "branch" VPN routers with a public/Internet connected interface, and with private IPs for the loopback and internally attached interface. When the VPN is working, we generally manage/access the device by its internal/private loopback IP. However, if the VPN is down, we can connect to the public IP on the Internet attached interface.

View solution in original post

7 Replies 7

Go to solution
Georg Pauwen
VIP
VIP

‎02-06-2018 12:44 AM

Hello,

 

loopback interfaces (which essentially are virtual interfaces) use the same IP addresses you have mentioned (1.1.1.1/2.2.2.2/etc.) in real, live networks as well.

What is the context of your question, that is, what network do you have configured ?

Go to solution
linustsang
Level 1
Level 1
In response to Georg Pauwen

‎02-06-2018 05:40 AM

Hi Georg Pauwen,

Thanks for your reply.

I am confusing about why they can use the public IP address like 1.1.1.1 as their loopback address.

If it works well in real networking environment,

how can they reach the loopback interface from the external network?

They don't own the IP address. Traffic cannot route to the loopback interface if using 1.1.1.1.

I don't have any config, just the question comes out during my networking learning, and I don't have any hand on experience in live networks.

 

 

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎02-06-2018 07:17 AM

Depends what you're using the loopback for.

Often, it's also used as a L3 device's management IP, so the IP used would need to be routed to. Depending on your routing topology, such an IP might be a private IP or a public IP.

Tutorial example often use 1.1.1.1, 2.2.2.2, etc., basically just to also indicate device 1, device 2, etc.

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Joseph W. Doherty

‎02-06-2018 08:14 AM

The original question was simple and asked about addressing for loopback interfaces. Georg responded correctly that some networks do use addresses such as 1.1.1.1 or 2.2.2.2 for loopback addresses. The followup to the question added an important refinement of can those loopback addresses be accessed from external networks. As Joseph suggests these addresses are frequently used as management interface addresses and as such are intended for only internal access and for that they work. If you want to use those addresses for external access then you would need to use address translation for them to be externally accessible. And if you want the external network to be able to initiate traffic to the loopback interface then the address translation would need to be static translation. So if you want external access to the loopback then it is much better to use private addressing for the loopback.

 

HTH

 

Rick

HTH

Rick

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Richard Burts

‎02-06-2018 01:20 PM - edited ‎02-06-2018 01:30 PM

Rick raises an interesting issue about a loopback using public or private IP.

In Enterprises, a loopback is likely not to be a public IP (at least using IPv4) unless perhaps its an ISP router. To avoid the NAT issue using private IPs from the Internet, if any direct external/Internet access is allowed to the device, you likely can access it using one of its external interfaces that has a public IP.

You can also do this with internal interfaces using private IPs, but you normally use a loopback IP for the reason as then you don't need to "know" whether the interface in question is up.

As a common (?) example of all the forgoing, we have "branch" VPN routers with a public/Internet connected interface, and with private IPs for the loopback and internally attached interface. When the VPN is working, we generally manage/access the device by its internal/private loopback IP. However, if the VPN is down, we can connect to the public IP on the Internet attached interface.

Go to solution
linustsang
Level 1
Level 1
In response to Joseph W. Doherty

‎02-06-2018 10:51 PM

Thanks for your reply, Joseph!
0 Helpful

Go to solution
linustsang
Level 1
Level 1
In response to Richard Burts

‎02-06-2018 10:51 PM

Hi Rick, Thanks for your reply!
0 Helpful
li.common.scroll-to.top