Can I define the loopback interface to be of the same network as the other ethernet interface on the same device. Is there any issue with that ?

Could you also please explain the use of interface null0. I couldn't completely understand from cisco.com materials.

Thanks.

"Can I define the loopback interface to be of the same network as the other ethernet interface on the same device. Is there any issue with that ?"

No because the switch/router will come back with an error about an overlapping subnet address.

Null0 is used for a number of things. Basically if a route points to Null0 any packets that match that route will be sent to Null0 ie. not forwarded.

Is there anything in particular you are thinking of in terms of Null0 usage.

Jon

With regards to loopback, I would like to maintain single subnet throughout the network i.e. for management purpose. But it doesn't seem possible due to presence different routing devices in the path. I don't think all the loopback interfaces can be part of the same subnet if they are spread around. Which means that just for the different loopback networks, I will have to advertise/define routes for loopback throughout the network. What is an ideal way of using loopback for management/syslog purpose.

I was trying to use Null0 as security/performance best practice. I believe in presence of a default route, null interface has no benefit. Please suggest.

You can create a subnet specifically for loopback IP addresses, and use a 32 bit mask on each device and advertise the whole loopback address space in your routing protocol. you can also source things such as syslog, telnet, NTP..etc from your loopback interface.

What I think you are talking about using null0 for your default route which will drop all the packets whose destination address couldn't find any match with any of the routes in the routing table.

HTH,

Mark

P.S. Sorry Jon for the cross posting.

"You can create a subnet specifically for loopback IP addresses, and use a 32 bit mask on each device and advertise the whole loopback address space in your routing protocol. "

Can you please give me an example of this. In my topology, there is Cat6500 which has vlans outside and inside FWSM. Also, there are switches and routers outside as well as inside the FWSM. I would like to use loopback on all the routers and switches. Do you mean for every loopback address /32, an additional entry would have to go into the routing tables across the path.

It depends on where you are routing from and to. So lets say you had a data centre with multiple devices and you accessed these devices from a remote site then you could advertise out just the /24 loopback address subnet from your DC.

But if you are in the same building or campus then advertising the subnet may not work and you may indeed to advertise each loopback as a /32.

You need to fit this to your topology. For example the last place i worked we have 100's of sites and each of the larger sites and it's satellites were allocated /24's for management and then these were advertised across the WAN to our other sites.

Jon

In my case, I will be accessing all the devices within a single site from behind FWSM. So what I understand from your suggestion is that I will have to use /32 advertisement. Would it make any difference if I were to use static routes for /32.

You could advertise either the individual loopback IPs or the subnet all together depending how widespread you want the IPs to go.

I found a good link should help you understand further.

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008010e9ca.shtml#topic6

You could also use different subnets to segment the different areas of your network.

HTH,

Mark

Is it better to use routing protocol for loopback interface for management puropose or should static routes be good. If it is routing protocol which one is advisable. Currently, we have single topology and no routing protocol is used at the moment.

Also, in case of default route is interface Null0 required.

Hello Cisco_lite,

a routing protocol is a better choice otherwise the number of static routes can become difficult to manage.

You can use EIGRP that provides support for classless routing.

to be noted the routing protocol can also provide a dynamic default route to all devices.

in this case a floating static route to null0 is needed only on the device that generates the defualt route in EIGRP

Hope to help

Giuseppe

It really depends on your current configuration/topology. A routing protocol generally is much easier to configure especially in a decent sized network.

Once again recommending a routing protocol really depends on the network and/or topology. I like to use EIGRP when I can (requires a Cisco only network), and OSPF is also good for a multivendor network.

If you don't mind configuring static routes for your management traffic then that will work just fine too.

HTH,

Mark

The loopback must be on a different network than your regular address space. You can take a private class C address space and create a /32 address on each one of your devices.

interface loopback0

ip address 192.168.1.1 255.255.255.255

interface Null0 is often called the "bit bucket" as that's what it does is drops the packets. There are many uses suck as "black holing" or for loop prevention.

http://www.cisco.com/en/US/tech/tk364/technologies_tech_note09186a00801c9a6e.shtml

HTH,

Mark