This then leads me to ask, if you were just connecting 2 devices together, would you then only use a /31, and why would you ever want a /30?

I watched a video the other night where someone had 3 routers connected together, the middle one just for linking the other two, they created 2 separate /30 subnets between each outside pair and the middle one, over a serial connection.

What sort of questions would you be asking to decide that sort of setup?

Using /30 is the traditional way of configuring point-to-point-links. And of course it's still possible to configure it that way. But due to the shortness of available IP-addresses, the new option of using /31 was established. If you number your links with private addresses, it's perhaps not that relevant to save addresses, but if you use public address-space, then it's nice not to waste 50% of address-space.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Just to add to Karsten's excellent replies, not even all *modern* devices support the use of /31 masks.  Understandably many consumer devices that I've worked with do not support it, but even some enterprise-class devices do not support the /31 mask.

A bit more advanced, but /32 masks are also used for host-destination routes in protocols like LISP that support IP mobility.

Best regards,

Ed

Thanks, good info to have.

I'm also still a bit unsure of a loopback, I thought I understood the idea and principle, but what use does it actually serve?

In my simple mind I'm just thinking about pinging yourself, but you could do this on any other interface too surely?

I've heard it's "good (routing) practice" to put loopbacks on devices, and I see them being setup on a lot of our kit, but still not sure exactly why.

A loopback interface is a virtual interface, that to the Cisco IOS software appears like any physical interface. Unlike a physical interface, it never goes down and hence has many uses.

I guess I'm looking for some examples of those "many uses".

I currently think, "ok, you may want some software to communicate over tcp/ip and want to be both client and server" - that's literally as far as my understanding goes with loopbacks - talk about naive! 

Loopback typical used for mgmt of network devices and not for servers

Sent from Cisco Technical Support iPad App

/32 for loopback or a host address


For managing the device, you'll access a l2 switch typically via vlan interface. This ip is part of the mgmt vlan. In this case you'll don't have a /32 but rather a /24 or whatever subnet is used for managing devices in a zone. The path between these devices will be l2

Because it's a logical interface it's not dependent on a single interface (if there are at least 2 uplinks)


On layer 3 devices (router, l3 switch in routing mode), we typically use a loopback as an id of the router. Other routers learn this host address via a routing protocol or static route. The path between these router and another router will be l3.

Sent from Cisco Technical Support iPad App

Cheers Davy,

That last bit on other routers learning the other host address confused me a little, could you explain a bit more?

if it's a /32, then it's not on the network is it?  so how could another device learn about it?  or use it in any way?

A /32 ("host") address certainly can be advertised to the network and used by other devices.  For the purposes of routing, it's just like any other network.  Routers learn the path to the /32 address, build the route, and when they receive packets for it, the route it as normal.

From an endpoint view it may be confusing where the /32 address could "live", as you couldn't normally hang a device with a /32 address off an Ethernet switch with other devices (I believe this is not true in the case of LISP, but I cannot remember as I have little experience with it.  Hopefully someone else will chime in for that case.)  But a /32 address certainly could live "inside" a router as a virtual interface just as the others have noted.  In this case it is a connected interface.  So other devices pass the traffic to this router, and this router can process the traffic for the /32.  I'm sure there are other cases I don't know about.

What are some reasons?

-Testing/labbing:  Use of loopback addresses is a great way to increase the number of addresses/networks in your lab set-up.  Look through lab guides and you'll see various loopbacks (typically multiple per router) set up to simulate multiple networks.  These are, of course, advertised throughout the lab network so that large networks can be simulated (in terms of routing tables) with less equipment.

-Router ID:  As already noted, some devices will pull the IP address off an interface to use as a RID for routing protocols.  Many times the router will prefer to pull a loopback IP, because loopback interfaces are always UP and available as long as the router is operating (they don't go down).  This is advantageous because the RID will not change, which could happen with a regular interface address if the interface goes down and the routing process restarts.

-Services/security:  I like to configure a loopback interface and use its address to source my router syslog/AAA/other traffic, because it gives a consistent source address to use for my filters and accept parameters.  If the router could select any physical interface, it may not always select the next one.  Using a loopback, I can tell my RADIUS server to expect connections from a specific IP address.  My syslog entries can be sourced from that IP address.

-Management:  Again, the loopback is always up.  I can assign a loopback, give it a DNS entry, and as long as that loopback is reachable via any of the router's interfaces, I can reach it for management.

Hope that's not too verbose, but just a few ways they can be useful.

Thanks Edwin, just what I needed!  now I just need a lie down 

That's really useful, I always thought loopbacks were completely "private" and for that device ONLY and of no use to anything else on the network - i guess that's just from years of seeing 127.0.0.1 as THE loopback and reserved, etc.

Here is a bit more on the use of loopback address. Let us start with the observation that when a router sends a packet it will normally use the address of the outbound interface as the source address. Now let us think about a router sending management traffic to a server in the core network. (Management traffic includes things like authentication requests, or syslog messages, or telnet requests, or snmp traps, or tftp requests, or a number of things) let us assume that this router has two interfaces that can be used to get to the server. So sometimes the management traffic goes through interface 1 and sometimes through interface 2. If there were two source addresses then to the management server it looks like 2 devices. But we want the management server to know it is a single device. The simple solution is to specify that the source address for this traffic is the loopback interface. Now the traffic can go through interface 1 or interface 2 and it looks the same to the server.

HTH

Rick

Sent from Cisco Technical Support iPad App