Wednesday, May 16, 2012

Advantages of Loopback Interfaces on Routers


It is very easy to create and use loopback interfaces on routers and they can provide many advantages to the network engineers who utilize them.

First let me define what a loopback interface is.  A loopback is a logical virtual interface created on a router that emulates a real interface.  Once assigned an IP address and that IP or Subnet is advertised on the network, one has an always up interface that is reachable as long as the route to that IP is available in the IP routing table.

So here is an example configuration of a loopback interface and address assignment on a Cisco Router running IOS called R1:

R1(config)#interface loopback 0
R1(config-if)#ip address 10.10.10.10 255.255.255.255
R1(config-if)#end

So what advantage does having this loopback address give you?
Routing protocols such as OSPF or BGP can utilize the loopback address as the Router ID or RID.  A network engineer can assign RIDs that are easily identifiable.  These RIDs are advertised to the routers peers or neighbors establishing adjacency.
(Note: RID do not have to be a loopback, and can be assigned automatically by the protocol via an interface IP address, or you can specify a 32 byte address under the protocol, but there are advantages to making it a loopback address.)

Continuing on from the example above, R1 is connected to R2 on interface FastEthernet0/0 via a /30 subnet.  R2 will be configured with a loopback address of 20.20.20.20/32. 
Although the OSPF routing protocols will automatically assign a configured loopback address, to follow best practices we will specify the loopback as the RID and advertise it as a reachable network via that router.  The following example is for OSPF:

R1(config)#router ospf 1
R1(config-router)#router-id 10.10.10.10
R1(config-router)#network 10.10.10.10 0.0.0.0 area 0

When R1 and R2 establish a neighbor relationship via OSPF the 10.10.10.10/32 network will be reachable as it is now advertised by R1.  But lets take a look at the OSPF neighbor relationship on R2:

R2#show ip ospf neighbor
Neighbor ID     Pri   State           Dead Time   Address         Interface
10.10.10.10       1   FULL/DR         00:00:37    10.1.1.1        FastEthernet0/0

The RID is the Neighbor ID.  This is very advantageous to those who maintain the network because now we can design the loopback addressing schema to allow us to quickly identify what routers are peered.  And now from R2 the loopback address of 10.10.10.10 is reachable.

R2#ping 10.10.10.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/26/40 ms

This is an easy way to test if your router is reachable even if multiple interfaces to it may be down.  As long as the router has IP connectivity and able to advertise its routes to the rest of the network it will be reachable via the network via the loopback address.  No guessing which interfaces are up and which ones are down.

In the following BGP example, the iBGP neighbor peering can be specified via the neighbors loopback address.  (Note:  To implement this for eBGP, BGP multi-hop would need to be implemented because eBGP has a TTL of 1, where iBGP has a TTL of 254.)   BGP's neighbor table looks like this between iBGP peers.

R2#sh ip bgp summary
BGP router identifier 20.20.20.20, local AS number 65000
BGP table version is 1, main routing table version 1
Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.10.10.10     4 65000       4       4        1    0    0 00:00:34        0

Because BGP peerings are established over TCP port 179 these routers could have many router hops in between them and they do not have to be directly connected. By utilizing the 'update source interface' command you can specify that the TCP connection with the peer router be established using the address on the router's local loopback interface thus utilizing the routers IGP to route to the destination router you are trying to peer with.

Loopback addresses have other advantages with their 'always up' nature.  They can be used for DNS entries by associating the loopback IP address to an assigned hostname, thereby making the router always reachable via its DNS name as long as the router has IP connectivity.  TACACS+ or RADIUS can use the loopback address as a source for AAA functions and thereby reducing the administration overhead of having to add every IP address of the router to the AAA server to ensure functionality should an interface fail .  NMS products can easily add routers via the loopback addresses and it eliminates the guess work as to what IP address the router should be added with.   Point to point serial interfaces can utilize the 'ip unnumbered interface' command to assign the IP of the loopback to multiple serial interfaces.

Loopback addressing becomes even more important in large fully meshed or route-reflector BGP environments where many routers will have multiple peering with many other BGP speaking routers, and many IGPs can be running in the background.   Adding and troubleshooting other services like LDP for MPLS, or building MPLS L2 Pseudo-wire crossconnects, all running over MP-BGP, loopback addressing becomes extremely important to easily identify the peer routers to deliver the services in large ISP environments.

I hope this gives you some ideas about the advantages of loopback interfaces and ways to implement them in your environment.  I am sure there are many other useful ways to utilize loopback interfaces.  Please feel free to provide any additional benefits that you have found in your networks.

7 comments:

  1. I am a constant reader of blogs. I have read this whole blog and it is an amazing blog for developers who are dealing daily with the new challenges and tasks.
    Thank You for sharing such a valuable, informative and useful thoughts for users in your blog. app development company in bhopal
    Top It companies in Bhopal
    Companies in MPNagar Bhopal

    ReplyDelete
  2. Unfortunately for devices with the Android operating system Router Help, the clearly shown password retrieval options were not offered to ordinary users, at least as easily as the windows operating system.

    ReplyDelete