Loopback address?
-
how would you do a loopback address this on pfsense?
on a cisco, you simply "int loopback0" and that can be assigned to an interface with "ip unnumbered loopback0"
any ideas? -
By default there is a loopback address setup. The address is 127.0.0.1, and the if name is lo0. Do you need something other than that? If so, what are you trying to accomplish?
-
hi,
this is to connect to an MPLS network.
The MPLS network provider has given us a loopback address as we are connecting via ADSL on some of our routers eg 191.168.100.1/32I'm comparing this to Cisco so bear with me.
If you try and place a /32 on a cisco ADSL interface, it comes back with "bad subnet"
But you can enter a loopback address and assign it to that interface by using "int loopback0 192.168.100.1 255.255.255.255" and then use "ip unnumbered loopback0" for that interface.
Now, the above is different (on a cisco) to setting the ADSL interface to static (as the cisco won't allow it) but in effect, the ADSL interface has borrowed an ip address from the loopback address.
Also, cisco recommend this as loopback interfaces do not go down unless the whole router goes down.Now, I haven't tried pfsense on an MPLS network but I guess it would probably be as simple as entering the loopback address as the static ip on the interface and then using OpenBGP
-
Hmm, this is an interesting thread. I probably can't help you unfortunately but getting this message in I'll follow your progress.
It's easy enough to create a second loopback address in FreeBSD:
@http://lists.freebsd.org/pipermail/freebsd-questions/2004-May/047886.html:ifconfig lo1 create
ifconfig lo1 inet a.b.c.d netmask x.x.x.x
However I'm not sure if that will help you and that wouldn't be integrated with pfSense so it won't survive a reboot (though you could probably add it via shellcmd). It might help you experiment though.
Steve
-
I think this should be raised as a feature request: allow the creation and control over loopback interfaces. People DO need this.
To the OP: as suggested above, install the shellcmd package (if your platform allows package installation) and add the necessary "ifconfig lo1 create; ifconfig lo0 up inet a.b.c.d 255.255.255.255" into early start commands. This has been mentioned in this forum before. Or make it an alias (secondary IP) for lo0. Some GUI functions don't support loopbacks (say GRE tunnels - you can't specify a loopback-based source of the tunnel), but you're OK using them in bgpd configs, etc.
As to what loopback interfaces are: they are software-driven interfaces (i.e. not bound to any NIC) which unless shutdown, are permanently in the "up" state. From a routing point of view this is important because a route to a loopback IP address will therefore always be active in the routing table. Loopbacks are commonly used as traffic sources and destinations - software can listen on a loopback interface (like it does on 127.0.0.1). Most non-trivial routing protocol and NAT setups need loopback addresses for, well, many things, pretty much any network engineer will tell you that. Router / cluster IDs, iBGP peering backed by an IGP such as OSPF, PIM RPs, MSDP peering, tunnel sources and destinations, NAT sources, VRF targets / identifiers… the uses are a plenty. You can do a lot of these things without loopbacks but that requires you to implement kludges and hacks. Obviously the 127.0.0.1 IP address cannot be used for any of this, first of all because it's a host local loopback address - the whole 127.0.0.0/8 range is reserved for local loopback - you cannot use it for routing and as traffic source / destinations between hosts. So it's not just about having a loopback interface but strictly about being able to set the desired IP address to it.
-
Here's what I finally did on my setup: I created a subinterface (VLAN interface) with a "random" VLAN ID on one of my physical interfaces and assigned a /32 to it. It can basically be used the same way as a loopback can, but the benefit is that you can assign it and use it in menu selections such as GRE tunnel source in my case.