Whats a loopback?
boekholtj
Member Posts: 5 ■□□□□□□□□□
in CCNA & CCENT
I just passed my CCENT exam. I'm now working towards the CCNA with the ICND2 course. I'm watching some videos and the instructor is using loopback addresses but fails to explain what they are. Can someone explain to me what they are? and more imporantly why they are used.
Thanks!
Thanks!
Comments
-
zrockstar Member Posts: 378Loopbacks are basically virtual interfaces on hardware that serve for testing and protocol stability. Once you get into your ICND2 material you will see how they can influence elections for different protocols. The idea is that since they are virtual they don't go down unless the hardware goes down. You can assign them an address, ping them, etc. Their uses will all make sense very soon for you.
-
MrXpert Member Posts: 586 ■■■□□□□□□□Loopbacks are a good way to simulate end user/host devices. To configure it you can type interface loopback 0 in global config mode and then assign it an IP address. You can create lots of loopback addresses on a router but I normally use logic and have the loopback number match the subnet number.I'm an Xpert at nothing apart from remembering useless information that nobody else cares about.
-
Michael2 Member Posts: 305 ■■■□□□□□□□I normally use logic and have the loopback number match the subnet number.
Isn't that a bad idea from a security standpoint? It's fine for lab work. In a real world scenario, however, it seems like there would be a possibility of someone quietly configuring telnet on the router and then using it to send commands to the other devices on your network. -
networker050184 Mod Posts: 11,962 ModHow would that create any sort of security issue?An expert is a man who has made all the mistakes which can be made.
-
Michael2 Member Posts: 305 ■■■□□□□□□□networker050184 wrote: »How would that create any sort of security issue?
Well, what if there's a fire drill or a bomb threat and everyone evacuates the building, except that one malicious user. He (she) decides to quickly jack in to the router and set up a remote connection which enables the router to be used to reconfigure the network. -
networker050184 Mod Posts: 11,962 ModThat doesn't make any sense. Just because someone knows the logical number of a loopback interface it will not allow them to gain access to the router.An expert is a man who has made all the mistakes which can be made.
-
Michael2 Member Posts: 305 ■■■□□□□□□□Maybe I misunderstood what MrXpert said. I thought he was saying that he configures the loopback router with an ip address that's in the same range as the subnet that it's connected to.
-
networker050184 Mod Posts: 11,962 ModEven if that was the case (not taking the routing issues that would cause into consideration) it would not allow someone to just break in the router. If it did everyone could just break in by knowing their default gateway.An expert is a man who has made all the mistakes which can be made.
-
Michael2 Member Posts: 305 ■■■□□□□□□□No, what I am saying, Networker, is that if the loopback interface were configured to be in the same subnet as the network it was connected to, then it might be possible for someone to physically connect their own laptop to the router and send commands to other devices on the network. I might be wrong about that, I admit. I was waiting for a response from someone who might know what I was talking about.
-
NetworkVeteran Member Posts: 2,338 ■■■■■■■■□□then it might be possible for someone to physically connect their own laptop to the routerand send commands to other devices on the network.
-
networker050184 Mod Posts: 11,962 ModNetworkVeteran wrote: »Similarly, if you added a second number to your house, your locks and alarm system wouldn't break.
Exactly! Knowing the IP of a device does not just allow someone in and give them free range.An expert is a man who has made all the mistakes which can be made. -
boekholtj Member Posts: 5 ■□□□□□□□□□Thanks for the info guys... I understand that its an additional ip address to any interface. I just don't understand the benifit.
-
networker050184 Mod Posts: 11,962 ModThat is not correct. It is not an additional address to an interface. It is a logical interface that an IP address can be assigned to. This logical interface will never go down (as long as the router is up) so the most common use is for management of the device due to stability. All physical interfaces can go up or down but you still want to be able to reach the device as long as one interface is up so you manage the device via the loopback. This is basically the routers address.An expert is a man who has made all the mistakes which can be made.