Switch Loopback Address – Scope and Usage

loopbackswitch

Let me know if I am misunderstanding. To me, the loopback from a switch is different from the PC ones.
they are both attached to a virtual interface, but for the PC, only it can access it's loopback. For the switch, I've heard we can set a loopback address (W.X.Y.Z/32) and use it to configure the switch without any fear of loosing access to it misconfiguring something.

I don't understand how we can use this address to connect to the switch from somewhere else in the network. Isn't the switch the only one aware of this address ? if not, how is this address joinable?

Best Answer

I've heard we can set a loopback address (W.X.Y.Z/32) and use it to configure the switch without any fear of loosing access to it misconfiguring something.

Layer 2 switch

A switch generally has a management IP address, which is linked to a virtual interface that can be bridged to any vlan for example, so you can choose in which VLAN the switch management is accessible.

This is not necessarily a loopback interface.

Note : some layer 2 switches can have several management IP addresses in different VLAN while other can only be configured with a single management address.

Layer 3 Switch / Routers
Now a layer 3 switch combine the functions of a router and a switch.

A router, by nature, is attached to several networks, and has several IP addresses, one for each network it act as a router for (as a minimum).

Let's say you have a router with:

  • interface Ethernet1, IP : 192.168.1.254/24
  • interface Ethernet2, IP : 192.168.2.254/24

To administer the router, you could use 192.168.1.254/24 and so you configure your management station(s), your firewall rules, your monitoring system, etc... with this address.

If for whatever reason the interface Ethernet1 is down or unreachable, you loose your ability to administer the device, despite the fact that it is still reachable on the 192.168.2.254 address. To avoid this you could allow management on both addresses. This is more hassle, not very convenient, and it does not scale well. What if your router has 20 interfaces?

Now, if you have a loopback interface with IP 172.16.0.1/32 address, you use this address to manage the device.
This interface is always up, and will be reachable by whichever physical interface is up (depending on your security rules of course), so if you loose any interface you can still manage your router.

Isn't the switch the only one aware of this address ? if not, how is this address joinable?

If you don't configure anything else, yes actually only the router is aware of its loopback address. You have indeed to inform other routers about this address. You do so with the help of routing protocol, like OSPF, EIGRP or iBGP.

The loopback address is announced to the other routers on several interfaces so the other routers always know how they can reach it.

Related Topic