Ip unnumbered loopback0

Discussion in 'Cisco' started by AM, Sep 12, 2005.

  1. AM

    AM Guest

    As only sometime there are devices connected to Ethernet0 of my router, that interface is often down. I have a VPN built
    using LAN behind router but I can not use any service available on the router using that interface. So I can not
    connect through the tunnel to the router or use SNMP over the tunnel.

    I specified loopback0 with the address of the Etrhernet and I gave the command "ip unnumbered loopback0" to the ethernet.
    This was the response

    Point-to-point (non-multi-access) interfaces only

    and I can not see the above statement in the ethernet 0 section.

    Is it correct? Will NAT process work correctly for workstation behind the router?

    Thanks,

    Alex.
     
    AM, Sep 12, 2005
    #1
    1. Advertisements

  2. AM

    Cen Guest

    ip unnumbered command can only be used for point to point link (e.g.
    serial)
    Ethernet is NOT one of them, as it is a multiaccess media therefore it
    cannot borrow the address from loopback
     
    Cen, Sep 12, 2005
    #2
    1. Advertisements

  3. AM

    AM Guest

    So how to have ethernet0's address available even if Ethernet0 is down? Or there are no possibilities to do that?

    Alex.
     
    AM, Sep 13, 2005
    #3
  4. AM

    Nick Ersdown Guest

    You could try using 'no keepalive' under the E0 interface. The interface
    will always stay up even if the cable is disconnected.

    Regards,

    Nick Ersdown
    Your real-time, not too serious, view of the latest global IT security
    issues.
    www.ar53.com
     
    Nick Ersdown, Sep 13, 2005
    #4
  5. Except then any other devices on the Ethernet will be unable to
    reach the router using the E0 IP address because for them it is
    still local. Ditto for any devices which reach that Ethernet to
    get to the router via any other routers on that Ethernet.

    A far better solution for network management is to configure the
    services which must remain up to use the Loopback IP address so that
    it can be reached as long as any path remains to the router. For
    local devices which are too dumb to use a default gateway to get
    to the service, proxy ARP is your friend.

    Good luck and have fun!
     
    Vincent C Jones, Sep 13, 2005
    #5
  6. AM

    AM Guest

    I must add one more subnet for each VPN tunnel I built :(

    Alex.
     
    AM, Sep 13, 2005
    #6
  7. AM

    AM Guest

    This tip doesn't work

    Alex.
     
    AM, Sep 13, 2005
    #7
  8. :Vincent C Jones wrote:
    :> Except then any other devices on the Ethernet will be unable to
    :> reach the router using the E0 IP address because for them it is
    :> still local. Ditto for any devices which reach that Ethernet to
    :> get to the router via any other routers on that Ethernet.

    :I must add one more subnet for each VPN tunnel I built :(

    By "tunnel" do you mean "peer" or "security association" ?

    All the security associations going to a given peer could be routed
    through a common IP address, the route to which being was what was
    varying.
     
    Walter Roberson, Sep 13, 2005
    #8
  9. AM

    AM Guest

    IPsec SA, that where I specify which traffic coming from and going to must be encrypted. I must add also traffic coming
    from my LAN to the loopback interface. And I have 30... humpf... Just to standardize all connections, otherwise I need
    only one chabge.

    Alex.
     
    AM, Sep 13, 2005
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.