Loopback Interface

Network Administrators deploying devices on a large scale network, including connections to multiple WAN routers, are able to utilize loopback interfaces (and other virtual interfaces not tied to physical connections) as source addresses for device management.

Opengear's Loopback Config CLI interface enables Administrators to create, advertise and reach loopback addresses through which to manage devices using a universal networking segment, ensuring consistent source addresses, and facilitating management services like SNMP, RADIUS, TACACS, Syslog, and SSH. The Opengear loopback interfaces with existing routing protocols (for example, OSPF, BGP) and provides specific configuration control via the Config CLI.

Note:   Loopback interfaces are configured in the Config CLI and cannot be configured via the WebUI in the same way as other physical interfaces or aggregates. However, the status of existing loopback interfaces are shown on the Network Interfaces page of the WebUI. Static connections added to the loopback will also be displayed in the WebUI under the loopback interface.

Loopbacks are created using config shell and ogcli through the physifs endpoint. Created loopbacks can be viewed through the web UI under the Network Interfaces section. You can also use the cli command ip a to see a created loopack interface, if it has been enabled.

Provided that the connecting device has a route to the loopback, it will work with any management service like remote auth or ssh. For example, if you have a loopback address at 1.1.1.1, you can ssh into your device using the command: ssh root@1.1.1.1. A static route to the loopback must first be configured in order for this to work.

Up to 5 loopback interfaces can be created through the physif endpoint, with 5 connections attached to each interface. Service translations can be created through the firewall/service_translation endpoint to change the source address of outbound packets to the loopback address.

Loopback Characteristics

  • Loopback interfaces support both /32 IP addressing for IPv4, and /128 IP addressing for IPv6.

  • Multiple loopback interfaces can be created or deleted, along with their associated addresses. Addresses are individually editable or deletable.

  • Services (e.g., SNMP, RADIUS, TACACS, Syslog, SSH) are reachable via the loopback address. Services must be configurable to use the IP loopback interface/address as the source address. Only tcp or udp packets leaving the device are service translated.

  • Loopback interfaces can be discovered, you may need to configure dynamic route sharing settings to share directly connected routes. Opengear supports ospf routing protocols through config shell or ogcli. For this, you must set the redistribute_connected option to true. For other dynamic routing protocols users must provide the configuration file.

  • Loopback interfaces may be integrated into existing firewall configuration functionality.

  • Loopback interface addresses may be pinged, provided the routes and firewall are configured correctly.

  • Duplicate loopback IP configuration and duplicate IP with other network interfaces are disallowed.

See Create or Configure a Loopback Interface in the Config CLI Guide section of this document for information about creating, configuring or debugging a loopback interface.