Loopback Interface
The loopback interface is virtual and serves as a backup SSH connection for all ports on the network device.
It also allows for identifying the next router in a multi-area OSPF routing protocol.
In an interconnected network, the loopback interface provides a backup route to reach the desired device.
This interface acts as a VLAN, forming a network separate from other known networks on the router.
Create the loopback interface
Router(config)# interface loopback 0A notification indicates that the loopback interface is now UP:
Terminal %LINK-5-CHANGED: Interface Loopback0, changed state to up%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to upAssign addresses
Router(config-if)# ip address 1.1.1.1ip address 2.2.2.2Configure routing
Since this is a separate network, configure routing on both devices (static in this example):
Router(config)# ip route 2.2.2.0 255.255.255.0 192.168.1.2ip route 1.1.1.0 255.255.255.0 192.168.1.1Test with ping
Router# Router1# ping 2.2.2.2
Static Routing
To communicate with another network (i.e., with a different addressing scheme), establish a route between the routers:
ip route 10.10.10.0 255.255.255.0 172.16.1.1Destination network with subnet mask | Next-hop (next node)
192.168.1.0 255.255.255.0 | 172.16.1.1
Next-hop represents the path for packet forwarding.
Similarly, configure a route for the second router in the opposite direction.
ip route 192.168.1.0 255.255.255.0 172.16.1.2To reach the 192.168.1.0 255.255.255.0 network, go through 172.16.1.2.
The Router#show ip route command displays known routes, including all active routing protocols and shared networks.
show ip routeCodes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area, N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2, E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area, * - candidate default, U - per-user static route, o - ODR, P - periodic downloaded static route
C 192.168.1.0/24 is directly connected, FastEthernet0/0S 10.10.10.0/24 [1/0] via 172.16.1.1S for static routes.
Tip (Static Route)
There is also a default static route
0.0.0.0 0.0.0.0 IP_NEXT_HOPE
Any unknown networks will be forwarded to Next-Hope.
⚡ Dynamic Routing
RIPv2
RIPv2 is an example of a dynamic distance-vector routing protocol.
It enables multiple routers to communicate and announce the networks they know.
Routers update their routing tables (every 30 seconds) based on RIP requests they receive.
Note
RIPv2 takes into account cost as a metric.
”How many hops will it take to reach my target?”
This is the question the router evaluates.
Tip
It will choose the route with the lowest cost.
When discussing cost, the same principle applies to other routing protocols.
Tip (Best Practice)
Set interfaces not pointing to another router as passive.
This limits RIP v2 traffic to networks between routers, reducing network load and attack surface.
Configure RIP mode
R1(config)# R1(config)#router ripSwitch to version 2
R1(config)# R1(config)#version 2Specify networks
R1(config-router)# R1(config-router)#network 10.10.10.0R1(config-router)#network 172.16.0.0Set passive interfaces
The g0/0/0 interface on router 1 does not point to a router.
R1(config-router)# R1(config-router)#passive-interface g0/0/0
Tip
Follow the same steps for router 2 (adjust the networks that the router announces accordingly).
RIPv2 Command Summary
Copy and paste these lines (adjust your configuration) directly into your terminal:
conf trouter ripversion 2network 10.10.10.0network 172.16.1.0passive-interface g0/0/0OSPF
OSPF is an example of a link-state routing protocol.
It organizes routers into “areas” for its configuration.
Note
The BGP routing protocol collects routing tables from all dynamic routing protocols. It is used by internet service providers.
Note
All routers within an OSPF area must have the same area ID to become OSPF neighbors.
Four key elements for a minimal OSPF configuration:
OSPF Process ID
Router(config)# router ospf 1Router ID
Router(config-router)# router-id 1.1.1.1Passive interfaces
Router(config-router)# passive-interface g0/0/0Networks and areas
1 network per router interface, including sub-interfaces.
Warning
It’s essential to announce networks using their network address and wildcard mask (inverse mask).
| CIDR | Mask | Wildcard Mask |
|---|---|---|
| /32 | 255.255.255.255 | 0.0.0.0 |
| /31 | 255.255.255.254 | 0.0.0.1 |
| /30 | 255.255.255.252 | 0.0.0.3 |
| /29 | 255.255.255.248 | 0.0.0.7 |
| /28 | 255.255.255.240 | 0.0.0.15 |
| /27 | 255.255.255.224 | 0.0.0.31 |
| /26 | 255.255.255.192 | 0.0.0.63 |
| /25 | 255.255.255.128 | 0.0.0.127 |
| /24 | 255.255.255.0 | 0.0.0.255 |
| /23 | 255.255.254.0 | 0.0.1.255 |
| /22 | 255.255.252.0 | 0.0.3.255 |
| /21 | 255.255.248.0 | 0.0.7.255 |
| /20 | 255.255.240.0 | 0.0.15.255 |
| /19 | 255.255.224.0 | 0.0.31.255 |
| /18 | 255.255.192.0 | 0.0.63.255 |
| /17 | 255.255.128.0 | 0.0.127.255 |
| /16 | 255.255.0.0 | 0.0.255.255 |
| /15 | 255.254.0.0 | 0.1.255.255 |
| /14 | 255.252.0.0 | 0.0.3.255 |
| /13 | 255.248.0.0 | 0.7.255.255 |
| /12 | 255.240.0.0 | 0.0.15.255 |
| /11 | 255.224.0.0 | 0.0.31.255 |
| /10 | 255.192.0.0 | 0.0.63.255 |
| /9 | 255.128.0.0 | 0.0.127.255 |
| /8 | 255.0.0.0 | 0.0.255.255 |
| /7 | 254.0.0.0 | 1.255.255.255 |
| /6 | 252.0.0.0 | 3.255.255.255 |
| /5 | 248.0.0.0 | 7.255.255.255 |
| /4 | 240.0.0.0 | 15.255.255.255 |
| /3 | 224.0.0.0 | 31.255.255.255 |
| /2 | 192.0.0.0 | 63.255.255.255 |
| /1 | 128.0.0.0 | 127.255.255.255 |
| /0 | 0.0.0.0 | 255.255.255.255 |
network 192.168.1.0 0.0.0.255 area 0network 10.20.30.40 0.0.0.3 area 0192.168.1.0/24 is the LAN network.
10.20.30.40/30 is the point-to-point network between the two routers.
View OSPF neighbors with the command:
show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface192.168.1.0 1 2WAY/DROTHER 00:00:32 192.168.1.0 GigabitEthernet0/110.20.30.40 1 2WAY/DROTHER 00:00:32 10.20.30.40 GigabitEthernet0/2- Set route cost manually (in units of 1):
auto-cost reference-bandwidth 1000OSPF Command Summary
Copy and paste these lines (adjust your configuration) directly into your terminal:
conf trouter ospfrouter-id 1.1.1.1network 192.168.1.0 0.0.0.255 area 0network 10.20.30.40 0.0.0.3 area 0The example above shows the configuration for a router with one leg in a LAN and another in the /30 network pointing to the next router.
Tip
To limit routing table exchanges to necessary interfaces, it’s recommended (for network optimization and security) to set LAN interfaces to passive mode so they don’t listen to routing traffic.
passive-interface g0/0/0Multi-area OSPF
Note
Coming soon…
Dynamic NAT
Configure LAN interfaces
Router(config)# int g0/0/0ip nat insideConfigure WAN interfaces
Router(config)# int g0/0/1ip nat outsideConfigure ACL
Router(config)# access-list 1 permit 192.168.0.0 0.0.0.2550.0.0.255is the wildcard mask.Configure IP pool (WAN)
Router(config)# ip nat pool MY_POOL 10.10.10.1 10.10.10.1 netmask 255.255.255.010.10.10.0corresponds to the WAN network10.10.10.1to10.10.10.xdefines an IP address range- If there is only one interface:
10.10.10.110.10.10.1
Link ACL to address pool
Router(config)# ip nat inside source list 1 pool MON_POOL overloadOR
ip nat inside source list 1 interface g0/0/1 overload