Configuring Virtual Loopback and Null Interfaces on the Cisco ASR 9000 Series Router
This module describes the configuration of loopback and null interfaces on the Cisco ASR 9000 Series Aggregation Services Routers.
Loopback and null interfaces are considered virtual interfaces.
A virtual interface represents a logical packet switching entity within the router. Virtual interfaces Interfaces have a global scope and do not have an associated location. Virtual interfaces have instead a globally unique numerical ID after their names. Examples are Loopback 0, Loopback 1Loopback1, and Loopback 99999. The ID is unique per virtual interface type to make the entire name string unique such that you can have both Loopback 0 and Null 0.
Loopback and null interfaces have their control plane presence on the active route switch processor (RSPRP). The configuration and control plane are mirrored onto the standby RSP RP and, in the event of a failoverswitchover, the virtual interfaces move to the ex-standby, which then becomes the newly active RSPRP.
Feature History for Configuring Loopback and Null Interfaces on Cisco IOS XR Software
You must be in a user group associated with a task group that includes the proper task IDs. The command reference guides include the task IDs required for each command. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
Information About Configuring Virtual Interfaces
To configure virtual interfaces, you must understand the following concepts:
A virtual loopback interface is a virtual interface with a single endpoint that is always up. Any packet transmitted over a virtual loopback interface is immediately received by the selfsame interface. Loopback interfaces emulate a physical interface.
In Cisco IOS XR software,,virtual loopback interfaces perform the following functions:
Loopback loopback interfaces can act as a termination address for routing protocol sessions. This allows routing protocol sessions to stay up even if the outbound interface is down.
You you can ping the loopback interface to verify that the router IP stack is working properly.
In applications where other routers or access servers attempt to reach a virtual loopback interface, you must configure a routing protocol to distribute the subnet assigned to the loopback address.
Packets routed to the loopback interface are rerouted back to the router or access server and processed locally. IP packets routed out the loopback interface but not destined to the loopback interface are dropped. Under these two conditions, the loopback interface can behave like a null interface.
Null Interface Overview
A null interface functions similarly to the null devices available on most operating systems. This interface is always up and can never forward or receive traffic; encapsulation always fails. The null interface provides an alternative method of filtering traffic. You can avoid the overhead involved with using access lists by directing undesired network traffic to the null interface.
The only interface configuration command that you can specify for the null interface is the ipv4 unreachables command. With the ipv4 unreachables command, if the software receives a nonbroadcast packet destined for itself that uses a protocol it does not recognize, it sends an Internet Control Message Protocol (ICMP) protocol unreachable message to the source. If the software receives a datagram that it cannot deliver to its ultimate destination because it knows of no route to the destination address, it replies to the originator of that datagram with an ICMP host unreachable message.
The Null 0 Null0 interface is created by default on the RSP RP during boot and cannot be removed. The ipv4 unreachables command can be configured for this interface, but most configuration is unnecessary because this interface just discards all the packets sent to it.
The Null 0 Null0 interface can be displayed with the show interfaces null0 command.
Virtual Management Interface Overview
Configuring an IPv4 virtual address enables you to access the router from a single virtual address with a management network without prior knowledge of which RSP RP is active. An IPv4 virtual address persists across route switch processor (RSPRP) failover switchover situations. For this to happen, the virtual IPv4 address must share a common IPv4 subnet with a management Ethernet interface on both RPs.
On a Cisco ASR 9000 Series Router Cisco XR 12000 Series RouterCisco CRS-1 Router where each RSP RP has multiple management Ethernet interfaces, the virtual IPv4 address maps to the management Ethernet interface on the active RSP RP that shares the same IP subnet.
Active and Standby RPs and Virtual Interface Configuration
The standby RSP RP is available and in a state in which it can take over the work from the active RSP RP should that prove necessary. Conditions that necessitate the standby RSP RP to become the active RSP RP and assume the active RSPRP’s duties include:
Failure detection by a watchdog
Administrative command to take over
Removal of the active RSP RP from the chassis
If a second RSP RP is not present in the chassis while the first is in operation, a second RSP RP may be inserted and automatically becomes the standby RSPRP. The standby RSP RP may also be removed from the chassis with no effect on the system other than loss of RSP RP redundancy.
After failoverswitchover, the virtual interfaces all are present on the standby (now active) RSPRP. Their state and configuration are unchanged and there has been no loss of forwarding (in the case of tunnels) over the interfaces during the failoverswitchover. The routers use nonstop forwarding (NSF) over bundles and tunnels through the failover switchover of the host RSPRP.
Note The user need not configure anything to guarantee that the standby interface configurations are maintained.
Note Protocol configuration such as tacacs source-interface, snmp-server trap-source, ntp source, logging source-interface do not use the virtual management IP address as their source by default. Use the ipv4 virtual address use-as-src-addr command to ensure that the protocol uses the virtual IPv4 address as its source address. Alternatively, you can also configure a loopback address with the designated or desired IPv4 address and set that as the source for protocols such as TACACS+ using the tacacs source-interface command.
This task explains how to configure a basic loopback interface.
The IP address of a loopback interface must be unique across all routers on the network. It must not be used by another interface on the router, and it must not be used by an interface on any other router on the network.
No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.
The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.