Loopback interfaces, 7, “loopback interfaces – Amer Networks E5Web GUI User Manual
Page 178

•
Use Session Key: 1
•
Additional Encapsulation Checksum: Enabled
3.
Define a route in the main routing table which routes all traffic to remote_net_A on the
GRE_to_A GRE interface. This is not necessary if the option Add route for remote network
is enabled in the Advanced tab, since this will add the route automatically.
4.
Create the following rules in the IP rule set that allow traffic to pass through the tunnel:
Name
Action
Src Int
Src Net
Dest Int
Dest Net
Service
To_A
Allow
lan
lannet
GRE_to_A
remote_net_A
all_services
From_A
Allow
GRE_to_A
remote_net_A
lan
lannet
all_services
Checking GRE Tunnel Status
IPsec tunnels have a status of being either up or not up. With GRE tunnels in cOS Core this does
not really apply. The GRE tunnel is up if it exists in the configuration.
However, we can check on the what is going on with a GRE tunnel. For example, if the tunnel is
called gre_interface then we can use the ifstat CLI command:
Device:/> ifstat gre_interface
This will show us what is happening with the tunnel and the ifstat command options can provide
various details.
3.4.7. Loopback Interfaces
A Loopback Interface is an interface that will take all traffic sent through it and send it out through
a second configured loopback interface. Loopback interfaces are consequently always
configured in pairs with each referring to the other.
Suppose that there is a pair of loopback interfaces defined called LB1 and LB2. When traffic is sent
through LB1, it is simultaneously received on LB2 with the transfer occurring within cOS Core.
Similarly, when traffic is sent through LB2, it is received on LB1. This is exactly the same as if the
two interfaces were physical Ethernet interfaces and they were connected together.
Usage with Virtual Routing
Loopback interfaces are usually used with Virtual Routing. With virtual routing, it is possible to
divide up a single Clavister Security Gateway's operations so that it behaves as multiple virtual
security gateways. This is done by having multiple routing tables so that each table handles the
routing for one set of interfaces.
The routing tables and their associated routes can be totally isolated from each other so that
related traffic flows are completely separate. However, if some traffic needs to flow between
interfaces in separate routing tables, a loopback interface pair must be used (also see Section 4.5,
“Virtual Routing”).
Loopback Interface Parameters
The following are the parameters for a loopback interface:
Chapter 3: Fundamentals
178