beautypg.com

A simple network with loopback interfaces – Amer Networks E5Web GUI User Manual

Page 180

background image

It can be useful to outline the steps required to make use of loopback interfaces in the simplest
possible example.

Figure 3.2. A Simple Network with Loopback Interfaces

Consider a single Clavister Security Gateway like the one above that has one protected local
network called LAN1. The route to this network is contained in a single routing table called RT1
which is isolated from all other routing tables with its Ordering parameter set to Only.

The security gateway is also connected to the Internet but the all-nets route to the Internet is in a
totally separate and similarly isolated routing table called RT2. In this situation there is no way for
clients on LAN1 to reach the Internet since there is no all-nets route in RT1.

For LAN1 clients to have access to the Internet, loopback interfaces must be used and the setup
process can be summarized into three parts:

Define a loopback interface pair with membership in different routing tables.

Define routes which route traffic to the loopback interfaces.

Define IP rules which allow traffic to flow to and from the loopback interfaces.

A more detailed description of these steps is as follows:

1.

Create a pair of loopback interfaces called LB1 and LB2, each has the other as its Loop to
parameter. Also define LB1 as a member of routing table RT1 and LB2 as a member of RT2.

2.

Two configuration additions are now needed:

i.

Define a route in RT1 that routes all-nets traffic (traffic to the Internet) to the loopback
interface LB1.

ii.

Define an IP rule which allows Internet traffic to flow from LAN1 to LB1.

3.

The Internet traffic that is sent through loopback interface LB1 now automatically arrives at
its partner LB2. Because LB2 is a member of the routing table RT2 that contains the all-nets
route, it can be successfully routed to the Internet.

However, two additions are still needed:

i.

An IP rule needs to be defined which allows traffic to flow from LB2 to the Internet. This
could be in the same IP rule set as the previous rule and will probably be a NAT rule
which makes use of a single external IP address.

ii.

A route needs to be defined which routes LAN1 traffic on the LB2 interface. This is
needed for traffic returning from the Internet.

The relationship of loopback interfaces with the routing tables and networks in this example are

Chapter 3: Fundamentals

180

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: