Description
This article describes how to advertise a loopback interface network into OSPF:
In certain cases, there may be 'pools' of addresses in use for VPNs, NAT, or similar purposes that are not tied to existing interfaces. To make these address pools accessible, they are assigned to the Loopback interface. However, it is important to note that in OSPF routing, Loopback interfaces are treated as stub networks and are advertised as host routes with a /32 subnet mask, regardless of their actual configured or native subnet mask. This behavior is specified in RFC 2328.
Scope
FortiGate.
Solution
Problem.
Router 1:
config router ospf
set router-id 10.115.2.126
config area
edit 0.0.0.0
next
end
config ospf-interface
edit "port3"
set interface "port3"
next
end
config network
edit 1
set prefix 10.115.2.126 255.255.255.255
next
end
end
Router 2:
config router ospf
set router-id 10.115.2.79
config area
edit 0.0.0.0
next
end
config ospf-interface
edit "port3"
set interface "port3"
next
end
config network
edit 1
set prefix 10.115.2.79 255.255.255.255
next
edit 2
set prefix 10.26.20.0 255.255.255.0
next
end
end
config system interface
edit "loopback"
set vdom "root"
set ip 10.26.20.13 255.255.255.0
set allowaccess ping
set type loopback
set snmp-index 12
next
end
Results.
Router 1:
get router info routing-table ospf
Routing table for VRF=0
O 10.26.20.13/32 [110/101] via 10.115.2.79, port3, 00:10:10
Solution.
Configure a 'OSPF-interface' for the loopback interface, and change the network type to 'point-to-point'.
Router 2:
config router ospf
config ospf-interface
edit "Loopback"
set interface "loopback"
set network-type point-to-point
next
end
end
Results.
Router 1:
get router info routing-table ospf
Routing table for VRF=0
O E2 10.26.20.0/24 [110/10] via 10.115.2.79, port3, 00:00:13
O E2 10.47.12.0/22 [110/10] via 10.115.2.79, port3, 00:00:13
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.