Document toolboxDocument toolbox

Configuring IP Addresses on the Loopback Interface

Owned by Panna .
Last updated: Mar 16, 2023 by Shwetha S
5 min read

The loopback interface is a virtual network interface on the appliance. You can do the following on the loopback interface:

  • Configure IP addresses to consolidate DNS servers for migration purposes. For information, see Configuring IP Addresses.

  • Add anycast addresses to improve the reliability and performance of DNS services in multiple locations. For information, see About Anycast Addressing for DNS.

  • Separate DNS traffic by assigning an IP address as the source port for DNS queries. For information, see Specifying Source Ports.

When you use the loopback interface for anycast addressing, the upstream and neighboring routers can continue to advertise anycast addresses without being affected by hardware malfunctions. To configure non-anycast addresses on the loopback interface, complete the following:

  1. Add IP addresses to the loopback interface. For information, see Configuring IP Addresses.

  2. Enable DNS services on the loopback addresses. For information, see Specifying Port Settings for DNS and its subtopic, Specifying Source Ports.

To configure DNS anycast addresses and their advertising protocols, complete the following:

  1. Add anycast addresses to the loopback interface. For information, see Configuring Anycast Addresses.

  2. Configure anycast addressing protocols. For information about Configuring OSPF on the NIOS Appliance and Configuring BGP in the NIOS Appliance, see IP Routing Options. This is the primary application for routing protocols in the NIOS appliance.

  3. Enable the DNS anycast addresses. For information, see Specifying Port Settings for DNS and its subtopic, Specifying Source Ports.

To separate DNS queries from DNS transfers and notify messages, complete the following:

  1. Add an IP address of the source port for DNS queries. For information, see Configuring IP Addresses.

  2. Select the source IP for DNS queries. For information, see Specifying Source Ports.

Configuring IP Addresses

You can configure IP addresses on the loopback interface to minimize service downtime during a server migration. As illustrated in the following figure 24.1, you have two existing DNS servers (ns1.corpxyz.com 192.204.18.11 and ns2.corpxyz.com 192.204.18.12) and you want to replace these servers with a new one (ns3.corpxyz.com 192.204.18.88). The migration takes a few weeks and you want DNS services to be available on all three addresses during the migration. You can add all three IP addresses to the loopback interface of a NIOS appliance, and then configure the appliance to provide DNS services on all addresses. After the server migration, you can shut down the old servers and use the new one for services.

Figure 24.1 DNS Server Migration Using the Loopback Interface




You can also add an IP address that is used solely for DNS queries, to separate the DNS traffic. You first add an IP address you want to use for DNS queries on the loopback interface. You then configure the appliance to listen for DNS queries solely on this address. For information, see Specifying Source Ports.
When you configure non-anycast addresses on the loopback interface, ensure that you establish a static route between the appliance and the router so queries to these addresses are routed correctly. For information, see Advertising Loopback Addresses to the Network.

Note

You can configure multiple interfaces on the Infoblox-4030 appliance only. To configure LAN1, LAN2 and MGMT interfaces to the same IPv4 or IPv6 subnet, provide the same netmask for IPv4, or a CIDR prefix for IPv6, as the LAN1 interface. Alternatively, you can use a /32 netmask (255.255.255.255) for IPv4, or /128 CIDR prefix for IPv6 with the same subnet as LAN1 interface to configure multiple interfaces. An Infoblox-4030 can replace three DNS cache servers that are active on the same network. When you configure multiple interfaces on the same subnet, the outgoing traffic from NIOS host which is received through LAN2 and MGMT is directed to the LAN1 router for all interfaces on the LAN1 subnet, irrespective of the destination IP. However, if the LAN1 interface fails, the outgoing traffic will not be re-directed to any other interface and access to LAN2 and MGMT also fails.


To configure an IP address on the loopback interface:

  1. From the Grid tab, select the Grid Manager tab -> Members tab -> Grid_member checkbox -> Edit icon.

  2. In the Grid Member Properties Editor, select the Network tab -> Basic tab.
    Note that you can add an IPv4 or IPv6 address on the loopback. You define each type in their own table.

  3. Click the Add icon in the Additional Ports and Addresses table and select Additional Address (loopback) (IPv4) or Additional Address (loopback) (IPv6) from the drop-down list.
    Note that you cannot configure Additional Address (loopback) (IPv4) interface for an IPv6 Grid member and Additional Address (loopback) (IPv6) interface for an IPv4 Grid member. You can only enter the IP address you want to add to the loopback interface. You cannot configure the subnet mask, prefix length, gateway, or port settings.
    The appliance adds a row to the table. Complete the following:

    • Interface: Displays Additional Address (loopback). You cannot modify this.

    • Address: Enter the IP address you want to add to the loopback interface. An IPv6 address is a 128-bit number in colon hexadecimal notation. It consists of eight 16-bit groups of hexadecimal digits separated by colons (example: 2001:db8:0000:0123:4567:89ab:0000:cdef or 2001:db8::123:4567:89ab:0:cdef). For Infoblox-4030 appliance, use a /128 CIDR for IPv6 while configuring multiple interfaces.

    • Subnet Mask (IPv4) or Prefix Length (IPv6): You cannot change the netmask of the loopback interface. It is set to 255.255.255.255, or /32. For an IPv6 address, the mask is set to 128 and cannot be modified.
      You cannot configure the gateway address and port settings.

  4. Save the configuration and click Restart if it appears at the top of the screen.

To add multiple IP addresses on the loopback interface, repeat the steps for each IP address.

Note

If you are configuring the loopback interface on a Grid Master, the Grid is temporarily disrupted upon saving the configuration and restarting services on the appliance. The Grid reconnects automatically and the appliance regains the role as Grid Master after a short delay.



Advertising Loopback Addresses to the Network

Advertising IP addresses on the loopback interface relies on the upstream router to populate routes to the loopback interface. As illustrated in the following figure 24.2, when a client on a different subnet queries an IP address on the loopback interface, it sends the request to the router. If the IP address on the loopback interface is not advertised to the router, the request cannot reach the appliance. Therefore, when you configure non-anycast addresses on the loopback interface, or if OSPF or BGP is not configured within your network, you must configure the upstream router to reach the NIOS appliance through a static route on the LAN1 interface.
Note that when an appliance is configured for both authoritative and recursive queries, you should connect your internet interface through the LAN1 port to allow for maximum flexibility while using auxiliary LAN2 and MGMT ports. Consult with your network administrator for information about configuring static routes from the router to the additional IP addresses on the loopback interface.

Figure 24.2 Static Route for Loopback IP Addresses




When you configure DNS anycast addresses on the loopback interface, you can select OSPF, BGP, or both, to advertise the addresses to upstream and neighboring routers, without establishing a static route. For information, see About Anycast Addressing for DNS.