Configure a Loopback Interface

You can enable a loopback interface on your Firebox, which is a virtual interface assigned to the Firebox that is not associated with a specific physical interface. You can use the loopback interface for dynamic routing to multiple ISPs when your Firebox is configured with multi-WAN. A loopback interface can increase the stability of dynamic routing through a multi-WAN connection because it ensures the consistency of the next hop and avoids the potential for BGP routing oscillation.

In the loopback interface configuration, you can specify a primary IPv4 address, and you can add secondary networks. The loopback interface is supported in routed mode only.

You cannot use the loopback interface in policies as the local gateway IP address of a BOVPN or BOVPN virtual interface, or as the destination in a static network route.

You must configure the loopback interface in the network settings before you can use it in the dynamic routing configuration.

  1. To configure the primary loopback interface IP address:
    1. Select Network > Loopback.
      The Loopback page appears.
    2. Select the Enable check box.

      3. Screen shot of the Loopback configuration page, IPv4 tab

    3. (Optional) In the Interface Description text box type a description for this interface.
    4. In the IP Address text box, type the IPv4 address and subnet mask.
    5. Click Save
  2. To add secondary IP addresses to the loopback interface:
    1. Select the Secondary tab.

      2. Screen shot of the Loopback configuration page, Secondary tab

    2. In the text boxes below the Secondary Networks list, type the secondary network IP address and netmask.
    3. Click Add.
    4. Click Save.
  1. To configure the primary loopback interface IP address:
    1. Select Network > Configuration.
    2. Select the Loopback tab.
    3. Select the Enable check box.

      4. Screenshot of the Network Configuration Loopback tab

    4. (Optional) In the Interface Description text box type a description for this interface.
    5. In the IP Address text box, type the IPv4 address and subnet mask.
    6. Click OK.
  2. To add a secondary IP address to the loopback interface:
    1. In the Loopback tab, click Add.
      The Add a secondary network dialog box appears.

      2. Screen shot of the Add a secondary network dialog box

    2. In the IP Address text box, type the IPv4 network IP address to add.
    3. Click OK.
      The IP address is added to the Secondary Networks list.
    4. Click OK.

After you configure the loopback interface, you can use it for dynamic routing. In the dynamic routing configuration, use the loopback interface IP address instead of a physical interface IP address. In the dynamic routing configuration, use the loopback interface IP address, not the interface name.

The loopback interface guarantees the Firebox can be contacted when there are multiple paths to the dynamic routing peer. Because the loopback interface IP address does not depend on the link status of any interface, it is always up unless the attached router goes down. The loopback IP address and the attached subnets remain in the routing table even if one of the Firebox interfaces goes down. The loopback interface IP address also enables load balancing when multiple paths are available.

Related Topics

Configure IPv4 Routing with OSPF

Configure IPv4 and IPv6 Routing with BGP

Configure IPv4 Routing with RIP