PDA

View Full Version : Loopback Interface and R75.47



msjouw
2014-10-01, 10:53
Seen on 2200 and 4200 appliances:

Issue with R75.47 routing is with an additional loopback interface, add a new loopback interface and put an IP on it, now routing dies all together, there is a fix, however when the box is rebooted the same problem comes back, which is a nice feature, but when a box is in Malaysia or Brasil with no way to get to a console or GUI.

For the latter a case has been opened and I was told the old ipv6 kernel was loaded instead of the replacement supplied in the patch. Not finished yet...
R77.20 does not have this issue, nor does R76 or any of the other R75.4x versions.

jflemingeds
2014-10-01, 11:33
Seen on 2200 and 4200 appliances:

Issue with R75.47 routing is with an additional loopback interface, add a new loopback interface and put an IP on it, now routing dies all together, there is a fix, however when the box is rebooted the same problem comes back, which is a nice feature, but when a box is in Malaysia or Brasil with no way to get to a console or GUI.

For the latter a case has been opened and I was told the old ipv6 kernel was loaded instead of the replacement supplied in the patch. Not finished yet...
R77.20 does not have this issue, nor does R76 or any of the other R75.4x versions.

What are you using the loop interface for? Maybe OSPF + BGP? Just wondering.

What is the temp fix? Could it be hacked into rc.local or maybe its own init script?

msjouw
2014-10-02, 02:11
We are a MSP selling MPLS and Security services.
Most of these FW's are used for Site2Site VPN's and they have a traffic optimization device behind them, that like the FW itself needs to be monitored, we can only do that via routable IP's through MPLS and then from the customer main site trough the VPN to the remote site. Most are small sites where only 1 IP is available for the FW, so NAT is also not possible.

I have not looked into possible solutions, I cannot have this customer bothered ay further, I will just upgrade them to R77.20 whenever I get their approval to do them.