• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1712
  • Last Modified:

Benefit of using Loopback address on a switch/router for Syslog traffic

Anyone know what the benefit is as far as security goes in using a loopback address as the source address for a switch/router's Syslog traffic?  How is the loopback address used here?
  • 4
1 Solution

protecting requests to syslog files is very important, it is a recommended pratice, in case you need to access the device

 i found a post from cisco which discusses the importance of the loopback interface


i also found another pertaining to said practice


heres an example of a configuration taken from


                     access-list 80 permit
      access-list 90 permit
      snmp-server community .* RO 80
      snmp-server community .* RW 90
      snmp-server host .*
      logging source-interface Loopback0
      logging facility syslog
      snmp-server enable traps tty
loopback is use to test on network functionality. It also use for some application applications to work together by intersocket communication - localhost provides that address so that the elements can all work on the same PC. It also enables you to run a web/ftp/ any other server on the same PC that you are working on without having to know the allocated IP address from a DHCP server.To make things short,  it just makes life a lot simpler, and prevents anyone having to worry about the complexities of the outside world if the 2 processes are on the same machine.

elly960Author Commented:
When I read articles regarding the loopback address, the articles have one common point which is that it provides Availability to due to its virtual interface.  I understand the importance of this.  However, I'm still kind of fuzzy about the loopback address in relation to syslog files/traffic.   Is it important to use a loopback address with syslog traffic because we want syslog traffic to be failsafe?  or is there another reason like a hacker can't get to the source of the syslog traffic if we use a loopback address since it's virtual?  I still can't find any good discussion or article on this.
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!


protecting the information is your goal

if you can only reach it via loopback device, it determines that you must be physically connected to the device, and no eavesdropping can occur for this information

it is an old practice, that is still used


The first couple of slides explains the benefits of this method

Any more questions?


please award points or close question

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now