We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Benefit of using Loopback address on a switch/router for Syslog traffic

Medium Priority
1,840 Views
Last Modified: 2012-05-07
Anyone know what the benefit is as far as security goes in using a loopback address as the source address for a switch/router's Syslog traffic?  How is the loopback address used here?
Comment
Watch Question

Commented:
Hello,

protecting requests to syslog files is very important, it is a recommended pratice, in case you need to access the device

 i found a post from cisco which discusses the importance of the loopback interface

http://www.ciscopress.com/articles/article.asp?p=27137

i also found another pertaining to said practice

http://thwack.com/blogs/geekspeak/archive/2008/09/30/the-value-of-manging-via-loopback-addresses.aspx

heres an example of a configuration taken from

http://www.seccug.org/Presentations/CiscoUniv-20060406.ppt

                     access-list 80 permit 10.0.1.101
      access-list 90 permit 10.0.1.101
      snmp-server community .* RO 80
      snmp-server community .* RW 90
      snmp-server host 10.0.1.101 .*
      logging 10.0.1.101
      logging source-interface Loopback0
      logging facility syslog
      snmp-server enable traps tty
tankergoblinIT Executive

Commented:
loopback is use to test on network functionality. It also use for some application applications to work together by intersocket communication - localhost provides that address so that the elements can all work on the same PC. It also enables you to run a web/ftp/ any other server on the same PC that you are working on without having to know the allocated IP address from a DHCP server.To make things short,  it just makes life a lot simpler, and prevents anyone having to worry about the complexities of the outside world if the 2 processes are on the same machine.

Author

Commented:
jfer0x01,
When I read articles regarding the loopback address, the articles have one common point which is that it provides Availability to due to its virtual interface.  I understand the importance of this.  However, I'm still kind of fuzzy about the loopback address in relation to syslog files/traffic.   Is it important to use a loopback address with syslog traffic because we want syslog traffic to be failsafe?  or is there another reason like a hacker can't get to the source of the syslog traffic if we use a loopback address since it's virtual?  I still can't find any good discussion or article on this.
Thanks.
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Commented:
Any more questions?

Commented:
Hi,

please award points or close question

Jfer
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.