Hello,

is it necessary to set-up a loopback interface for each router in a OSPF scenario?

thx

YES...

No, it is not necessary, but it is recommended.

If you have routers that are anything more than simple lans+wan, you should always use loopback IPs.
It's best practice for networking, so get into the habit. Use the loopback IP as the official IP of the router for everything:
snmp
ssh
tunnel endpoints
pppoe local address (not as much required here, but it's how I personally roll)
iBGP peering sessions
etc

Use the loop IP as the source for outgoing things like SNMP traps, RADIUS requests, etc.
The main reason is that if you have multiple interface IPs and you use those, then you have to account for all of them in your setups, because if the network topology changes, a different interface IP might be the source.

In our network, it is necessary for us to setup loopback interfaces with IPs on them. They are really necessary, not for fancy.

Can one of you please expand a little bit on the fact that it is "necessary" ?
As far as I know, the need for a loopback interface in OSPF comes from the cisco world, because on a cisco router this is the usual way to ensure the OSPF router ID won't change over time.
On mikrotik, we have /routing ospf instance set router-id, which forces the OSPF router ID per OSPF instance. I always manually force the router ID this way on Mikrotik routers.
Does this method have any drawback (apart from deviating from a "best practice") ? What exactly will fail (in regard to OSPF) if the loopback interface is not set ?

ok, many thanks.

I follow this example:
http://wiki.mikrotik.com/wiki/Manual:OSPF-examples

with these adjustments:
I disabled the STP to the bridge. Is it right?
And I added each loopback into router - ospf - networks announces.


any other suggestions?

its necessary. If your router-id /ospf lives on a physical interface that gets unplugged now that IP isn't announced anymore. On a loopback it is always "up".

hello, again, anything else?

STP disabled
loopback announce in routing - ospf

No, that should be about it.

OSPF will be more stable with a loopback address and that address specified as the router ID.

loopback ip used for only routerid for ospf network ?

In OSPF itself, pretty much. I think the loopback is also useful when using virtual links, but you shouldn't use those anyway.

However, if you're using OSPF then it means that you probably have a dynamic topology with at least one backup path. Once you reach this point, you definitely should use loopback interfaces on all routers. It's just a good best practice to get into the habit of, even if you don't strictly require it for something.

Can we add loopback ip on ospf networks

Of course you can. Why wouldn't you be able to do that? It would be horribly useless to have loopback IPs that you couldn't include in OSPF.

Hi zero byte,

you said that you can use loopback ip for radius etc. how can use it for radius ? do you use it for radius authentication ? i add loop back ip but radius see only router id while authenticate. and i need some more help about ospf if you share your experience. Im using bridged network and I would like to remove all bridge interfaces and pass to layer3 network. i was already using ospf for dynmic routing to nat pppoe customers from gateway router.

thanks.

I read you wrote " Use the loop IP as the source for outgoing things like SNMP traps, RADIUS requests, etc " .
I add loopback ip to ospf networks but I have problem to ppoe cients to connect Radius. Radius only accept real interface ip on ethernet not loopback ip. What can I do

There's a field in the RADIUS configuration: Src. Address:

Put the loopback IP into that field.

THEN - you also need to go into your RADIUS server and make sure the router's loopback IP is provisioned as a RADIUS client with the proper RADIUS secret.

As for the earlier comment about Cisco "needing" the loopback IP for OSPF to generate a router-id.... well, Cisco has the command as well.

config t
router ospf 1
router-id 192.0.2.1
!

There's a field in the RADIUS configuration: Src. Address:

Put the loopback IP into that field.

THEN - you also need to go into your RADIUS server and make sure the router's loopback IP is provisioned as a RADIUS client with the proper RADIUS secret.

As for the earlier comment about Cisco "needing" the loopback IP for OSPF to generate a router-id.... well, Cisco has the command as well.

config t
router ospf 1
router-id 192.0.2.1
!

Thats work... thanks a lot. I will start use loopback ip for radius and also pppoe local ip.

and something more here is network that bridged and i would like to remove bridges and making routed them.
here is simple diagram I remove PPPoE_Server link interface from bridge and give them 10.10.2.1/30 ip to their ethernet interfaces
and here is ip and OSPF settings at gateway router;

/ip address
add address=10.10.0.3/23 interface=Router2 network=10.10.0.0
add address=10.10.2.1/30 interface=ether1-PPPoE-Server network=10.10.2.0
add address=10.255.255.1 interface=loopback network=10.255.255.1

/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 router-id=10.255.255.1
/routing ospf interface
add authentication=simple authentication-key=xxxx interface=Router2 network-type=broadcast priority=2
add authentication=simple authentication-key=xxxx interface=ether1-PPPoE-Server network-type=broadcast
add authentication-key=xxxx interface=loopback network-type=broadcast
/routing ospf network
add area=backbone network=10.10.0.0/23
add area=backbone network=10.10.2.0/30
add area=backbone network=10.255.255.1/32


and settings on PPPoE_Server;
/ip address
add address=10.10.2.2/30 interface=ether1-10.10.0.3 network=10.10.2.0
add address=10.255.255.2 interface=LoopBack network=10.255.255.2
/ip route
add distance=1 gateway=10.10.2.1

/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 router-id=10.255.255.2
/routing ospf interface
add authentication=simple authentication-key=xxx interface=ether1-10.10.0.3 network-type=broadcast
add authentication=simple authentication-key=xxx interface=LoopBack network-type=broadcast
/routing ospf network
add area=backbone network=10.10.0.0/23
add area=backbone network=10.10.2.0/30
add area=backbone network=10.255.255.2/32

am I going on the correct way to remove bridges and go routed network ? and also do i need add loopback ip to ospf network(area=backbone network=10.255.255.2/32) ?

can i use 10.10.2.0/24 instead of 10.10.2.0/30 at /routing ospf network ? cause i will remove every device from bridge step by step and I would like to use 10.10.2.0/24 range. one some routers there is 3-4 device on their ether interfaces and i connect them to each other with /30 ip addresses. so at the /routing ospf network segment, I enter every interface ip to networks like 10.10.2.5/30 , 10.10.2.1/30 , 10.10.2.20/30 so in here is better to use /24 or better to use /30. ?

Thanks

can i use 10.10.2.0/24 instead of 10.10.2.0/30 at /routing ospf network ? cause i will remove every device from bridge step by step and I would like to use 10.10.2.0/24 range. one some routers there is 3-4 device on their ether interfaces and i connect them to each other with /30 ip addresses. so at the /routing ospf network segment, I enter every interface ip to networks like 10.10.2.5/30 , 10.10.2.1/30 , 10.10.2.20/30 so in here is better to use /24 or better to use /30. ?

You could use network=10.10.2.0/24 and then any /30 interface within that /24 block would become active in OSPF.
The drawback to this method is that it's an all-or-nothing proposition. You couldn't individually disable OSPF on any particular interface within that range if the need were to arise.
IMO, it's better to explicitly define each interface with its own network=x.x.x.x/30 entry to give yourself the 100% granularity that will come in handy later.

In IPv6, you must define each interface explicitly anyway, so you may as well get used to that being a part of the process.

I'd also suggest that you set the default ospf interface to be passive=yes, and then go add each interface manually where you actually want adjacencies to form.
This way, you can activate other interfaces where you do NOT want adjacencies (i.e. the pppoe interfaces) so that you don't need to redistribute connected routes into OSPF.
Just issue a network statement that covers those, and then these interfaces will be properly included as interior OSPF destinations.

The reason you want this is so that as your network grows, if you need to partition it into areas, you can do so and the size of the routing table will be more manageable / LSA flooding won't have to go everywhere in the network as it would with external routes, which go trucking right through area boundaries. The only way to manage the number of E routes is to aggregate them at the ASBR originating them, or to use NSSAs to block them from entering into those areas. Otherwise, they go everywhere.

In general, I'd say that minimizing your external OSPF routes should be a design goal. (i.e. don't redistribute connected - only static)

Thanks for your info,

I have more questions I think it will better to open new topic but Im going to continue from here if no problem.

on the way I understand these topics
1-) I should use /30 ip's on the /routing ospf network
2-) minimize to routing table should the goal, so i should keep away pppoe_clients ip from ospf network to not make big route table.

Okay here is another diagram and another new question as the picture above I remove PPPoE Server-1 Link interface from bridge and i Give them 10.10.2.4/30 ip range(is correct way ?) . but on the pppoe_server there is a sub-network which is 172.17.30.0/24. these are routers, antennas, links etc. (customers connected to these antennas) and Im natting customer pppoe ips from gateway router. if i disable redistribute-connected=as-type-1 at pppoe_server the nat will not work cause gateway router wont see them.

I can do this static on gateway router like up to here there is no problem. it will going minimize te route table. but what will be the assigned public ip's and static local ip's( some times we need it) on the customer. there are more then one pppoe_server on the network. so need to use dynamic route in here. what can we do in here to minimize routing table ?

Hi
Sorry for is it correct topic or not
Router1
/ip address=10.10.2.38/30 interface=ether1 network=10.10.2.36
/ip address=10.255.255.22 interface=loopback network=10.255.255.22
/ip address=10.10.2.41/30 interface=ether5 network=10.10.2.40

/routing ospf interface authentication=MD5 authentication-key=xxxx interface=ether1 network-type=broadcast

/routing ospf network area=backbone network=10.255.255.22/32
/routing ospf network area=backbone network=10.10.2.36/30

Router2
/ip address=10.10.2.42/30 interface=ether1 network=10.10.2.40
No Ospf on Router2

Is it necessary to add 10.10.2.42/30 on router1 ospf network area
because Its work without on router1 ospf network area

Is it necessary to add 10.10.2.42/30 on router1 ospf network area
because Its work without on router1 ospf network area

Add network=10.10.2.40/30 area=backbone to your OSPF on both routers.

up to here there is no problem. it will going minimize te route table. but what will be the assigned public ip's and static local ip's( some times we need it) on the customer. there are more then one pppoe_server on the network. so need to use dynamic route in here. what can we do in here to minimize routing table ?

One way to do this would be to use areas.
In the PPPoE_server, you could define a second area (e.g. area 1 name=pppoe1)
Then make an area range for PPPoE 1 which is 172.17.30.0/24
This way, so long as there is even one IP address in that range which is reachable, the PPPoE server will create an aggregated route into the backbone for 172.17.30.0/24
Of course, everything behind that router would need to use area1 if it's also speaking OSPF.