Using RFC1918 on Global table as Loopbacks

Thu Oct 5 22:20:51 UTC 2023

On Thu, Oct 5, 2023 at 9:42 AM Javier Gutierrez
<GutierrezJ at westmancom.com> wrote:
> the loopback of the core network devices is being set from RFC1918
> while on the global routing table. I'm sure this is not a major issue but
> I have mostly seen that ISPs use global IPs for loopbacks on devices
> that would and hold global routing.

Hi Javier,

It depends.

If the loopback is used as the address source for unnumbered
interfaces and any of the router's interfaces have differing MTUs then
you have a red-alarm fire: you've broken path MTU discovery which
breaks TCP. The problem is that the router will originate ICMP
destination unreachable, fragmentation needed messages from that
address. Those packets will then be filtered entering other networks.
Without those messages, the client TCP stack doesn't know to reduce
its packet size. It fails with the symptom that the initial connection
succeeds but then the first large data stream immediately times out
and the connection aborts after a couple minutes.

Even if you have the same MTU on all interfaces, you've still broken
traceroute since the TTL exceeded messages don't get through.

On the other hand, if the loopback is only used to anchor BGP, you
select the BGP router ID from a different address and all your
network-facing interfaces have global IP addresses then everything
should work fine. As you change the configuration over time you'll
have to be mindful that you're riding a knife edge, but nothing will
actually break.

Regards,
Bill Herrin

-- 
William Herrin
bill at herrin.us
https://bill.herrin.us/