Skip to main content

This hands-on example discusses why and how to use a loopback interface as a local tunnel endpoint (TLOC). There are many scenarios where this design option comes in handy.

Why do we need Loopback TLOCs?

Every TLOC interface has a property that often goes untold – it also acts as a boundary. It only accepts IPsec traffic that is addressed to itself and comes from known peers (other remote TLOCs). In other words, an interface that is configured as a local TLOC does not behave like a normal layer 3 interface. It does not allow passthrough traffic, as shown in the diagram below. It acts as boundary between the underlay and the overlay.

Locked digital content

Digital Book Access

For now, the digital version of this book is available only to active subscribers and readers who own a paperback copy.

The ability to buy the digital copy directly is coming soon.

  • Subscribers can access the full digital version as part of their membership.
  • Paperback owners can access the digital version using the instructions provided in the book.