Details
Configure a single loopback interface.
Rationale:
Software-only loopback interface that emulates an interface that is always up. It is a virtual interface supported on all platforms.
Alternate loopback addresses create a potential for abuse, mis-configuration, and inconsistencies. Additional loopback interfaces must be documented and approved prior to use by local security personnel.
Impact:
Organizations should plan and establish ‘loopback interfaces’ for the enterprise network. Loopback interfaces enable critical network information such as OSPF Router IDs and provide termination points for routing protocol sessions.
Solution
Define and configure one loopback interface.
hostname(config)#interface loopback <number>
hostname(config-if)#ip address <loopback_ip_address> <loopback_subnet_mask>
Default Value:
There are no loopback interfaces defined by default.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Cisco.