Details
Configure only one Loopback address per Routing Instance
Rationale:
Multiple Loopback addresses create potential for abuse, mis-configuration and confusion. A maximum of one address per address family should be set on the system’s loopback address in each Routing Instance.
Alternative Loopback addresses should be configured with caution and, where they must be used, should be clearly documented.
Solution
To remove an additional loopback addresses enter the following command from the [edit interfaces] hierarchy for each address to be removed:
[edit interfaces]
[email protected]#delete lo0 unit
Default Value:
No Loopback Address is configured by default.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Juniper.