AMLS-L3-000290 - Arista MLS must configure the maximum hop limit value to at least 32.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The Neighbor Discovery protocol allows a hop limit value to be advertised by routers in a Router Advertisement message to be used by hosts instead of the standardized default value. If a very small value was configured and advertised to hosts on the LAN segment, communications would fail due to the hop limit reaching zero before the packets sent by a host reached their destination.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Configure the router maximum hop limit value to at least 32.

From the interface configuration mode, enter:

ipv6 nd ra hop-limit 32

See Also

http://iasecontent.disa.mil/stigs/zip/Apr2016/U_Arista_MLS_DCS-7000_Series_RTR_V1R2_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CAT|II, CCI|CCI-001097, Group-ID|V-60927, Rule-ID|SV-75385r1_rule, STIG-ID|AMLS-L3-000290

Plugin: Arista

Control ID: d886128a88829ad6ed277349ee52d5d6c2033c581cbbd1c35aa990d6ab2c1a9f