Detections
Analytics
NET-IPV6-059 - The administrator must ensure that the maximum hop limit is at least 32.
Warning! Audit Deprecated
This audit has been deprecated and will be removed in a future update.
View Next Audit VersionInformation
The Neighbor Discovery protocol allows a hop limit value to be advertised by routers in a Router Advertisement message to be used by hosts instead of the standardized default value. If a very small value was configured and advertised to hosts on the LAN segment, communications would fail due to hop limit reaching zero before the packets sent by a host reached its destination.Solution
Configure maximum hop limit to at least 32.See Also
https://iasecontent.disa.mil/stigs/zip/U_Network_Infrastructure_Router_L3_Switch_V8R29_STIG.zip
Item Details
Audit Name: DISA STIG Juniper Infrastructure Router V8R29
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6, CAT|III, Rule-ID|SV-40390r1_rule, STIG-ID|NET-IPV6-059, Vuln-ID|V-30617
Plugin: Juniper
Control ID: 73f4ad1b92d0121b52930167dc24c140f95a6e4f65761b32801a6ab0adbdb83d