STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated 1 hour ago
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to Nokia Service Router OS 25.x Router Security Technical Implementation Guide

V-283832

CAT III (Low)

The Nokia Multiprotocol Label Switching (MPLS) router must be configured to use its loopback address as the source address for Label Distribution Protocol (LDP) peering sessions.

Rule ID

SV-283832r1203745_rule

STIG

Nokia Service Router OS 25.x Router Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000366

Discussion

Using a loopback address as the source address offers a multitude of uses for security, access, management, and scalability of backbone routers. It is easier to construct appropriate ingress filters for router management plane traffic destined to the network management subnet since the source addresses will be from the range used for loopback interfaces instead of from a larger range of addresses used for physical interfaces. Log information recorded by authentication and syslog servers will record the router's loopback address instead of the numerous physical interface addresses.

Check Content

Review the router configuration to determine if it uses its loopback address as the source address for LDP peering sessions.

Verify a loopback address has been configured, as shown in the following example:

- show router ldp discovery detail | match "Local Address"
Local Address      : 3.3.3.3:0

If the router is not configured to use its loopback address for LDP peering, this is a finding.

Fix Text

Configure MPLS routers to use their loopback address as the source address for LDP peering sessions.

Note: By default, the Nokia router uses the system/loopback address as the source for LDP peering sessions. Ensure the system address is configured. 

Configure the system address, as shown in the example below: 

- configure router interface system address 3.3.3.3/32