SV-216680r531086_rule
V-216680
SRG-NET-000019-RTR-000011
CISC-RT-000420
CAT II
10
This requirement is not applicable for the DODIN Backbone.
Configure the router to have a separate IGP instance for the management network as shown in the example below:
R3(config)#router ospf 1 vrf MGMT
R3(config-router)#network 0.0.0.0 0.0.0.0 area 0
R3(config-router)#exit
R3(config)#router ospf 2 vrf PROD
R3(config-router)#network 0.0.0.0 0.0.0.0 area 0
R3(config-router)#end
This requirement is not applicable for the DODIN Backbone.
Verify that the OOBM interface is an adjacency in the IGP domain for the management network via separate VRF as shown in the example below:
router ospf 1 vrf MGMT
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
router ospf 2 vrf PROD
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
If the router is not configured to have separate IGP instances for the managed network and management network, this is a finding.
V-216680
False
CISC-RT-000420
This requirement is not applicable for the DODIN Backbone.
Verify that the OOBM interface is an adjacency in the IGP domain for the management network via separate VRF as shown in the example below:
router ospf 1 vrf MGMT
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
router ospf 2 vrf PROD
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
If the router is not configured to have separate IGP instances for the managed network and management network, this is a finding.
M
4028