Hi, On Sun, Sep 10, 2017 at 10:47:05AM +0100, Nick Hilliard wrote: > Baldur Norddahl wrote: > > Loopback interfaces should be configured as /128. How you allocate these do > > not matter. > > ..so long as there are interface ACLs on your network edge which block > direct IP access to these IP addresses.
or, maybe even more efficient, assign all loopbacks from a dedicated netblock which you null-route on the edge/your border devices. best Enno -- Enno Rey ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902 Handelsregister Mannheim: HRB 337135 Geschaeftsfuehrer: Matthias Luft, Enno Rey ======================================================= Blog: www.insinuator.net || Conference: www.troopers.de Twitter: @Enno_Insinuator =======================================================
