C613-50631-01 Rev A Command Reference for IE340 Series 2091
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
IPV6 SOFTWARE ACCESS CONTROL LIST (ACL) COMMANDS
IPV
6 ACCESS-LIST EXTENDED PROTO
Mode Global Configuration
Default Any traffic controlled by a software ACL that does not explicitly match a filter is
denied.
Usage notes Use IPv6 extended access-lists to control the transmission of IPv6 packets on an
interface, and restrict the content of routing updates. The switch stops checking
the IPv6 extended access-list when a match is encountered.
The filter entry will match on any IP protocol type packet that has the specified
source and destination IPv6 addresses and the specified IP protocol type. The
parameter any may be specified if an address does not matter.
NOTE: Software ACLs will deny access unless explicitly permitted by an ACL action.
Examples To create the IPv6 access-list named ACL-1 to deny IP protocol 9 packets from
2001:0db8:1::1/128 to 2001:0db8:f::1/128, use the commands:
awplus# configure terminal
awplus(config)# ipv6 access-list extended ACL-1 deny proto 9
2001:0db8:1::1/128 2001:0db8:f::1/128
To remove the IPv6 access-list named ACL-1 to deny IP protocol 9 packets from
2001:0db8:1::1/128 to 2001:0db8:f::1/128, use the commands:
awplus# configure terminal
awplus(config)# no ipv6 access-list extended ACL-1 deny proto
10 2001:0db8:1::1/128 2001:0db8:f::1/128
Related
commands
ipv6 access-list extended (named)
(ipv6 access-list extended IP protocol filter)
show ipv6 access-list (IPv6 Software ACLs)
show running-config
139-252 Unassigned / IANA
253 Use for experimentation and testing / RFC3692
254 Use for experimentation and testing / RFC3692
255 Reserved / IANA
Table 41-2: IP protocol number and description (cont.)
Protocol Number Protocol Description [RFC]