IPv6 First Hop Security
OL-32830-01 Command Line Interface Reference Guide 494
25
no device-role
Parameters
• host—Sets the role of the device to host.
• router—Sets the role of the device to router.
Default Configuration
Policy attached to port or port channel: the value configured in the policy attached
to the VLAN.
Policy attached to VLAN: host.
Command Mode
ND inspection Policy Configuration mode
User Guidelines
If this command is part of a policy attached to a VLAN, it is applied to all the ports
in the VLAN. If it is defined in a policy attached to a port in the VLAN, this value
overrides the value in the policy attached to the VLAN.
ND Inspection performs egress filtering of NDP messages depending on a port
role.The following table specifies the filtering rules.
Example
The following example defines an ND Inspection policy named policy 1 and
configures the port role as router:
switchxxxxxx(config)#
ipv6 nd inspection policy
policy1
switchxxxxxx(config-nd-inspection)#
device-role router
switchxxxxxx(config-nd-inspection)#
exit
Message Host Router
RA Permit Permit
RS Deny Permit
CPA Permit Permit
CPS Deny Permit
ICMP Redirect Permit Permit
To Next Page
Loading...
Need help?
General
