Name: Cisco 500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

Security: IPv6 First Hop Security

DHCPv6 Guard

517 Cisco 500 Series Stackable Managed Switch Administration Guide

• Validation of received Neighbor Discovery protocol messages.

• Egress filtering

Message Validation

ND Inspection validates the Neighbor Discovery protocol messages, based on an

ND Inspection policy attached to the interface. This policy can be defined in the

ND Inspection Settings page.

If a message does not pass the verification defined in the policy, it is dropped and

a rate limited SYSLOG message is sent.

Egress Filtering

ND Inspection blocks forwarding of RS and CPS messages on interfaces

configured as host interfaces.

DHCPv6 Guard

DHCPv6 Guard treats the trapped DHCPv6 messages. DHCPv6 Guard supports

the following functions:

• Filtering of received DHCPv6 messages.

DHCP Guard discards DHCPv6 reply messages received on interfaces

whose role is client. The interface role is configured in the DHCP Guard

Settings page.

• Validation of received DHCPv6 messages.

DHCPv6 Guard validates DHCPv6 messages that match the filtering based

on the DHCPv6 Guard policy attached to the interface.

If a message does not pass verification, it is dropped. If the logging packet drop

configuration on the FHS common component is enabled, a rate limited SYSLOG

message is sent.

Other manuals for Cisco 500 Series

Questions and Answers:

Need help?

Do you have a question about the Cisco 500 Series and is the answer not in the manual?

General