EasyManua.ls Logo

Cisco 500 Series - Dhcpv6 Guard

Cisco 500 Series
653 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Security: IPv6 First Hop Security
DHCPv6 Guard
517 Cisco 500 Series Stackable Managed Switch Administration Guide
23
Validation of received Neighbor Discovery protocol messages.
Egress filtering
Message Validation
ND Inspection validates the Neighbor Discovery protocol messages, based on an
ND Inspection policy attached to the interface. This policy can be defined in the
ND Inspection Settings page.
If a message does not pass the verification defined in the policy, it is dropped and
a rate limited SYSLOG message is sent.
Egress Filtering
ND Inspection blocks forwarding of RS and CPS messages on interfaces
configured as host interfaces.
DHCPv6 Guard
DHCPv6 Guard treats the trapped DHCPv6 messages. DHCPv6 Guard supports
the following functions:
Filtering of received DHCPv6 messages.
DHCP Guard discards DHCPv6 reply messages received on interfaces
whose role is client. The interface role is configured in the DHCP Guard
Settings page.
Validation of received DHCPv6 messages.
DHCPv6 Guard validates DHCPv6 messages that match the filtering based
on the DHCPv6 Guard policy attached to the interface.
If a message does not pass verification, it is dropped. If the logging packet drop
configuration on the FHS common component is enabled, a rate limited SYSLOG
message is sent.

Table of Contents

Other manuals for Cisco 500 Series

Preview: Quick Start Guide
Quick Start Guide72 pages
Preview: User Guide
User Guide6 pages
Preview: Troubleshooting And Maintenance
Troubleshooting And Maintenance14 pages
Preview: Safety Information
Safety Information42 pages
Preview: Datasheet
Datasheet5 pages
Preview: Quick Reference Guide
Quick Reference Guide7 pages
Preview: Quick Start Quide
Quick Start Quide12 pages

Related product manuals