Cisco Catalyst 2960 Series

To Next Page

To Previous Page

Related Topics

Information about First Hop Security in IPv6, on page 678

How to Configure IPv6 Source Guard

SUMMARY STEPS

enable

configure terminal

[no] ipv6 source-guard policy policy_name

[deny global-autoconf] [permit link-local] [default{. . . }] [exit] [no{. . . }]

end

show ipv6 source-guard policy policy_name

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode. Enter your password if prompted.enable

Step 1

Example:

Switch> enable

Enters the global configuration mode.configure terminal

Example:

Switch# configure terminal

Step 2

Specifies the IPv6 Source Guard policy name and enters IPv6

Source Guard policy configuration mode.

[no] ipv6 source-guard policy policy_name

Example:

Switch(config)# ipv6 source-guard policy

example_policy

Step 3

(Optional) Defines the IPv6 Source Guard policy.[deny global-autoconf] [permit link-local]

[default{. . . }] [exit] [no{. . . }]

Step 4

• deny global-autoconf—Denies data traffic from

auto-configured global addresses. This is useful when all

Example:

Switch(config-sisf-sourceguard)# deny

global-autoconf

global addresses on a link are DHCP-assigned and the

administrator wants to block hosts with self-configured

addresses to send traffic.

• permit link-local—Allows all data traffic that is sourced by

a link-local address.

Trusted option under source guard policy is not

supported.

Note

Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)

705

How to Configure IPv6 Source Guard

Main Page

Table of Contents

Other manuals for Cisco Catalyst 2960 Series

Related product manuals