PurposeCommand or Action
Specifies the role of the device attached to the port.
The default is host.
device-role {host | monitor | router | switch}
Example:
Switch(config-nd-raguard)# device-role switch
Step 3
Enables verification of the advertised Hop count limit.
(1–255) Maximum hop count value allowed. (1–255)
Minimum hop count value allowed.
hop-limit {maximum | minimum} value
Example:
Switch(config-nd-raguard)# hop-limit maximum 33
Step 4
Enables verification of the advertised M flagmanaged-config-flag {off | on}
Example:
Switch(config-nd-raguard)# managed-config-flag on
Step 5
Matches a specified prefix list or access list.
match {ipv6 access-list list | ra prefix-list list}
Example:
Switch(config-nd-raguard)# match ipv6 access-list
example_list
Step 6
Enables verification of the advertised O flag.other-config-flag {on | off}
Example:
Switch(config-nd-raguard)# other-config-flag on
Step 7
Enables verification of the advertised Router
Preference flag.
router-preference maximum {high | medium | low}
Example:
Switch(config-nd-raguard)# router-preference maximum
high
Step 8
• high—Discards RAs with router preference
greater than high.
• low—Discards RAs with router preference
greater than low.
• medium—Discards RAs with router preference
greater than medium.
Configures a port to become a trusted port.trusted-port
Example:
Switch(config-nd-raguard)# trusted-port
Step 9
Restores a command to its default value.default {device-role | hop-limit {maximum | minimum} |
managed-config-flag | match {ipv6 access-list | ra prefix-list
Step 10
} | other-config-flag | router-preference maximum|
trusted-port}
Example:
Switch(config-nd-raguard)# default hop-limit
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
OL-29434-01 363
Configuring IPv6 First Hop Security
How to Configure an IPv6 Router Advertisement Guard Policy
To Next Page
Loading...
