EasyManua.ls Logo

Cisco Catalyst 3560-X

Cisco Catalyst 3560-X
1538 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
1-20
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
OL-25303-03
Chapter 1 Configuring IPv6 Unicast Routing
Configuring IPv6
Configuring an IPv6 Snooping Policy
Action or Command Purpose
Step 1
enable Enables privileged EXEC mode. Enter your password if prompted.
Step 2
configure terminal Enters the global configuration mode.
Step 3
ipv6 snooping policy policy-name Creates a snooping policy in global configuration mode.
Step 4
[data-glean | default | device-role [node
| switch] | limit {address-count value }|
no | protocol [all | dhcp | ndp] |
security-level [glean | guard | inspect]|
tracking [disable | enable]|
trusted-port}
Enables data address gleaning, validates messages against various
criteria, specifies the security level for messages.
(Optional) data-glean—Enables data address gleaning. This option
is disabled by default.
(Optional) default—Sets all default options.
(Optional) device-role [node | switch]—Qualifies the role of the
device attached to the port.
(Optional) limit {address-count value}—Limits the number of
addresses allowed per target.
(Optional) no—Negates a command or set its defaults.
(Optional) protocol [all | dhcp | ndp]—Specifies which protocol
should be redirected to the snooping feature for analysis. The default,
is all. To change the default, use the no protocol command.
(Optional) security-level [glean | guard | inspect]—Specifies the
level of security enforced by the feature.
glean—Gleans addresses from messages and populates the
binding table without any verification.
guard—Gleans addresses and inspects messages. In addition, it
rejects RA and DHCP server messages. This is the default
option.
inspect—Gleans addresses, validates messages for consistency
and conformance, and enforces address ownership.
(Optional) tracking [disable | enable]—Overrides the default
tracking behavior and specifies a tracking option.
(Optional) trusted-port—Sets up a trusted port. It disables the guard
on applicable targets. Bindings learnt through a trusted port have
preference over bindings learnt through any other port. A trusted port
is also given preference in case of a collision while making an entry
in the table.
Step 5
exit Exits the snooping policy configuration mode.
Step 6
show ipv6 snooping policy policy-name Displays the snooping policy configuration.

Table of Contents

Related product manuals