EasyManuals Logo

Cisco Catalyst 4500 Series Software Configuration Guide

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1677 background imageLoading...
Page #1677 background image
62-53
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 62 Configuring Network Security with ACLs
Configuring RA Guard
• It is an ingress feature; only IPv6 Router-Advertisement and Router-Redirect packets entering
through the port are filtered.
• RA Guard does not offer protection in environments where IPv6 traffic is tunneled.
• Starting with IOS XE 3.4.0SG/15.1(2)SG, RA Guard is supported in software. In prior releases, this
Feature is supported only in hardware; packets are not punted to software except under resource
exhaustion (for example, TCAM memory exhaustion).
• RA Guard is purely an Layer 2 port based feature and can be configured only on switchports. It
works irrespective of whether IPv6 routing is enabled. It is supported on switchports and VLANs.
• RA Guard is supported on trunk ports and VLANs; filtering is performed on packets arriving from
all the allowed VLANs.
• Starting with IOS XE 3.4.0SG/15.1(2)SG, RA Guard is not supported on EtherChannel. In prior
releases, RA Guard is supported on EtherChannel; the RA Guard configuration (whether present or
not) on the EtherChannel overrides the RA Guard configuration on the member ports.
• RA Guard is supported on ports that belong to PVLANs (for example, isolated secondary host ports,
community secondary host ports, promiscuous primary host ports, (primary/secondary) trunk ports.
Primary VLAN features are inherited and merged with port features.
• Starting with IOS XE 3.4.0SG/15.1(2)SG, RA Guard is supported on SUP-6, SUP6L-E, 4948E,
SUP-7E, SUP7L-E, SUP8-E, 4500X-32, and 4500X-16 platforms. In prior releases, because of
hardware limitations, it may not be possible for Catalyst 4900M, Catalyst 4948E, Catalyst 4948L-E,
Supervisor Engine 6-E, Supervisor Engine 6L-E, Supervisor Engine 7-E and Supervisor Engine
7L-E to collect statistics for RA Guard in hardware. If so, an error message is displayed.
The show ipv6 snooping counter interface command displays the estimated counters
.
Note Beginning with Cisco IOS Release 15.0(2)SG, per port RA Guard ACL statistics are supported
and displayed when you enter a show ipv6 snooping counters interface command. (Previous to
this release, you enter the show ipv6 first-hop counters interface command.)

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Message Guide
Message Guide146 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Datasheet
Datasheet11 pages
Preview: Overview
Overview46 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General IconGeneral
SeriesCatalyst 4500 Series
CategorySwitch
Layer SupportLayer 2, Layer 3
Form FactorModular chassis
StackableNo
Chassis Slots3, 6, 7, 10
Power Supply OptionsAC, DC
RedundancyPower supply, Supervisor engine
Network ManagementCisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
FeaturesSecurity, QoS
Port DensityUp to 384 ports per chassis
Security Features802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine8-E

Related product manuals