51-37
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
OL-25340-01
Chapter 51 Configuring Network Security with ACLs
Configuring RA Guard
Examples
This examples shows how to enable RA Guard on the switch:
Switch(config)# int gi1/1
Switch(config-if)# ipv6 nd raguard
Switch(config-if)# end
Switch# show running-configuration interface gi1/1
Building configuration...
Current configuration : 53 bytes
!
interface GigabitEthernet1/1
ipv6 nd raguard
end
The following example shows a sample output of the show ipv6 commands:
Switch# show ipv6 snooping counters int gi 2/48
Received messages on Gi2/48:
Protocol Protocol message
ICMPv6 RS RA NS NA REDIR CPS CPA
0 0 0 0 0 0 0
Bridged messages from Gi2/48:
Protocol Protocol message
ICMPv6 RS RA NS NA REDIR CPS CPA
0 0 0 0 0 0 0
Dropped messages on Gi2/48:
Feature/Message RS RA NS NA REDIR CPS CPA
Dropped reasons on Gi2/48:
Switch#
Note Beginning with Cisco IOS Release 15.0(2)SG, per port RA Guard ACL statistics are supported and
displayed when you enter a show ipv6 snooping counters interface command. (Previous to this release,
you enter the show ipv6 first-hop counters interface command.)
Note Be aware that only RA (Router Advertisement) and REDIR (Router Redirected packets) counters are
supported in 12.2(54)SG.
Switch# show ipv6 first-hop policies
RA guard policies configured:
Policy Interface Vlan
------ --------- ----
default Gi2/48 all
Switch#
To Next Page
Loading...
