Cisco Nexus 5500 Series - Any Address-You Can Use the any Keyword to Specify that a Source or Destination Is any Ipv4

Cisco Nexus 5500 Series

378 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

72

Cisco Nexus 5500 Series NX-OS Security Command Reference

OL-27883-02

Chapter D Commands

deny ipv6 (IPv6)

Command History

Usage Guidelines A newly created IPv6 ACL contains no rules.

When the device applies an IPv6 ACL to a packet, it evaluates the packet with every rule in the ACL.

The device enforces the first rule whose conditions are satisfied by the packet. When the conditions of

more than one rule are satisfied, the device enforces the rule with the lowest sequence number.

Source and Destination

You can specify the source and destination arguments in one of several ways. In each rule, the method

you use to specify one of these arguments does not affect how you specify the other. When you configure

a rule, use the following methods to specify the source and destination arguments:

• Address and variable-length subnet mask—You can use an IPv6 address followed by a

variable-length subnet mask (VLSM) to specify a host or a network as a source or destination. The

syntax is as follows:

IPv6-address/prefix-len

This example shows how to specify the source argument with the IPv6 address and VLSM for the

2001:0db8:85a3:: network:

switch(config-acl)# deny ipv6 2001:0db8:85a3::/48 any

• Host address—You can use the host keyword and an IPv6 address to specify a host as a source or

destination. The syntax is as follows:

host IPv6-address

This syntax is equivalent to IPv6-address/128.

This example shows how to specify the source argument with the host keyword and the

2001:0db8:85a3:08d3:1319:8a2e:0370:7344 IPv6 address:

switch(config-acl)# deny ipv6 host 2001:0db8:85a3:08d3:1319:8a2e:0370:7344 any

• Any address—You can use the any keyword to specify that a source or destination is any IPv6

address. For examples of the use of the any keyword, see the examples in this section. Each example

shows how to specify a source or destination by using the any keyword.

Examples This example shows how to configure an IPv6 ACL named acl-lab13-ipv6 with rules denying all IPv6

traffic from the 2001:0db8:85a3:: and 2001:0db8:69f2:: networks to the 2001:0db8:be03:2112::

network:

switch# configure terminal

switch(config)# ipv6 access-list acl-lab13-ipv6

switch(config-ipv6-acl)# deny ipv6 2001:0db8:85a3::/48 2001:0db8:be03:2112::/64

switch(config-ipv6-acl)# deny ipv6 2001:0db8:69f2::/48 2001:0db8:be03:2112::/64

Release Modification

5.2(1)N1(1) This command was introduced.

Table of Contents

Other manuals for Cisco Nexus 5500 Series

Command Reference Guide460 pages

Configuration Guide160 pages

Related product manuals

Cisco Nexus 5596

Preview: Cisco Nexus 5548P

Cisco Nexus 5548P

Preview: Cisco Nexus 5548UP

Cisco Nexus 5548UP

Preview: Cisco Nexus 5596UP

Cisco Nexus 5596UP

Preview: Cisco Nexus 5010

Cisco Nexus 5010

Preview: Cisco Nexus 5000 Series

Cisco Nexus 5000 Series

Preview: Cisco Nexus 5600 Series

Cisco Nexus 5600 Series

AP775A - Nexus Converged Network Switch 5010

Preview: Cisco Nexus 9504

Cisco Nexus 9504

Preview: Cisco Nexus 7000

Cisco Nexus 7000

Cisco Nexus 3064

Preview: Cisco Nexus 9508

Cisco Nexus 9508