EasyManua.ls Logo

Cisco Nexus 7000 Series - Page 486

Cisco Nexus 7000 Series
1018 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Layer 3 Ethernet interfaces and subinterfaces
Layer 3 Ethernet port-channel interfaces and subinterfaces
Tunnels
Management interfaces
However, an ACL applied to a Layer 3 interface with the ipv6 port traffic-filter command is inactive unless
the port mode changes to access or trunk (Layer 2) mode. To apply an IPv6 ACL as a router ACL, use the
ipv6 traffic-filter command.
You can also apply an IPv6 ACL as a VLAN ACL. For more information, see the match (VLAN access-map)
command.
The device applies port ACLs to inbound traffic only. The device checks inbound packets against the rules
in the ACL. If the first matching rule permits the packet, the device continues to process the packet. If the
first matching rule denies the packet, the device drops the packet and returns an ICMP host-unreachable
message.
If you delete the specified ACL from the device without removing the ACL from an interface, the deleted
ACL does not affect traffic on the interface.
If MAC packet classification is enabled on a Layer 2 interface, you cannot use the ipv6 port traffic-filter
command on the interface.
This command does not require a license.
Examples
This example shows how to apply an IPv6 ACL named ipv6-acl-L2 to Ethernet interface 1/3:
switch# configure terminal
switch(config)# interface ethernet 1/3
switch(config-if)# ipv6 port traffic-filter ipv6-acl-L2 in
This example shows how to remove an IPv6 ACL named ipv6-acl-L2 from Ethernet interface 1/3:
switch# configure terminal
switch(config)# interface ethernet 1/3
switch(config-if)# no
ipv6 port traffic-filter ipv6-acl-L2 in
switch(config)# show running-config interface ethernet 2/3
!Command: show running-config interface Ethernet2/3
!Time: Wed Jun 24 13:13:48 2009
version 4.2(1)
interface Ethernet2/3
ip access-group ipacl in
mac port access-group macacl
switchport
mac packet-classify
switch(config)# interface ethernet 2/3
switch(config-if)# ipv6 port traffic-filter v6acl in
ERROR: The given policy cannot be applied as mac packet classification is enable
d on this port
switch(config-if)#
Related Commands
DescriptionCommand
Configures an IPv6 ACL.ipv6 access-list
Cisco Nexus 7000 Series Security Command Reference
460
I Commands
ipv6 port traffic-filter

Table of Contents

Other manuals for Cisco Nexus 7000 Series

Preview: Quick Start Guide
Quick Start Guide10 pages
Preview: Reference Guide
Reference Guide746 pages
Preview: Configuration Guide
Configuration Guide536 pages
Preview: Hardware Installation And Reference Guide
Hardware Installation And Reference Guide402 pages
Preview: Troubleshooting
Troubleshooting10 pages
Preview: Configuring
Configuring8 pages

Related product manuals