User Manual UMN:CLI
V5808
237
After opening ND Access List Configuration mode, the prompt changes from
SWITCH(config)# to SWITCH(config-nd-acl[NAME])#. After opening ND ACL
Configuration mode, a range of IPv6 addresses can be configured to apply ND inspection.
By default, ND Access List discards the Neighbor Discovery protocol packets, of all IPv6
addresses and MAC addresses.
To specify the IPv6 address and MAC address to forward the ND messages, use the
following command.
permit ipv6 {host X:X::X:X |
X:X::X:X/M | any} mac {any | host
MACADDR}
Permits ND packets based on their IPv6 address and
MAC address, which have not learned before on ND
inspection table.
mac any: ignores sender MAC address
ipv6 any: ignores sender IPv6 address
host: sender host
X:X::X:X: sender IPv6 address
X:X::X:X/M: sender IPv6 network address
MACADDR: sender MAC address
permit ipv6 range X:X::X:X
X:X::X:X mac any
Permits ND packets of a given range of IPv6
addresses.
X:X::X:X: start/end IPv6 address of sender
To delete the configured range of IPv6 address or MAC address to permit ND packets,
use the following command.
no permit ipv6 {host X:X::X:X |
X:X::X:X/M | any} mac {any | host
MACADDR}
Deletes the configured range of IPv6 address to permit
ND packets.
any: ignores sender MAC address
host: sender host
MACADDR: sender MAC address
X:X::X:X: start/end IPv6 address of sender
X:X::X:X/M: sender IPv6 network address
no permit ipv6 range X:X::X:X
X:X::X:X mac any
To specify the IPv6 address and MAC address to deny ND packets, use the following
command.
deny ipv6 {host X:X::X:X |
X:X::X:X/M | any} mac {any |
host MACADDR}
Discards ND packets based on their IPv6 address and
MAC address, which have not learned before on ND
inspection table.
mac any: ignores sender MAC address
ipv6 any: ignores sender IPv6 address
host: sender host
To Next Page
Loading...