User Manual UMN:CLI
V5808
239
show ipv6 nd access-list
[NAME]
Displays the existing ND access lists.
7.16.13.2 Enabling ND Inspection Filtering
To enable/disable the ND inspection filtering of a certain range of IPv6 addresses from
the ND access list, use the following command.
ipv6 nd inspection filter NAME
vlan VLANS
Enables ND inspection filtering with the configured ND
access list on the VLAN.
NAME: ND access list name
no ipv6 nd inspection filter
NAME vlan VLANS
Disables ND inspection filtering with a configured ND
access list on specified VLAN.
ND inspection actually runs in the system after the configured ND access list applies to
specific VLAN ID using the ip nd inspection filter command.
7.16.13.3 ND Inspection on Trust Port
The ND inspection defines 2 trust states, trusted and untrusted. Incoming packets via
trusted ports bypass the ND inspection process, while those via untrusted ports go
through the ND inspection process. Normally, the ports connected to subscribers are
configured as untrusted, while the ports connected to an upper network are configured as
trusted.
To set a trust state on a port for the ND inspection, use the following command.
ipv6 nd inspection trust port
PORTS
Sets a trust state on a port as trusted
PORTS: port number
no ipv6 nd inspection trust port
PORTS
Sets a trust state on a port as untrusted
PORTS: port number
To display the configured trust port of the ND inspection, use the following command.
show ipv6 nd inspection trust
[port PORTS]
Shows the configured trust port of the ND inspection.
7.16.13.4 ND Inspection Log-buffer
Log-buffer function shows the list of subscribers who have been used invalid fixed IP
addresses. This function saves the information of users who are discarded by ND
inspection and generates periodic syslog messages.
To Next Page
Loading...