482
ipv6-acl-name
}
4.
criterion.
if-match prefix acl
{ ipv6-acl-number |
name
ipv6-acl-name }
By default, no prefix
exists.
5. Specify a router preference
match criterion.
if-match router-preference
maximum
{
high
|
low
|
}
By default, no router preference match
criterion exists.
6. Specify an M flag match
criterion.
if-match autoconfig
managed-address-flag
{
off
|
on
}
By default, no M flag match criterion
exists.
7. Specify an O flag match
criterion.
if-match autoconfig
other-flag
{
off
|
on
}
By default, no O flag match criterion
exists.
8.
minimum hop limit match
criterion.
if-match hop-limit
{
maximum
|
minimum
} limit
By default, no hop limit match criterion
exists.
9. Quit RA guard policy view.
quit
N/A
10. Enter VLAN view.
vlan-number
N/A
11. Apply an RA guard policy to
the VLAN.
ipv6
policy
[ policy-name ]
By default, no RA guard policy is
applied to the VLAN.
Enabling the RA guard logging feature
This feature allows a device to generate logs when it detects forged RA messages. Each log records
the following information:
• Name of the interface that received the forged RA message.
• Source IP address of the forged RA message.
• Number of RA messages dropped on the interface.
The RA guard logging feature sends the log messages to the information center. The information
center can then output log messages from different source modules to different destinations. For
more information about the information center, see Network Management and Monitoring
Configuration Guide.
To enable the RA guard logging feature:
1. Enter system view.
system-view
N/A
2. Enable the RA guard logging
feature.
ipv6 nd raguard log enable
By default, the RA guard logging
feature is disabled.
Displaying and maintaining RA guard
Execute display commands in any view.
Display the RA guard policy configuration.
display ipv6 nd raguard policy
[ policy-name ]
Display RA guard statistics.
display ipv6 nd raguard statistics
[
interface
interface-type
To Next Page
Loading...
Need help?
General