Gigabit Ethernet Ipv6-Acl Guidelines - Cisco AP776A - Nexus Converged Network Switch 5020 Configuration Manual
Cisco mds 9000 family cli configuration guide - release 4.x (ol-18084-01, february 2009)
Hide thumbs
Also See for AP776A - Nexus Converged Network Switch 5020:
- Command reference manual (1640 pages) ,
- Configuration manual (1486 pages) ,
- Reference (886 pages)
Table of Contents
Advertisement
Gigabit Ethernet IPv6-ACL Guidelines
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
C
C
C
C
C
C
C
C
C
L
L
Gigabit Ethernet IPv6-ACL Guidelines
If IPv6-ACLs are already configured in a Gigabit Ethernet interface, you cannot add this interface to a
Tip
Ethernet PortChannel group. See
information on configuring IPv6-ACLs.
Follow these guidelines when configuring IPv6-ACLs for Gigabit Ethernet interfaces:
•
•
•
See
IPv6-ACLs to an interface.
Cisco MDS 9000 Family CLI Configuration Guide
47-18
3000:8::/64
via fe80::205:30ff:fe01:7ed7, GigabitEthernet4/2.250
3000:9::/64
via fe80::213:1aff:fee5:e69e, port-channel 3
3000:10::/64
via fe80::213:1aff:fee5:e69e, port-channel 3.250
5000:1::/64
via fe80::205:30ff:fe01:3917, GigabitEthernet6/2
5000:1::/64
via fe80::205:30ff:fe01:3918, port-channel 4
6000:1:1:1::/64
via fe80::205:30ff:fe01:3916, GigabitEthernet6/1
7000:1::/64
via fe80::205:30ff:fe01:3917, GigabitEthernet6/2.250
7000:1::/64
via fe80::205:30ff:fe01:3918, port-channel 4.250
7000:1:1:1::/64
via fe80::205:30ff:fe01:3917, GigabitEthernet6/2, distance 2
fe80::/10
via ::
ff00::/8
via ::
Only use Transmission Control Protocol (TCP) or Internet Control Message Protocol (ICMP).
Note
Other protocols such as User Datagram Protocol (UDP) and HTTP are not supported in
Gigabit Ethernet interfaces. Applying an ACL that contains rules for these protocols to a
Gigabit Ethernet interface is allowed but those rules have no effect.
Apply IPv6-ACLs to the interface before you enable an interface. This ensures that the filters are in
place before traffic starts flowing.
Be aware of the following conditions:
If you use the log-deny option, a maximum of 50 messages are logged per second.
–
–
The established option is ignored when you apply IPv6-ACLs containing this option to Gigabit
Ethernet interfaces.
If an IPv6-ACL rule applies to a preexisting TCP connection, that rule is ignored. For example,
–
if there is an existing TCP connection between A and B and an IPv6-ACL that specifies
dropping all packets whose source is A and destination is B is subsequently applied, it will have
no effect.
Chapter 35, "Configuring IPv4 and IPv6 Access Control Lists"
Chapter 47
Chapter 35, "Configuring IPv4 and IPv6 Access Control Lists"
Configuring IPv6 for Gigabit Ethernet Interfaces
for information on applying
OL-18084-01, Cisco MDS NX-OS Release 4.x
for
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
