Ipv6 receive acl: additional configuration, Deactivating the ipv6 racl configuration, Deleting the ipv6 racl configuration – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Multi-Service IronWare Security Configuration Guide

223

53-1003035-02

IPv6 receive ACLs

4

Brocade(config)# show ipv6 access-list bindings

!

ipv6 receive access-list b1 sequence 11

ipv6 receive access-list b2 sequence 12

!

Syntax:show ipv6 access-list bindings

Deactivating the IPv6 rACL configuration

To deactivate the IPv6 rACL configuration and remove all the rules from CAM, enter the following
command.

Brocade(config)# ipv6 receive deactivate-acl-all

Syntax: [no] ipv6 receive deactivate-acl-all

The no form of this command reactivates the IPv6 rACL configuration.

NOTE

To make this change permanent and prevent ACL binding to CAM after reload, you must save the
configuration.

Deleting the IPv6 rACL configuration

To delete the IPv6 rACL configuration and remove all IPv6 rACL rules from the system, use the
following command.

Brocade(config)# ipv6 receive delete-acl-all

This command deletes all IP Receive ACLs from system.

Are you sure? (enter 'y' or 'n'): y

Syntax: ipv6 receive delete-acl-all

IPv6 receive ACL: additional configuration

Configuring IPv6 rACL with acl-mirror-port

You can mirror traffic coming on to an interface, to any other interface. When specifying a
destination port for IPv6 rACLs, you must configure the acl-mirror-port command on all ports
supported by the same packet processor (PPCR).

Configuring IPv6 rACL with acl-mirror-port requires the following steps:

1.

Creating an IPv6 ACL with a mirroring clause

2.

Specifying the destination mirror port for physical ports

3.

Applying the IPv6 rACL

Creating an IPv6 ACL with a mirroring clause
]To create a named ACL “b1” with a mirroring clause, enter the following commands:

Brocade(config)# ipv6 access-list b1

Brocade(config-ipv6-access-list b1)# permit ipv6 any any mirror