Configuring a standard ipv6 acl, Figure 3-77, Acl configuration - standard ipv6 – LevelOne FGL-2870 User Manual
Page 183
General Security Measures
3-129
3
Configuring a Standard IPv6 ACL
Command Attributes
• Action – An ACL can contain any combination of permit or deny rules.
• Source Address Type – Specifies the source IP address. Use “Any” to include all
possible addresses, “Host” to specify a specific host address in the Address field,
or “IPv6-prefix” to specify a range of addresses. (Options: Any, Host, IPv6-prefix;
Default: Any)
• Source IPv6 Address – An IPv6 source address or network class. The address
must be formatted according to RFC 2373 “IPv6 Addressing Architecture,” using 8
colon-separated 16-bit hexadecimal values. One double colon may be used in the
address to indicate the appropriate number of zeros required to fill the undefined
fields.
• Source Prefix-Length – A decimal value indicating how many contiguous bits
(from the left) of the address comprise the prefix (i.e., the network portion of the
address).
Web – Specify the action (i.e., Permit or Deny). Select the address type (Any, Host,
or IPv6-prefix). If you select “Host,” enter a specific address. If you select
“IPv6-prefix,” enter a subnet address and the prefix length. Then click Add.
Figure 3-77 ACL Configuration - Standard IPv6
CLI – This example configures one permit rule for the specific address
2009:DB9:2229::79 and another rule for addresses with the network prefix
2009:DB9:2229:5::/64.
Console(config-std-ipv6-acl)#permit host 2009:DB9:2229::79
Console(config-std-ipv6-acl)#permit 2009:DB9:2229:5::/64
Console(config-std-ipv6-acl)#