Brocade BigIron RX Series Configuration Guide User Manual

Page 1371

Advertising
background image

BigIron RX Series Configuration Guide

1293

53-1002484-04

Configuring an IPv6 ACL

48

TABLE 224

Syntax descriptions

Arguments...

Description...

ipv6 access-list

<

acl name

>

Enables the IPv6 configuration level and defines the name of the IPv6 ACL.
The

<

acl name

>

can contain up to 199 characters and numbers, but cannot

begin with a number and cannot contain any spaces or quotation marks.

permit

The ACL will permit (forward) packets that match a policy in the access list.

deny

The ACL will deny (drop) packets that match a policy in the access list.

icmp

Indicates the you are filtering ICMP packets.

protocol

The type of IPv6 packet you are filtering. You can specify a well-known name
for some protocols whose number is less than 255. For other protocols, you
must enter the number. Enter “?” instead of a protocol to list the well-known
names recognized by the CLI. IPv6 protocols include:

AHP – Authentication Header

ESP – Encapsulating Security Payload

IPv6 – Internet Protocol version 6

SCTP – Stream Control Transmission Protocol

<

ipv6-source-prefix

>

/

<

prefix-len

gth

>

The

<

ipv6-source-prefix

>

/

<

prefix-length

>

parameter specify a source prefix

and prefix length that a packet must match for the specified action (deny or
permit) to occur. You must specify the

<

ipv6-source-prefix

>

parameter in

hexadecimal using 16-bit values between colons as documented in RFC 2373.
You must specify the

<

prefix-length

>

parameter as a decimal value. A slash

mark (/) must follow the

<

ipv6-prefix

>

parameter and precede the

<

prefix-length

>

parameter.

<

ipv6-destination-prefix

>

/

<

prefix

-length

>

The

<

ipv6-destination-prefix

>

/

<

prefix-length

>

parameter specify a

destination prefix and prefix length that a packet must match for the specified
action (deny or permit) to occur. You must specify the

<

ipv6-destination-prefix

>

parameter in hexadecimal using 16-bit values

between colons as documented in RFC 2373. You must specify the

<

prefix-length

>

parameter as a decimal value. A slash mark (/) must follow

the

<

ipv6-prefix

>

parameter and precede the

<

prefix-length

>

parameter

any

When specified instead of the

<

ipv6-source-prefix

>

/

<

prefix-length

>

or

<

ipv6-destination-prefix

>

/

<

prefix-length

>

parameters, matches any IPv6

prefix and is equivalent to the IPv6 prefix::/0.

host

Allows you specify a host IPv6 address. When you use this parameter, you do
not need to specify the prefix length. A prefix length of all128 is implied.

icmp-type

ICMP packets can be filtered by ICMP message type. The type is a number
from 0 to 255.

icmp code

ICMP packets, which are filtered by ICMP message type can also be filtered by
the ICMP message code. The code is a number from 0 to 255.

icmp-message

ICMP packets,are filtered by ICMP messages. Refer to

“ICMP message

configurations”

on page 1296 for a list of ICMP message types.

tcp

Indicates the you are filtering TCP packets.

udp

Indicates the you are filtering UDP packets.

Advertising
Popular Brands
Popular manuals