Configuring and assigning an ipv6 acl, General steps for implementing ipv6 acls, Permit/deny options – HP 6200YL User Manual
Page 210: General steps for implementing ipv6 acls -34, Permit/deny options -34
IPv6 Access Control Lists (ACLs)
Configuring and Assigning an IPv6 ACL
Configuring and Assigning an IPv6 ACL
ACL Feature
Page
Adding or Removing an ACL
Enabling or Disabling ACL Filtering
General Steps for Implementing IPv6 ACLs
1. Configure one or more ACLs. This creates and stores the ACL(s) in the
switch configuration.
2. Assign an ACL. This step uses one of the following applications to assign
the ACL to an interface:
•
VACL (IPv6 traffic entering the switch on a given VLAN)
•
Static Port ACL (IPv6 traffic entering the switch on a given port, port
list, or static trunk)
Permit/Deny Options
You can use the following criteria as options for permitting or denying a
packet:
■
source IPv6 address
■
destination IPv6 address
■
IPv6 protocol options:
•
all IPv6 traffic
•
IPv6 traffic of a specific protocol type (0-255)
•
IPv6 traffic for a specific TCP port or range of ports, including:
–
optional control of connection (established) traffic based on
whether the initial request should be allowed
–
TCP flag (control bit) options
•
IPv6 traffic for a specific UDP port or range of ports
•
IPv6 traffic for a specific ICMP type and code
•
any of the above with specific DSCP precedence or ToS settings
Carefully plan ACL applications before configuring specific ACLs. For more
on this topic, refer to “Planning an ACL Application” on page 8-27.
8-34