Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsEMC PowerSwitch N3000E-ON Series
511512513514515516517518519520
Layer 2 Switching Commands 514
The IPv6 ACL “fragment” keyword matches only on the first IPv6
extension header for the fragment header (next header code 44). If the
fragment header appears in the second or a subsequent header, it is not
matched.
The IPv6 ACL “routing” keyword matches only on the first IPv6 extension
header for the routing header (next header code 43). If the fragment
header appears in the second or a subsequent header, it is not matched.
For all series switches, port ranges are not supported on egress (out) ACLs.
Only the eq operator is supported in an egress ACL.
Command History
Updated in 6.3.0.1 firmware.
Example and description updated in the 6.4 release.
Example
The following example creates rules in an IPv6 ACL named "STOP_HTTP"
to discard any HTTP traffic from the 2001:DB8::0/32 network, but allow all
other traffic from that network:
console(config)#ipv6 access-list STOP_HTTP
console(Config-ipv6-acl)#deny tcp 2001:DB8::0/32 any eq http
console(Config-ipv6-acl)#permit every
ipv6 access-list
The ipv6 access-list command creates an IPv6 Access Control List (ACL)
consisting of classification fields defined for the IP header of an IPv6 frame.
Syntax
ipv6 access-list name
no ipv6 access-list name
name — Alphanumeric string of 1 to 31 characters uniquely identifying
the IPv6 access list.
Default Configuration
There is no default configuration for this command.