Use this command to apply access restrictions to inbound or outbound frames on an interface when operating in router mode.
| name | Specifies the name of the IPv6 access list to be applied to the interface. |
| in | Filters inbound frames. |
| out | Filters outbound frames. |
| all-traffic | (Optional) Specifies that the assigned ACL is applied to all traffic on the interface, not just the routed traffic. |
| routed-traffic | (Optional) Specifies that the assigned ACL is applied only to the routed traffic on the interface. (Default) |
None.
Interface configuration.
Access lists must be applied per routing interface. An entry (rule) can either be applied to inbound or outbound frames. An access list can be applied before it is created. The uncreated applied access list will have no affect.
By default, an IPv6 ACL is only applied to routed traffic. To apply the IPv6 ACL to all traffic, use the all-traffic option.
The no ipv6 access-group command removes the specified access list from this interface.
This example shows how to apply the standard access list acl10 for all inbound frames on VLAN 50. Based upon the definition of access list acl10, only frames with source fe80:0:0:0:21f:45ff:fe3d:21aa/64 are routed. All the frames with other sources received on VLAN 50 are dropped:
System(su-config)->ipv6 access-list standard acl10 System(su-cfg-ipv6-std-acl)->permit fe80:0:0:0:21f:45ff:fe3d:21aa/64 log System(su-cfg-ipv6-std-acl)->exit System(su-config)->interface vlan 50 System(su-config-intf-vlan.0.50)->ipv6 access-group acl10 in System(su-config-intf-vlan.0.50)->
Print
this page
Email this topic
Feedback
View PDF
Download EPUB