Create an IPv6 ACL
Create an IPv6 ACL to specify an ordered list of ACEs, or filter rules.
You must specify the packet type as IPv6 at the ACL level to enable IPv6 filtering. By default, an ACL filters non IPv6 packets.
Note
You cannot change packet type for the ACL after you have configured it. If you want a different packet type, you must delete the ACL and re-create it using the other packet type.
Before you begin
Application Telemetry must be disabled on VSP 4450 Series, VSP 7200 Series, VSP 8200 Series, and VSP 8400 Series.
Procedure
- Create an IPv6 ACL:
filter acl <acl-id> type <inVlan|inPort|outPort|inVsn> [matchType <both|terminatingNNIOnly|uniOnly> ] [name WORD<0-32>] [pktType ipv6] [name <0-32>]
Note
IPv6 egress QoS ACL/Filters are not supported.
Variable definitions
Use the data in the following table to use the filter acl command.
|
Variable |
Value |
|---|---|
|
<acl-id> |
Specifies the ACL ID. Use the CLI Help to see the available range for the switch. |
|
enable |
Enables the ACL state, and all associated ACEs. Enabled is the default state. |
|
matchType <both|terminatingNNIOnly|uniOnly> |
For inVsn ACL types, specifies the match type to associate with
the ACL. Valid options are:
The default value is both. |
|
name WORD<0-32> |
Specifies an optional descriptive name for the ACL. |
|
type <inVlan|inPort|outPort|inVsn> |
Specifies the ACL type. The values inVlan, inPort, and inVsn are ingress ACLs. The value outPort configures IPv6 egress filters. A port-based ACL has precedence over a VLAN-based ACL. |
|
pktType <ipv6> |
Specifies the IP version as IPv6. The default is nonipv6. Note:
You cannot change packet type for the ACL once you have configured it. If you want a different packet type, you must delete the ACL and re-create it using the other packet type. |