ipv6

bridge

Configures this Bridge VLAN‘s IPv6 components

Supported on the following devices:

Syntax

ipv6 [dhcpv6|firewall|mld|nd]
ipv6 dhcpv6 trust
ipv6 firewall
ipv6 mld snooping {forward-unknown-multicast|mrouter|querier}
ipv6 mld snooping {forward-unknown-multicast}
ipv6 mld snooping {mrouter [interface|learn]}
ipv6 mld snooping {mrouter [interface <INTERFACE-LIST>|learn pim-dvmrp]}
ipv6 mld snooping {querier} {max-response-time|timer|version}
ipv6 mld snooping {querier} {max-response-time <1-25000>|timer expiry <60-300>| version <1-2>}
ipv6 nd raguard

Parameters

ipv6 dhcpv6 trust
ipv6 Configures the VLAN bridge IPv6 parameters
dhcpv6 trust Enables the DHCPv6 trust option. When enabled all DHCPv6 responses are trusted on this bridge VLAN. This option is enabled by default.
  • trust – Trusts DHCPv6 responses on this bridge VLAN
ipv6 firewall
ipv6 Configures the VLAN bridge IPv6 parameters
firewall Enables IPv6 firewall on this bridge VLAN. This option is enabled by default.

Devices utilizing IPv6 addressing require firewall protection unique to IPv6 traffic.

IPv6 addresses are composed of eight groups of four hexadecimal digits separated by colons. IPv6 hosts can configure themselves automatically when connected to an IPv6 network using the ND (neighbor discovery) protocol via ICMPv6 router discovery messages. When first connected to a network, a host sends a link-local router solicitation multicast request for its configuration parameters. Routers respond to such a request with a RA (router advertisement) packet that contains Internet layer configuration parameters.

ipv6 mld snooping {forward-unknown-multicast}
ipv6 Configures the VLAN bridge IPv6 parameters
mld snooping Configures MLDP (Multicast Listener Discovery Protocol) snooping parameters

MLD snooping enables a access point, wireless controller, or service platform to examine MLD packets and make forwarding decisions based on the content. MLD is used by IPv6 devices to discover devices wanting to receive multicast packets destined for specific multicast addresses. MLD uses multicast listener queries and multicast listener reports to identify which multicast addresses have listeners and join multicast groups.

MLD snooping caps the flooding of IPv6 multicast traffic on controller, service platform or access point VLANs. When enabled, MLD messages between hosts and multicast routers are examined to identify the hosts receiving multicast group traffic. The access point, wireless controller, or service platform forward multicast traffic only to those interfaces connected to interested receivers instead of flooding traffic to all interfaces.

This option is enabled by default.

forward-unknown-multicast Optional. Enables forwarding of multicast packets from unregistered multicast groups. If disabled, the unknown multicast forward feature is also disabled for individual VLANs. This option is enabled by default.
ipv6 mld snooping {mrouter [interface <INTERFACE-LIST>|learn pim-dvmrp]}
ipv6 Configures the VLAN bridge IPv6 parameters
mld snooping Configures MLD snooping parameters. This option is enabled by default.
mrouter Optional. Configures the multicast router parameters, such as interfaces and learning protocol used.
interface <INTERFACE-LIST> Configures the multicast router interfaces. This option is disabled by default.
  • <INTERFACE-LIST> – Specify a comma-separated list of interface names.
learn pim-dvmrp Configures the multicast router learning protocols. This option is disabled by default.
  • pim-dvmrp – Enables PIM and DVMRP snooping of packets
ipv6 mld snooping {querier} {max-response-time <1-25000>|timer expiry <60-300>| version <1-2>}
ipv6 Configures the VLAN bridge IPv6 parameters
mld snooping Configures IPv6 MLD snooping parameters. This option is disabled by default.
querier Optional. Enables and configures the MLD querier parameters. When enabled, the device (access point, wireless controller, and service platform) sends query messages to discover which network devices are members of a given multicast group. This option is disabled by default.
max-response-time <1-25000> Optional. Configures the IPv6 MLD querier‘s maximum response time. This option is disabled by default.
  • <1-25000> – Specify the maximum response time from 1 - 25000 milliseconds.
timer expiry <60-300> Optional. Configures the IPv6 MLD other querier‘s timeout. This option is disabled by default.
  • <60-300> – Specify the MLD other querier‘s timeout from 60 - 300 seconds.
version <1-2> Optional. Configures the IPv6 MLD querier version. This option is disabled by default.
  • <1-2> – Specify the MLD version. The versions are 1- 2.
ipv6 nd raguard
ipv6 Configures the VLAN bridge IPv6 parameters
nd raguard Allows RA or ICMPv6 redirects on this VLAN bridge. This option is enabled by default.

Example

rfs7000-37FABE(config-profile test-bridge-vlan-2)#ipv6 dhcpv6 trust

rfs7000-37FABE(config-profile test-bridge-vlan-2)#ipv6 firewall

rfs7000-37FABE(config-profile test-bridge-vlan-2)#ipv6 mld snooping forward-unknown-multicast

rfs7000-37FABE(config-profile test-bridge-vlan-2)#ipv6 mld snooping mrouter interface ge1 ge2

rfs7000-37FABE(config-profile test-bridge-vlan-2)#ipv6 mld snooping mrouter learn pim-dvmrp

rfs7000-37FABE(config-profile test-bridge-vlan-2)#ipv6 mld snooping querier max-response-time 20000

rfs7000-37FABE(config-profile test-bridge-vlan-2)#ipv6 mld snooping querier timer expiry 200

rfs7000-37FABE(config-profile test-bridge-vlan-2)#ipv6 mld snooping querier version 2

rfs7000-37FABE(config-profile test-bridge-vlan-2)#show context
 bridge vlan 2
  ip igmp snooping
  ip igmp snooping querier
  ipv6 mld snooping
  ipv6 mld snooping querier
  ipv6 mld snooping mrouter interface ge2 ge1
  ipv6 mld snooping querier version 2
  ipv6 mld snooping querier max-response-time 20000
  ipv6 mld snooping querier timer expiry 200
rfs7000-37FABE(config-profile test-bridge-vlan-2)#

Related Commands

no Disables or reverts the VLAN Ethernet bridge IPV6 parameters