Configuring a standard ipv6 acl, Figure 3-77, Acl configuration - standard ipv6 – LevelOne FGL-2870 User Manual

General Security Measures

3-129

3

Configuring a Standard IPv6 ACL

Command Attributes
• Action – An ACL can contain any combination of permit or deny rules.
• Source Address Type – Specifies the source IP address. Use “Any” to include all

possible addresses, “Host” to specify a specific host address in the Address field,
or “IPv6-prefix” to specify a range of addresses. (Options: Any, Host, IPv6-prefix;
Default: Any)

• Source IPv6 Address – An IPv6 source address or network class. The address

must be formatted according to RFC 2373 “IPv6 Addressing Architecture,” using 8
colon-separated 16-bit hexadecimal values. One double colon may be used in the
address to indicate the appropriate number of zeros required to fill the undefined
fields.

• Source Prefix-Length – A decimal value indicating how many contiguous bits

(from the left) of the address comprise the prefix (i.e., the network portion of the
address).

Web – Specify the action (i.e., Permit or Deny). Select the address type (Any, Host,
or IPv6-prefix). If you select “Host,” enter a specific address. If you select
“IPv6-prefix,” enter a subnet address and the prefix length. Then click Add.

Figure 3-77 ACL Configuration - Standard IPv6

CLI – This example configures one permit rule for the specific address
2009:DB9:2229::79 and another rule for addresses with the network prefix
2009:DB9:2229:5::/64.

Console(config-std-ipv6-acl)#permit host 2009:DB9:2229::79

4-207

Console(config-std-ipv6-acl)#permit 2009:DB9:2229:5::/64
Console(config-std-ipv6-acl)#