beautypg.com

Example: verifying the ra guard configuration – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 366

background image

Brocade(config)# prefix-list raguard-prefix-list1 permit 2001:db8::/16

Brocade(config)# ipv6 raguard policy policyB

Brocade(ipv6-RAG-policy policyB)# whitelist 1

Brocade(ipv6-RAG-policy policyB)# prefix-list raguard-prefix-list1

Brocade(ipv6-RAG-policy policyB)# exit

Brocade(config)# interface ethernet 1/1/2

Brocade(config-int-e1000-1/1/2)# raguard untrust

Brocade(config-int-e1000-1/1/2)# exit

Brocade(config)# ipv6 raguard vlan 2 policyB

Example: Verifying the RA guard configuration

To view the RA guard packet counts, use the show ipv6 raguard counts command.

Brocade# show ipv6 raguard counts policyB

DROPPED-host port:0

DROPPED-whitelist:3

DROPPED-prefixlist:1

DROPPED-max pref:1

DROPPED-trusted port:2

DROPPED-untrusted port:1

To verify the RA guard configuration, use the show ipv6 raguard command.

Brocade# show ipv6 raguard all

policy:policyC

whitelist:0

max_pref:medium

policy:policyB

whitelist:1

Example: Verifying the RA guard configuration

366

FastIron Ethernet Switch Security Configuration Guide

53-1003088-03