beautypg.com

Brocade BigIron RX Series Configuration Guide User Manual

Page 1371

background image

BigIron RX Series Configuration Guide

1293

53-1002484-04

Configuring an IPv6 ACL

48

TABLE 224

Syntax descriptions

Arguments...

Description...

ipv6 access-list

<

acl name

>

Enables the IPv6 configuration level and defines the name of the IPv6 ACL.
The

<

acl name

>

can contain up to 199 characters and numbers, but cannot

begin with a number and cannot contain any spaces or quotation marks.

permit

The ACL will permit (forward) packets that match a policy in the access list.

deny

The ACL will deny (drop) packets that match a policy in the access list.

icmp

Indicates the you are filtering ICMP packets.

protocol

The type of IPv6 packet you are filtering. You can specify a well-known name
for some protocols whose number is less than 255. For other protocols, you
must enter the number. Enter “?” instead of a protocol to list the well-known
names recognized by the CLI. IPv6 protocols include:

AHP – Authentication Header

ESP – Encapsulating Security Payload

IPv6 – Internet Protocol version 6

SCTP – Stream Control Transmission Protocol

<

ipv6-source-prefix

>

/

<

prefix-len

gth

>

The

<

ipv6-source-prefix

>

/

<

prefix-length

>

parameter specify a source prefix

and prefix length that a packet must match for the specified action (deny or
permit) to occur. You must specify the

<

ipv6-source-prefix

>

parameter in

hexadecimal using 16-bit values between colons as documented in RFC 2373.
You must specify the

<

prefix-length

>

parameter as a decimal value. A slash

mark (/) must follow the

<

ipv6-prefix

>

parameter and precede the

<

prefix-length

>

parameter.

<

ipv6-destination-prefix

>

/

<

prefix

-length

>

The

<

ipv6-destination-prefix

>

/

<

prefix-length

>

parameter specify a

destination prefix and prefix length that a packet must match for the specified
action (deny or permit) to occur. You must specify the

<

ipv6-destination-prefix

>

parameter in hexadecimal using 16-bit values

between colons as documented in RFC 2373. You must specify the

<

prefix-length

>

parameter as a decimal value. A slash mark (/) must follow

the

<

ipv6-prefix

>

parameter and precede the

<

prefix-length

>

parameter

any

When specified instead of the

<

ipv6-source-prefix

>

/

<

prefix-length

>

or

<

ipv6-destination-prefix

>

/

<

prefix-length

>

parameters, matches any IPv6

prefix and is equivalent to the IPv6 prefix::/0.

host

Allows you specify a host IPv6 address. When you use this parameter, you do
not need to specify the prefix length. A prefix length of all128 is implied.

icmp-type

ICMP packets can be filtered by ICMP message type. The type is a number
from 0 to 255.

icmp code

ICMP packets, which are filtered by ICMP message type can also be filtered by
the ICMP message code. The code is a number from 0 to 255.

icmp-message

ICMP packets,are filtered by ICMP messages. Refer to

“ICMP message

configurations”

on page 1296 for a list of ICMP message types.

tcp

Indicates the you are filtering TCP packets.

udp

Indicates the you are filtering UDP packets.

See also other documents in the category Brocade Computer Accessories: