Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

IPv6 Hardware Access Control List (ACL) Commands

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

36.13

Mode

IPv6 Hardware ACL Configuration

Default

Any traffic on an interface controlled by a hardware ACL that does not explicate match a
filter is permitted.

Usage

This command adds a hardware classification filter (for use with features such as QoS), to a
current standard IPv6 access-list. The filter will match on any IP protocol type packet that
has the specified source and destination IPv6 addresses and the specified IP protocol type.
The parameter any may be specified if an address does not matter,

Examples

To add an ACL filter entry to block IP traffic from network 2001:0db8::0/64 to the
hardware IPv6 access-list named my-acl, use the commands:

To remove an ACL filter entry that blocks all IPv6 traffic from network 2001:0db8::0/
64

from the hardware IPv6 access-list named my-acl, use the commands:

Validation

Commands

show ipv6 access-list (IPv6 Hardware ACLs)

Related Commands

ipv6 access-list (named)
(ipv6 access-list named ICMP filter)
(ipv6 access-list named TCP UDP filter)
ipv6 traffic-filter
show ipv6 access-list (IPv6 Hardware ACLs)

vlan

This parameter can be used in either single or double-tagged VLAN
networks. It is the conventional VLAN tag (VID). In a double-tagged
network it is sometimes referred to as the STAG.

<1-4094>

The VLAN VID.

Parameter(cont.)

Description(cont.)

Note

Hardware ACLs will permit access unless explicitly denied by an ACL action.

awplus#

configure terminal

awplus(config)#

ipv6 access-list my-acl

awplus(config-ipv6-hw-acl)#

deny ipv6 2001:0db8::0/64

awplus#

configure terminal

awplus(config)#

ipv6 access-list my-acl

awplus(config-ipv6-hw-acl)#

no deny ipv6 2001:0db8::0/64