Allied Telesis AT-8100 Series User Manual

AT-8100 Switch Command Line User’s Guide

1619

number of bits in the address, from left to right, that constitute
the network portion of the address. The IP address and the
mask are separated by a slash (/); for example, 2001:odb8::a2/
64.

host ipaddress: Matches packets with a destination IPv6
address and is an alternative to the IPADRESS/MASK variable
for addresses of specific end nodes. The HOST keyword
indicates that the address is of a specific end node and that no
mask is required.

time-range

Specifies the name of a time range that is created with the TIME-
RANGE command. You must create a time range before entering it
as a parameter value. See “TIME-RANGE” on page 1646.

vid

Indicates a VLAN identifier. Specify a VLAN if you want the ACL to
filter tagged packets. Omit a VLAN if you want the ACL to filter
untagged packets. Specify a value between 1 and 4094. You can
enter only one VID.

Mode

Configuration IPv6 ACL mode

Description

Use this command to modify an ACL that identify traffic flows based on the
source and destination IPv6 addresses of the packets.

Confirmation Commands

“SHOW ACCESS-LIST” on page 1641 and “SHOW INTERFACE
ACCESS-GROUP” on page 1643

Examples

This example creates an IP ACL, called “ipdeny1,” that denies IP packets
from any IPv6 source address to any IPv6 destination address on VLAN 7.
Then the ACL is assigned to port 12:

awplus> enable
awplus# configure terminal
awplus(config)# ipv6 access-list ipdeny1
awplus(config-ipv6-acl)# deny ip any any vlan 7
awplus(config-ipv6-acl)# exit
awplus(config)# interface port1.0.12
awplus(config_if)# ipv6 traffic-filter ipdeny1