beautypg.com

Deny (ipv6) – Allied Telesis AT-S95 CLI (AT-8000GS Series) User Manual

Page 32

background image

Page 32

Allied Telesis
AT-8000GS Command Line Interface User’s Guide

User Guidelines

IPv6 Syntax — The 128-bit IPv6 address format is divided into eight groups of four hexadecimal digits.

Abbreviation of this format is done by replacing a group of zeros with double colons. The IPv6 address
representation can be further simplified by suppressing the leading zeros.

All different IPv6 address formats are acceptable for insertion, yet for display purposes, the system displays

the most abbreviated form, which replaces groups of zeros with double colons and removes the leading
zeros.

IPv6 Prefixes — While Unicast IPv6 addresses written with their prefix lengths are permitted, in practice their

prefix lengths are always 64 bits and therefore are not required to be expressed. Any prefix that is less than
64 bits is a route or address range that is summarizing a portion of the IPv6 address space.

For every assignment of an IP address to an interface, the system runs the Duplicate Address Detection

algorithm to ensure uniqueness.

An intermediary transition mechanism is required for IPv6-only nodes to communicate with IPv6 nodes over

an IPv4 infrastructure. The tunneling mechanism implemented is the Intra-Site Automatic Tunnel Addressing
Protocol (ISATAP). This protocol treats the IPv4 network as a virtual IPv6 local-link, with each IPv4 address
mapped to a Link Local IPv6 address.

Examples

The following example sets the conditions to allow a packet to pass an IPv6 Access List acl1.

deny (IPv6)

The deny IPv6 Access-list Configuration mode command sets conditions to not allow a packet to pass a named
IPv6 Access List.

Syntax

deny [disable-port] {any | protocol} {any | source-prefix/length} {any | destination-prefix/length} [dscp number |
ip-precedence number]

deny-icmp [disable-port] {any | source-prefix/length} {any | destination-prefix/length} {any | icmp-type} {any |
icmp-code} [dscp number | ip-precedence number]

deny-tcp [disable-port] {any | source-prefix/length} {any | source-port} {any | destination-prefix/length} {any |
destination-port} [dscp number | ip-precedence number] [flags list-of-flags]

deny-udp [disable-port] {any | source-prefix/length} {any | source-port} {any | destination-prefix/length} {any |
destination-port} [dscp number | ip-precedence number]

Switch(config)# ipv6 access-list acl1

Switch(config-ipv6-acl)# permit-tcp 2001:0DB8:0300:0201::/64 any any 80

See also other documents in the category Allied Telesis Computer hardware: