Configuring an ipv6 acl – Dell POWEREDGE M1000E User Manual

566

Configuring Access Control Lists

Configuring an IPv6 ACL

Beginning in Privileged EXEC mode, use the following commands to create

an IPv6 ACL, configure rules for the ACL, and bind the ACL to an interface.

show mac access-lists

[

name]

Display all MAC access lists and all of the rules that are

defined for the MAC ACL. Use the optional

name

parameter to identify a specific MAC ACL to display.

Command

Purpose

configure

Enter global configuration mode.

ipv6 access-list

name

Create a named IPv6 ACL. This command also enters IPv6

Access List Configuration mode. If an IPv6 ACL with this

name already exists, this command enters the mode to

update the existing ACL.

{permit | deny} {every |

{{icmp | igmp | ipv6 |

tcp | udp |

number}

{any |

source ipv6

prefix/prefix length} [eq

{

portkey | portvalue}]

{any |

destination ipv6

prefix/prefix length} [eq

{

portkey | portvalue}]

[flow-label

value] [dscp

dscp]}} [log] [time-

range

time-range-name]

[assign-queue

queue-id]

[{mirror | redirect}

interface]

Specify the match conditions for the IPv6 access list.

• deny | permit — Specifies whether the IP ACL rule

permits or denies an action.

• every — Allows all protocols.
•

number — Standard protocol number or protocol

keywords icmp, igmp, ipv6, tcp, udp.

•

source ipv6 prefix — IPv6 prefix in IPv6 global address

format.

•

prefix-length — IPv6 prefix length value.

• eq — Equal. Refers to the Layer 4 port number being

used as a match criteria. The first reference is source

match criteria, the second is destination match criteria.

•

portkey — Or you can specify the portkey, which can be

one of the following keywords:

domain, echo, efts,

ftpdata, http, smtp, snmp, telnet, tftp, and www.

•

portvalue — The source layer 4 port match condition for

the ACL rule is specified by the port value parameter.

(Range: 0–65535).

Command

Purpose