EasyManuals Logo
Home>Cisco>Network Router>A9K-SIP-700

Cisco A9K-SIP-700 Command Reference

Cisco A9K-SIP-700
590 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #90 background imageLoading...
Page #90 background image
See the Examples section for an example of a translated IPv6 access control list (ACL) configuration.
No more than one IPv6 access list can be applied to an interface per direction.Note
Every IPv6 access list has an implicit deny ipv6 any any statement as its last match condition. An IPv6
access list must contain at least one entry for the implicit deny ipv6 any any statement to take effect.
Note
IPv6 prefix lists, not access lists, should be used for filtering routing protocol prefixes.Note
Use the ipv6 access-group interface configuration command with the access-list-name argument to apply an
IPv6 access list to an IPv6 interface.
An IPv6 access list applied to an interface with the ipv6 access-group command filters traffic that is
forwarded, not originated, by the router.
Note
Every IPv6 ACL has implicit permit icmp any any nd-na, permit icmp any any nd-ns, and deny ipv6
any any statements as its last match conditions. (The former two match conditions allow for ICMPv6
neighbor discovery.) An IPv6 ACL must contain at least one entry for the implicit deny ipv6 any any
statement to take effect.permit icmp any any nd-na permit icmp any any nd-ns deny ipv6 any any
deny ipv6 any any.
Note
The IPv6 neighbor discovery process makes use of the IPv6 network layer service; therefore, by default, IPv6
ACLs implicitly allow IPv6 neighbor discovery packets to be sent and received on an interface. In IPv4, the
Address Resolution Protocol (ARP), which is equivalent to the IPv6 neighbor discovery process, makes use
of a separate data link layer protocol; therefore, by default, IPv4 ACLs implicitly allow ARP packets to be
sent and received on an interface.
Task ID
OperationsTask ID
read, writeacl
read, writeipv6
Examples
This example shows how to configure the IPv6 access list named list2 and applies the ACL to outbound traffic
on interface GigabitEthernet 0/2/0/2. Specifically, the first ACL entry keeps all packets from the network
fec0:0:0:2::/64 (packets that have the site-local prefix fec0:0:0:2 as the first 64 bits of their source IPv6 address)
from exiting out of interface GigabitEthernet 0/2/0/2. The second entry in the ACL permits all other traffic
Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Command Reference,
Release 5.2.x
76
ACL and ABF Commands
ipv6 access-list (BNG)

Table of Contents

Other manuals for Cisco A9K-SIP-700

Preview: User Configuration Guide
User Configuration Guide422 pages
Preview: Service Configuration Guide
Service Configuration Guide204 pages
Preview: Quick Reference Guide
Quick Reference Guide7 pages
Preview: Configuring
Configuring46 pages
Preview: Software Manual
Software Manual166 pages
Preview: System Configuration Guide
System Configuration Guide168 pages
Preview: Manual
Manual64 pages
Preview: Configuration Manual
Configuration Manual50 pages
Preview: Command Reference Guide
Command Reference Guide1138 pages
Preview: Installation Guide
Installation Guide284 pages
Preview: Configuration Guidelines
Configuration Guidelines694 pages
Preview: Configuration Guide
Configuration Guide604 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco A9K-SIP-700 and is the answer not in the manual?

Cisco A9K-SIP-700 Specifications

General IconGeneral
BrandCisco
ModelA9K-SIP-700
CategoryNetwork Router
LanguageEnglish

Related product manuals