MES1000, MES2000 Ethernet Switches 87
5.15.4 DHCPv6 guard function configuration
The DHCPv6 guard feature prevents third-party DHCPv6 servers on the network and allows their use
only on trusted interfaces.
Global Configuration Mode Commands
Command line request in global configuration mode appears as follows:
console(config)#
Table 5.65—Global configuration mode commands
Enable DHCPv6 guard function management for the switch.
Disable DHCPv6 guard function.
ipv6 dhcp guard vlan vlan
Enable DHCPv6 guard function management within the
specified VLAN.
- vlan – VLAN number.
Ethernet Interface Configuration Mode Commands
Command line request in the interface configuration mode appears as follows:
console (config-if)#
Table 5.66—Ethernet interface configuration mode commands
ipv6 dhcp guard device-
role { client | server }
Port operation mode selection:
- client – 'advertise' and 'relpy' messages are discarded
- server – 'advertise' and 'relpy' messages are filtered by the
rules.
ipv6 dhcp guard match
server accsess-list acl
Enable ACL for filtering DHCPv6 messages.
- acl – ACL name.
ipv6 dhcp guard match
reply prefix-list prefix-list
Enable prefix-list for filtering DHCPv6 messages.
- prefix-list – prefix-list name.
ipv6 dhcp guard trusted-
port
By default, all ports are
untrusted
Add port to the trusted list. Trusted ports allow all types of
messages.
no ipv6 dhcp guard
trusted-port
Delete port from trusted list.
To Next Page
Loading...
Need help?
General
