24-5
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 24 Configuring IP Version 6
IPv6 Extended ACLs
Configuring IPv6 Traffic Filtering
To enable IPv6 traffic filtering, you must perform the following steps:
1.
Create an IPv6 ACL
2.
Configure the IPv6 ACL to pass or block traffic
3.
Apply the IPv6 ACL to an interface
Creating and Configuring the IPv6 ACL
SUMMARY STEPS
1.
enable
2.
configure
terminal
3.
ipv6 access-list
access-list-name
4.
permit
protocol
{
source-ipv6-prefix
/
prefix-length
|
any
|
host
source-ipv6-address
}
[
operator
[
port-number
]]
{
destination-ipv6-prefix
/
prefix-length
|
any
|
host
destination-ipv6-address
}
[
operator
[
port-number
]]
[
dest-option-type
[
doh-number
|
doh-type
]] [
dscp
value
]
[
flow-label
value
]
[
fragments
]
[
log
]
[
log-input
] [
mobility
] [
mobility-type
[
mh-number
|
mh-type
]] [
reflect
name
[
timeout
value
]]
[
routing
] [
routing-type
routing-number
] [
sequence
value
] [
time-range
name
]
or
deny
protocol
{
source-ipv6-prefix
/
prefix-length
|
any
|
host
source-ipv6-address
} [
operator
[
port-number
]]
{
destination-ipv6-prefix
/
prefix-length
|
any
|
host
destination-ipv6-address
}
[
operator
[
port-number
]]
[
dest-option-type
[
doh-number
|
doh-type
]] [
dscp
value
]
[
flow-label
value
]
[
fragments
]
[
log
]
[
log-input
] [
mobility
] [
mobility-type
[
mh-number
|
mh-type
]] [
routing
]
[
routing-type
routing-number
] [
sequence
value
] [
time-range
name
]
[
undetermined-transport
]
DETAILED STEPS
Command or Action
Purpose
Step 1
enable
Example:
Router> enable
Enables privileged EXEC mode.
•
Enter your password if prompted.
Step 2
configure
terminal
Example:
Router# configure terminal
Enters global configuration mode.