Manualshelf

Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron
1811181218131814181518161817181818191820
1756 FastIron Configuration Guide
53-1002494-02
IPv6 ACL overview
You can configure an IPv6 ACL on a global basis, then apply it to the incoming IPv6 packets on
specified interfaces. You can apply only one IPv6 ACL to an interface. When an interface receives
an IPv6 packet, it applies the statements within the ACL in their order of appearance to the packet.
As soon as a match occurs, the Brocade device takes the specified action (permit or deny the
packet) and stops further comparison for that packet.
IPv6 ACLs are supported on:
Gbps Ethernet ports
10 Gbps Ethernet ports
Trunk groups
Virtual routing interfaces
NOTE
IPv6 ACLs are supported on inbound traffic and are implemented in hardware, making it possible
for the Brocade device to filter traffic at line-rate speed on 10 Gbps interfaces.
IPv6 ACL traffic filtering criteria
The Brocade implementation of IPv6 ACLs enable traffic filtering based on the following
information:
IPv6 protocol
Source IPv6 address
Destination IPv6 address
IPv6 message type
Source TCP or UDP port (if the IPv6 protocol is TCP or UDP)
Destination TCP or UDP port (if the IPv6 protocol is TCP or UDP)
IPv6 protocol names and numbers
The IPv6 protocol can be one of the following well-known names or any IPv6 protocol number from
0 – 255:
Authentication Header (AHP)
Encapsulating Security Payload (ESP)
Internet Control Message Protocol (ICMP)
Internet Protocol Version 6 (IPv6)
Stream Control Transmission Protocol (SCTP)
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
NOTE
TCP and UDP filters will be matched only if they are listed as the first option in the extension header.