Manualshelf

Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron
1821182218231824182518261827182818291830
FastIron Configuration Guide 1769
53-1002494-02
Adding a comment to an IPv6 ACL entry
Syntax for applying an IPv6 ACL
NOTE
The ipv6 traffic-filter <ipv6-ACL-name> in command is supported on FCX, ICX 6610, ICX 6430, ICX
6450, and FESX devices only. The command is not supported on FSX, FLS, FGS, and FWS devices.
Syntax: ipv6 traffic-filter <ipv6-ACL-name> in
For the <ipv6-ACL-name> parameter, specify the name of an IPv6 ACL created using the ipv6
access-list command.
The in keyword applies the specified IPv6 ACL to incoming IPv6 packets on the interface.
Applying an IPv6 ACL to a trunk group
When applying an IPv6 ACL to a trunk group, apply it to the primary port of the trunk, as described
under Applying an IPv6 ACL to an interface” on page 1768. IPv6 ACLs cannot be applied to
secondary ports. When an IPv6 ACL is applied to a primary port in a trunk, it filters the traffic on the
secondary ports of the trunk as well as the traffic on the primary port.
Applying an IPv6 ACL to a virtual interface in a
protocol-based or subnet-based VLAN
As with IPv4 ACLs, by default, when you apply an IPv6 ACL to a virtual interface in a protocol-based
or subnet-based VLAN, the ACL takes effect on all protocol or subnet VLANs to which the untagged
port belongs. To prevent the Brocade device from denying packets on other virtual interfaces that
do not have an ACL applied, configure an ACL that permits packets in the IP subnet of the virtual
interface in all protocol-based or subnet-based VLANs to which the untagged port belongs.
Adding a comment to an IPv6 ACL entry
You can optionally add a comment to describe entries in an IPv6 ACL. The comment appears in the
output of show commands that display ACL information.
You can add a comment by entering the remark command immediately preceding an ACL entry, For
example, to enter comments preceding an ACL entry, enter commands such as the following.
Brocade(config)#ipv6 access-list rtr
Brocade(config-ipv6-access-list rtr)# remark This entry permits ipv6 packets from
3002::2 to any destination
Brocade(config-ipv6-access-list rtr)# permit ipv6 host 3000::2 any
Brocade(config-ipv6-access-list rtr)# remark This entry denies udp packets from
any source to any destination
Brocade(config-ipv6-access-list rtr)# deny udp any any
Brocade(config-ipv6-access-list rtr)# remark This entry denies IPv6 packets from
any source to any destination
Brocade(config-ipv6-access-list rtr)# deny ipv6 any any
Brocade(config-ipv6-access-list rtr)# write memory
Syntax: remark <comment-text>
The <comment-text> can be up to 256 characters in length.