IPv6 Configuration Guide K/KA/KB.15.15
name-str The term used in ACL syntax statements to represent the “name string”; the alphanumeric
string used to identify the ACL. A name string allows up to 64 alphanumeric characters.
See also identifier, ACL ID.
Outbound Traffic For defining the points where the switch applies an RACL (Routed ACL) to filter traffic,
outbound traffic is routed traffic leaving the switch through an IP routing interface (or
a subnet in a multinetted VLAN). “Outbound traffic” can also apply to switched traffic
leaving the switch on an IP routing interface, but outbound, switched traffic is not filtered
by ACLs (see also “IPv6 ACL applications” (page 93)).
Permit An ACE configured with this action allows the switch to forward an IPv6 packet for
which there is a match.
Permit Any
Forwarding
An ACE configured with this action causes the switch to forward IPv6 packets that have
not been permitted or denied by earlier ACEs in the list. (This has no effect on packets
that are not filtered by the applicable ACL, such as switched packets entering or leaving
the switch on an IP routing interface that is configured with an RACL.)
Prefix Length In an IPv6 ACE, a network prefix is used to specify the leftmost contiguous bits in a
packet’s SA and DA that must match the bit settings defined in the SA and DA configured
in the ACE. The prefix length is specified (in CIDR format) by /nn immediately following
the specified SA or DA address. For example, if the SA prefix in an ACE is
2001:db8:127::/48, then the first 48 bits in the SA of a packet being compared to
that ACE must be the same to allow a match. In this case, bits 49 through 128 are not
compared and are termed a “wildcard”.
See also Wildcard.
RACL See Routed ACL.
RADIUS-assigned
ACL
An ACL assigned by a RADIUS server to a port to filter inbound IP traffic from a client
authenticated by the server for that port. A RADIUS-assigned ACL can be configured
(on a RADIUS server) to filter inbound IPv4 and IPv6 traffic (or just IPv4 traffic), regardless
of whether it is switched or routed. When the client session ends, the RADIUS-assigned
ACL for that client is removed from the port.
See also Implicit Deny.
remark-str The term used in ACL syntax statements to represent the variable “remark string”; a set
of alphanumeric characters you can include as a remark in an ACL. A remark string
allows up to 100 characters and must be delimited by single or double quotes if any
spaces are included in the string.
Routed ACL (RACL) An ACL applied to routed IPv6 traffic that is entering or leaving the switch on a given
IP routing interface.
See also Access Control List (ACL).
SA The acronym for Source Address. In an IPv6 packet, this is the source IPv6 address
carried in the header, and identifies the packet’s sender. This is the first of two IPv6
addresses used in an ACE to determine whether there is a match between a packet
and the ACE.
See also DA.
seq-# The term used in ACL syntax statements to represent the sequence number variable
used to insert an ACE within an existing list. The range allowed for sequence numbers
is 1 - 2147483647.
Static Port ACL An ACL statically configured on a specific port, group of ports, or trunk. A static port
ACL filters incoming IPv6 traffic on the port, regardless of whether it is switched or
routed.
VACL See VLAN ACL (VACL).
VLAN ACL (VACL) An ACL applied to all IPv6 traffic entering the switch on a given VLAN interface.
See also Access Control List.
Wildcard The bits in an SA or DA of a packet that are ignored when determining whether the
packet is a match for a given ACE. That is, when the switch is comparing the address
bits in a packet header with the address bits specified in a given IPv6 ACE, only the
address bits included in the prefix length in the ACE are significant. The remaining
92 IPv6 Access Control Lists (ACLs)