Prefix Usage Differences Between Acls And Other Ipv6 Addressing - HP 2530 Manual Supplement

packet's SA and DA must be an exact match with the same bits in an ACE. The bits to the right of
the prefix are wildcards, not used to determine a match.
Prefix
/0
/ 1 — /127
/128
For example, the following ACE applies to Telnet packets from a source address where the leading
bits are set to 2001:db8:10:1 and any destination address where the leading bits are set to
2001:db8:10:1:218:71ff:fec4.
Example 24 SA/DA prefix lengths
permit tcp 2001:db8:10:1::/64 eq 23 2001:db8:10:1:218:71ff:fec4::/112
"64" is the prefix defining the mask for the leading bits in the source address.
"1 12" is the prefix defining the mask for the leading bits in the destination address.
Thus, in the above example, if an IPv6 telnet packet has an SA match with the ACE's leftmost 64
bits and a DA match with the ACE's leftmost 1 12 bits, then there is a match and the packet is
permitted. In this case, the source and destination addresses allowed are:
Address
Source (SA)
Destination (DA)
To summarize, when the switch compares an IPv6 packet to an ACE in an ACL, it uses the subnet
prefixes configured with the SA and DA in the ACE to determine how many leftmost, contiguous
bits in the ACE's SA and DA must be matched by the same bits in the SA and DA carried by the
packet. Thus, the subnet prefixes specified with the SA and DA in an ACE determine the source
and destination address ranges acceptable for a match between the ACE and a filtered packet.

Prefix usage differences between ACLs and other IPv6 addressing

For ACLs, the prefix specifies the leftmost bits in an address that are meaningful for a packet match.
In other IPv6 usage, the prefix separates network and subnet values from the device identifier in
an address.
Prefix Usage
For an SA or DA in the ACE belonging to
an IPv6 ACL, the associated prefix
specifies how many consecutive, leading
bits in the address are used to define a
match with the corresponding bits in the
SA or DA of a packet being filtered.
Range of Applicable Addresses
any IPv6 host
all IPv6 hosts within the range defined by the
number of bits in the prefix
one IPv6 host
Prefix
2001:db8:10:1
2001:db8:10:1:218:71ff:fec4
Examples
2620:0:a03:e102:215:60ff:fe7a:adc0/128
2620:0:a03:e102:215/80
Examples
::/0
2001:db8::/48
2001:db8::/64
2001:db8::218:71ff:fec4:2f00/128
Range of Unicast Addresses
< prefix >::0
to
< prefix >:FFFF:FFFF:FFFF:FFFF
< prefix >:0
to
< prefix >:FFFF
Traffic management and improved network performance
Notes
All bits. Used for a specific SA
or DA.
The first 80 bits. Used for an
SA or DA having
2620:0:a03:e102:215 in the
leftmost 80 bits of an address.
73