Security: IPv6 First Hop Security
IPv6 First Hop Security Overview
IPv6 First Hop Security Overview
Cisco 350XG & 550XG Series 10G Stackable Managed Switches
IPv6 FHS is a suite of features designed to secure link operations in an IPv6-
enabled network. It is based on the Neighbor Discovery Protocol and DHCPv6
messages.
In this feature, a Layer 2 switch (as shown in
Protocol messages, DHCPv6 messages and user data messages according to a
number of different rules.
Figure 1 IPv6 First Hop Security Configuration
IPv6 Host
(End Node)
Monitor
A separate and independent instance of IPv6 First Hop Security runs on each
VLAN on which the feature is enabled.
Abbreviations
Name
CPA message
CPS message
DAD-NS message
Figure
First Hop Switch
Description
Certification Path Advertisement message
Certification Path Solicitation message
Duplicate Address Detection Neighbor
Solicitation message
) filters Neighbor Discovery
IPv6 Router
24
500