Ipv6 Nd Detection Trust - HP 3600 v2 Series Command Reference Manual
Hide thumbs
Also See for 3600 v2 Series:
- Command reference manual (510 pages) ,
- Configuration manual (449 pages) ,
- Security configuration manual (398 pages)
Table of Contents
Advertisement
Default level
2: System level
Parameters
None
Description
Use the ipv6 nd detection enable command to enable ND detection in a VLAN to check ND packets for
source spoofing.
Use the undo ipv6 nd detection enable command to disable ND detection.
By default, ND detection is disabled.
Examples
# Enable ND detection in VLAN 10.
<Sysname> system-view
[Sysname] vlan 10
[Sysname-vlan 10] ipv6 nd detection enable
ipv6 nd detection trust
Syntax
ipv6 nd detection trust
undo ipv6 nd detection trust
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default level
2: System level
Parameters
None
Description
Use the ipv6 nd detection trust command to configure a port as an ND-trusted port.
Use the undo ipv6 nd detection trust command to configure a port as an ND-untrusted port.
By default, a port is ND-untrusted. In an ND detection-enabled VLAN, ports are assigned two roles:
ND-trusted and ND-untrusted.
On an ND-trusted port, the ND detection function does not check ND packets for address spoofing.
•
On an ND-untrusted port, RA and RR messages are considered illegal and discarded directly; all
•
other ND packets in the VLAN are checked for source spoofing.
Examples
# Configure Layer 2 port Ethernet1/0/1 as an ND-trusted port.
<Sysname> system-view
[Sysname] interface ethernet 1/0/1
[Sysname-Ethernet1/0/1] ipv6 nd detection trust
# Configure interface Bridge-Aggregation 1 as an ND-trusted port.
319
- Quick Links:
- Local User Configuration Commands
Hide quick links:
Advertisement
Table of Contents
