Cisco 300 Series Cli Manual page 504

Stackable managed switches

Hide thumbs Also See for 300 Series:

Table of Contents

IPv6 First Hop Security

OL-32830-01 Command Line Interface Reference Guide

match server address

Each policy of the same type (for example, DHCPv6 Guard policies) must have a

unique name. Policies of different types can have the same policy name.

The switch supports two predefined, default DHCPv6 Guard policies named:

"vlan_default" and "port_default":

ipv6 dhcp guard policy vlan_default

ipv6 dhcp guard policy port_default

The default policies are empty and cannot be removed, but can be changed. The

no ipv6 dhcp guard policy does not remove the default policies, it only removes

the policy configuration defined by the user.

The default policies cannot be attached by the

ipv6 dhcp guard attach-policy (VLAN mode)

vlan_default policy is attached by default to a VLAN, if no other policy is attached

to the VLAN. The port_default policy is attached by default to a port, if no other

policy is attached to the port.

You can define a policy using the ipv6 dhcp guard policy command multiple times.

Before an attached policy is removed, a request for confirmation is presented to

the user, as shown in Example 3 below.

Example 1—The following example defines a DHCPv6 Guard policy named

policy1, places the router in DHCPv6 Guard Policy Configuration mode, configures

the port to drop unsecure messages and sets the device role as router:

switchxxxxxx(config)#

switchxxxxxx(config-dhcp-guard)#

switchxxxxxx(config-dhcp-guard)# exit

ipv6 dhcp guard policy policy1

match server address list1

device-role server

ipv6 dhcp guard attach-policy

command. The