Configuring An Extended Ipv6 Acl - Edge-Core ECS3510-10PD Management Manual

C
ONFIGURING AN
E IP 6 ACL
XTENDED V
Use the Security > ACL (Configure ACL - Add Rule - IPv6 Extended) page
to configure an Extended IPv6 ACL.
CLI R
EFERENCES
"permit, deny (Extended IPv6 ACL)" on page 966
◆
"show ipv6 access-list" on page 969
◆
"Time Range" on page 773
◆
P
ARAMETERS
These parameters are displayed in the web interface:
Type – Selects the type of ACLs to show in the Name list.
◆
Name – Shows the names of ACLs matching the selected type.
◆
Action – An ACL can contain any combination of permit or deny rules.
◆
Source/Destination Address Type – Specifies the source or
◆
destination IP address type. Use "Any" to include all possible addresses,
or "IPv6-Prefix" to specify a range of addresses. (Options: Any, IPv6-
Prefix; Default: Any)
Source/Destination IPv6 Address – An IPv6 address or network
◆
class. The address must be formatted according to RFC 2373 "IPv6
Addressing Architecture," using 8 colon-separated 16-bit hexadecimal
values. One double colon may be used in the address to indicate the
appropriate number of zeros required to fill the undefined fields.
Source/Destination Prefix-Length – A decimal value indicating how
◆
many contiguous bits (from the left) of the address comprise the prefix;
i.e., the network portion of the address. (Range: 0-128 bits for the
source address; 0-8 bits for the destination address)
DSCP – DSCP traffic class. (Range: 0-63)
◆
Next Header – Identifies the type of header immediately following the
◆
IPv6 header. (Range: 0-255)
Optional internet-layer information is encoded in separate headers that
may be placed between the IPv6 header and the upper-layer header in
a packet. There are a small number of such extension headers, each
identified by a distinct Next Header value. IPv6 supports the values
defined for the IPv4 Protocol field in RFC 1700, and includes these
commonly used headers:
0 : Hop-by-Hop Options (RFC 2460)
6 : TCP Upper-layer Header (RFC 1700)
17 : UDP Upper-layer Header (RFC 1700)
43 : Routing (RFC 2460)
44 : Fragment (RFC 2460)
50 : Encapsulating Security Payload (RFC 2406)
51 : Authentication (RFC 2402)
60 : Destination Options (RFC 2460)
– 367 –
| Security Measures
C 13
HAPTER
Access Control Lists