Configuring Ra Guard - Cisco Catalyst 4500 Series Software Configuration Manual
Cisco ios xe release 3.9.xe and cisco ios release 15.2(5)ex
Hide thumbs
Also See for Catalyst 4500 Series:
- Administration manual (1814 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Chapter 62
Configuring Network Security with ACLs
Figure 62-10
Host A
Configuring RA Guard
To configure RA Guard, perform this step:
Command
Step 1
Switch# configure terminal
Step 1
Switch(config)# interface interface
Step 2
Switch(config-if)# [no] ipv6 nd
raguard
Step 3
Switch(config-if)# end
Step 4
Switch# show ipv6 nd raguard policy
policy_name
Step 5
Switch# show ipv6 first-hop
counters interface
Step 6
Switch# clear ipv6 snooping
counters interface
Examples
This examples shows how to enable RA Guard on the switch:
Switch(config)# int gi1/1
Switch(config-if)# ipv6 nd raguard
Switch(config-if)# end
Switch# show running-configuration interface gi1/1
Building configuration...
Typical RA Guard Deployment
Catalyst 4500
Series Switch
Block incoming
RA
Host B
Purpose
Enters global configuration mode.
Enters interface mode.
Enables RA Guard on the switch.
Returns to privileged EXEC mode.
Shows the policy on which RA Guard has been enabled.
Note
Shows the number of packets dropped per port due to RA Guard. The
counters can be displayed for a particular interface by using the interface
option.
Note
Clears RA Guard counters on a particular interface.
The counters on all interfaces are cleared if the interface option is absent.
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Allow incoming
RA
Block
incoming
RA
With Cisco Release IOS XE 3.4.0SG and IOS 15.1(2)SG, the
show ipv6 nd raguard policy command replaces the show ipv6
first-hop policies command.
If counters are not enabled for the port, the counter value is zero.
Configuring RA Guard
Router
62-51
Advertisement
Chapters
Table of Contents
Troubleshooting
