Cisco Nexus 7000 Series Command Reference Manual page 490
Hide thumbs
Also See for Nexus 7000 Series:
- Reference manual (746 pages) ,
- Configuration manual (536 pages) ,
- Hardware installation and reference manual (508 pages)
Table of Contents
Advertisement
ipv6 traffic-filter
• Tunnels
• Management interfaces
You can also use the ipv6 traffic-filter command to apply an IPv6 ACL as a router ACL to the following
interface types:
• Layer 2 Ethernet interfaces
• Layer 2 Ethernet port-channel interfaces
However, an ACL applied to a Layer 2 interface with the ipv6 traffic-filter command is inactive unless the
port mode changes to routed (Layer 3) mode. To apply an IPv6 ACL as a port ACL, use the ipv6 port
traffic-filter command.
You can also apply an IPv6 ACL as a VLAN ACL. For more information, see the match (VLAN access-map)
command.
The device applies router ACLs on either outbound or inbound traffic. When the device applies an ACL to
inbound traffic, the device checks inbound packets against the rules in the ACL. If the first matching rule
permits the packet, the device continues to process the packet. If the first matching rule denies the packet, the
device drops the packet and returns an ICMP host-unreachable message.
For outbound access lists, after receiving and routing a packet to an interface, the device checks the ACL. If
the first matching rule permits the packet, the device continues to process the packet. If the first matching rule
denies the packet, the device drops the packet and returns an ICMP host-unreachable message.
If you delete the specified ACL from the device without removing the ACL from an interface, the deleted
ACL does not affect traffic on the interface.
This command does not require a license.
Examples
This example shows how to apply an IPv6 ACL named ipv6-acl-3A to Ethernet interface 2/1:
switch# configure terminal
switch(config)# interface ethernet 2/1
switch(config-if)# ipv6 traffic-filter ipv6-acl-3A in
This example shows how to remove an IPv6 ACL named ipv6-acl-3A from Ethernet interface 2/1:
switch# configure terminal
switch(config)# interface ethernet 2/1
switch(config-if)# no ipv6 traffic-filter ipv6-acl-3A in
Related Commands
Command
ipv6 access-list
show access-lists
show ipv6 access-lists
show running-config interface
Cisco Nexus 7000 Series Security Command Reference
464
Description
Configures an IPv6 ACL.
Displays all ACLs.
Shows either a specific IPv6 ACL or all IPv6 ACLs.
Shows the running configuration of all interfaces or
of a specific interface.
I Commands
Advertisement
Table of Contents
