Security: IPv6 First Hop Security
Configuring IPv6 First Hop Security through Web GUI
STEP 1
STEP 2
STEP 3
STEP 4
Cisco Sx350, SG350X, SG350XG, Sx550X & SG550XG Series Managed Switches, Firmware Release 2.2.5.x
Neighbor Binding Table
To view entries in the Neighbor Binding table:
Click Security > IPv6 First Hop Security > Neighbor Binding Table
Select one of the following clear table options:
•
Static Only—Clear all static entries in the table.
•
Dynamic Only—Clear all dynamic entries in the table.
•
All Dynamic & Static —Clear all dynamic and static entries in the table.
The following fields are displayed for each policy (only fields not on Add page are displayed:
•
Origin—Protocol that added the IPv6 address (only available for dynamic entries):
-
Static—Added manually.
-
NDP—Learnt from Neighbor Discovery Protocol messages.
-
DHCP—Learnt from DHCPv6 protocol messages.
•
State—State of the entry:
-
Tentative—The new host IPv6 address is under validation. Since its lifetime is less
than 1 sec its expiration time is not displayed.
-
Valid—The host IPv6 address was bound.
•
Expiry Time (Sec.)—Remaining time in seconds until the entry will be removed, if it
is not confirmed.
•
TCAM Overflow—Entries marked as No have not been added to the TCAM because
TCAM overflow
To add a policy, click Add and enter the following fields:
•
VLAN ID—VLAN ID of the entry.
•
IPv6 Address—Source IPv6 address of the entry.
•
Interface— Port on which packet is received.
•
MAC Address— Neighbor MAC address of the packet.
Click Apply to add the settings to the Running Configuration file.
25
566