Ipv6 Access List Commands; Commands In This Chapter - Dell PowerEdge M420 Reference Manual

IPv6 Access List Commands

Access to a switch or router can be made more secure through the use of
Access Control Lists (ACLs) to control the type of traffic allowed into or out
of specific ports. An ACL consists of a series of rules, each of which describes
the type of traffic to be processed and the actions to take for packets that
meet the classification criteria. Rules within an ACL are evaluated
sequentially until a match is found, if any. Every ACL is terminated by an
implicit deny all rule, which covers any packet not matching a preceding
explicit rule. ACLs can help to ensure that only authorized users have access
to specific resources while blocking out any unwarranted attempts to reach
network resources.
ACLs may be used to restrict contents of routing updates, decide which types
of traffic are forwarded or blocked and, above all, provide security for the
network. ACLs are normally used in firewall routers that are positioned
between the internal network and an external network, such as the Internet.
They can also be used on a router positioned between two parts of the
network to control the traffic entering or exiting a specific part of the internal
network.
The PowerConnect ACL feature allows classification of packets based upon
Layer 2 through Layer 4 header information. An Ethernet IPv6 packet is
distinguished from an IPv4 packet by its unique Ethertype value; thus all IPv6
classifiers include the Ethertype field.
Multiple ACLs per interface are supported. The ACLs can be combination of
Layer 2 and/or Layer 3/4 ACLs. ACL assignment is appropriate for both
physical ports and LAGs. ACLs can also be time based.

Commands in this Chapter

This chapter explains the following commands:
{deny | permit} (IPv6 ACL)
ipv6 access-list
ipv6 access-list rename
ipv6 traffic-filter
show ipv6 access-lists
IPv6 Access List Commands
21
477