[c-nsp] c3560 IPv6 and ACL

Tim tim at selfnet.de
Mon Nov 16 08:58:19 EST 2009


Primoz,

On Mon, Nov 16, 2009 at 11:56:17AM +0100, Primoz Jeroncic wrote:
> test(config-ipv6-acl)#permit tcp any host xxxx:xxxx:0:3::2 eq 25
> % Host address xxxx:xxxx:0:3::2 can not be supported
> % ACE can not be added
> % Failed to add access list
>
> If I try to do same thing on c12008, it works without problems.
>
> Any idea how to solve this problem?

"""
IPv6 ACL Limitations
... 
The switch supports most Cisco IOS-supported IPv6 ACLs with some
exceptions:

- IPv6 source and destination addresses—ACL matching is supported only on
  prefixes from /0 to /64 and host addresses (/128) that are in the
  extended universal identifier (EUI)-64 format. The switch supports only
  these host addresses with no loss of information:
  - aggregatable global unicast addresses
  - link local addresses 
"""
http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_40_se/configuration/guide/swv6acl.html#wp4334642

Cheers,
Tim

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20091116/e6c2850f/attachment.bin>


More information about the cisco-nsp mailing list