[c-nsp] filtering IPV6 for L2 bridged traffic ?
Alexander Clouter
alex at digriz.org.uk
Sat Oct 17 05:24:29 EDT 2009
Jeff Fitzwater <jfitz at princeton.edu> wrote:
>
> I am running SXI code on sup720-CXL and need to filter out certain
> IPV6 packets like MDNS on trunked L2 port?
>
> I was going to use an vlan access-map but it appears that it does not
> allow me to do a MATCH on an IPV6 acl, I guess I am stuck with a MAC
> ACL to filter bridged IPV6 traffic.
>
> Any ideas on this issue? How else can it be done?
>
Eugh, I am having a similar problem. Seems our 3750's are blind to
'permit any any 0x86dd 0x0' and I have to RSPAN *everything* and get it
filtered on the next hop...then to add to my pain it's awkward and not
wholely predictable even there; on a pair of 6509's.
For you however there might be a solution. Your magic cookie hint is...
http://en.wikipedia.org/wiki/Multicast_address#Ethernet_multicast_addresses
Enjoy
--
Alexander Clouter
.sigmonster says: What's love but a second-hand emotion?
-- Tina Turner
More information about the cisco-nsp
mailing list