[c-nsp] Why doesn't this IPv6 ACL work?
Seth Mattinen
sethm at rollernet.us
Mon Jun 21 22:00:30 EDT 2010
On 6/21/2010 18:48, David Prall wrote:
> What is the SDM Template that you are using? What version of code?
>
> Just tried this on 12.2(46)SE
>
I'm 12.2(53)SE2 on this switch.
> The current template is "desktop IPv4 and IPv6 routing" template.
>
Mine is set to "desktop IPv4 and IPv6 default"
> Without any issue.
>
I tried changing the prefix to be out of my old /48 instead as a shot in
the dark, and it didn't throw an error at me with this entry:
permit tcp any host 2620:0:950:1:2c0:f0ff:fe5a:abe8 eq 25
However, this continues to not work:
permit tcp any host 2607:fe70:0:1:2c0:f0ff:fe5a:abe8 eq 25
I can try switching to "routing" instead of "default" template.
Otherwise I guess it's iptables/ip6tables time for me if this thing
won't accept host addresses under my /32.
~Seth
More information about the cisco-nsp
mailing list