[c-nsp] IPv6 RA filter on Layer 2 switch with edge ports configured as trunk

harbor235 harbor235 at gmail.com
Thu Mar 8 11:15:17 EST 2012


Herro91 (what kind of name is that?),

Looks like the ASA 1000v and the Nexus 1000v should be able to do this as
part
of a clear data center strategy for Cisco. But .........

IPV6 ACLs are still not supported on the *1000v products, doh !!!!!!!!

Your best bet may be to police the vlans on the switches that connect the
L3 interface for each vlan (VACL, PVLAN) as well as use any safeguards
available on the L3 interface, ACLs, PVLANs, RA-guard etc ......

Cisco is dropping the ball again !!!


Mike

On Mon, Mar 5, 2012 at 9:37 PM, Herro91 <herro91 at gmail.com> wrote:

> Hi,
>
> Trying to figure out a solution on how to implement an IPv6 Traffic Filter
> to block RA messages on a 4948 that is configured as an L2 switch. More
> specifically the edge ports are configured as trunks to an ESX host which
> has many VMs (Windoze, Linux, etc). Given the trunk port config, I know I
> could do a VACL, but those lack direction (input/output) so it seems like a
> non-starter
>
> Appreciate any thoughts/advice
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list