Header Only - DO NOT REMOVE - Extreme Networks

Using Policy to Filter IPv6 Traffic on a SecureStack

Userlevel 3
Article ID: 12627

SecureStack C3, firmware and higher
SecureStack C2, firmware and higher
SecureStack B3, firmware and higher
SecureStack B2, firmware and higher

How to detect and drop incoming IP Version 6 traffic, using Policy.

Here is a sample policy configuration which will accomplish this task, by targeting traffic of ethertype 0x86DD:
set policy profile 1 name "Drop IPv6"
set policy rule 1 ether 0x86DD drop
set policy port *.*.* 1[/code]Note that the last command will spawn one policy assignment command per port. This is by design.

Minimal firmware versions to support ethertype classification rules are outlined in 5821.
The B3 and B2 support Policy only after application of policy licensing, as explained in 5781.

0 replies

Be the first to reply!