Header Only - DO NOT REMOVE - Extreme Networks

How to create an ACL rule to block ICMPv6 traffic in entire Network

  • 4 September 2015
  • 0 replies

Userlevel 3
How to create an ACL rule to block ICMPv6 traffic in entire Network

Since ICMPV6 multicast are coming from multiple ports and flood the whole network.
It is not easy to configure each and every single port to apply ACL rule.

Below link ACL rule to Block IPv6 make sense in this case. But what about for ICMPV6 with different length.
And I need similar configuration on this to block ICMPV6 Multicast Listener Report.

kindly take note Length are 86, 90, 110, 130 and 150

Sample config from Brandon is as follow. And this is to apply this ingress on the affected ports. and ethernet-type is 0x86dd which is IPv6.

Brandon Clay,

entry deny_ipv6{ if { ethernet-type 0x86dd; } then { deny; count ipv6_drop; } }[/code]

Other related links....

How to create ACL in EXOS and apply in Ports

it is known issue

How to create an ACL rule to block IPv6 traffichttps://gtacknowledge.extremenetworks.com/articles/How_To/How-to-create-an-ACL-rule-to-block-IPv6-tr...

lost Network message:ICMPv6 Mulitcast Listener Reporthttps://community.extremenetworks.com/extreme/topics/lost-network-message-icmpv6-mulitcast-listener-...

0 replies

Be the first to reply!