Filter
Top Products
Access Control List Commands
44-10
44
e.g., in a hop-by-hop option. A flow is uniquely identified by the combination
of a source address and a non-zero flow label. Packets that do not belong to
a flow carry a flow label of zero.
• Optional internet-layer information is encoded in separate headers that may
be placed between the IPv6 header and the upper-layer header in a packet.
There are a small number of such extension headers, each identified by a
distinct Next Header value. IPv6 supports the values defined for the IPv4
Protocol field in RFC 1700, including these commonly used headers:
0 : Hop-by-Hop Options (RFC 2460)
6 : TCP Upper-layer Header (RFC 1700)
17 : UDP Upper-layer Header (RFC 1700)
43 : Routing (RFC 2460)
44 : Fragment (RFC 2460)
51 : Authentication (RFC 2402)
50 : Encapsulating Security Payload (RFC 2406)
60 : Destination Options (RFC 2460)
Example
This example accepts any incoming packets if the destination address is
2009:DB9:2229::79/48.
This allows packets to any destination address when the DSCP value is 5.
This allows any packets sent to the destination 2009:DB9:2229::79/48 when the flow
label is 43.”
Related Commands
access-list ipv6 (44-7)
show ipv6 access-list
This command displays the rules for configured IPv6 ACLs.
Syntax
show ip access-list {standard | extended} [acl_name]
• standard – Specifies a standard IPv6 ACL.
• extended – Specifies an extended IPv6 ACL.
• acl_name – Name of the ACL. (Maximum length: 16 characters)
Console(config-ext-ipv6-acl)#permit 2009:DB9:2229::79/48
Console(config-ext-ipv6-acl)#
Console(config-ext-ipv6-acl)#permit any dscp 5
Console(config-ext-ipv6-acl)#
Console(config-ext-ipv6-acl)#permit 2009:DB9:2229::79/48 flow-label 43
Console(config-ext-ipv6-acl)#