Dell M8024 Network Card User Manual


 
Introduction 31
IPv6 Multicast Features
Protocol Independent Multicast IPv6 Support
PIM-DM and PIM-SM support IPv6 routes.
MLD/MLDv2 (RFC2710/RFC3810)
MLD is used by IPv6 systems (listeners and routers) to report their IP multicast addresses memberships
to any neighboring multicast routers. The implementation of MLD v2 is backward compatible with
MLD v1.
MLD protocol enables the IPv6 router to discover the presence of multicast listeners, the nodes that
want to receive the multicast data packets, on its directly attached interfaces. The protocol specifically
discovers which multicast addresses are of interest to its neighboring nodes and provides this information
to the multicast routing protocol that make the decision on the flow of the multicast data packets.
Security Features
Access Control Lists (ACL)
Access Control Lists (ACLs) ensure that only authorized users have access to specific resources while
blocking off any unwarranted attempts to reach network resources. ACLs are used to provide traffic flow
control, restrict contents of routing updates, decide which types of traffic are forwarded or blocked, and
above all provide security for the network.
For information about defining ACLs, see "IP ACL Configuration" and "MAC ACL Configuration."
Dot1x Authentication (802.1x)
Dot1x authentication enables the authentication of system users through an external server. Only
authenticated and approved system users can transmit and receive data. Supplicants are authenticated
through the Remote Authentication Dial In User Service (RADIUS) server using the Extensible
Authentication Protocol (EAP). Also supported are PEAP, EAP-TTL, EAP-TTLS, and EAP-TLS. MAC-
based authentication allows multiple supplicants connected to the same port to each authenticate
individually. For example, a system attached to the port might be required to authenticate in order to
gain access to the network, while a VoIP phone might not need to authenticate in order to send voice
traffic through the port.
For information about enabling and configuring 802.1X port authentication, see
"Dot1x
Authentication."
Locked Port Support
The locked port feature limits access on a port to users with specific MAC addresses. These addresses are
manually defined or learned on that port. When a frame is seen on a locked port, and the frame source
MAC address is not tied to that port, the protection mechanism is invoked.
For information about enabling locked port security, see
"Port Security."