From the course: Cisco CCNP ENARSI v1.1 (300-410) Cert Prep: 3 Infrastructure Security
Unlock this course with a free trial
Join today to access over 22,500 courses taught by industry experts.
IPv6 traffic filters
From the course: Cisco CCNP ENARSI v1.1 (300-410) Cert Prep: 3 Infrastructure Security
IPv6 traffic filters
- [Narrator] Let's now take a look at IP version six traffic filters. With IP version six the standard ACL functionality is essentially the same as we see in IP version four. These ACLs determine which traffic is blocked and what gets forwarded, which gives us filtering based on both source and destination addresses, with IP version six ACLs. This allows us to support traffic filtering and this filtering can be based on optional upper layer protocol type information and option hitters. So this gives us more level of control. So again, many of the same rules apply here as with IP version four ACLs. These are processed from the top down, so you want your more specific entries at the top followed by the more general entries. We have immediate execution when a match is found. Meaning that if traffic matches multiple ACL entries, only the first entry will be processed. And we have an implicit deny any at the bottom of the ACL. So if there is no matching entry for the traffic it's going to…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
AAA troubleshooting28s
-
Local database5m 43s
-
TACACS+5m 54s
-
RADIUS5m 24s
-
Router security troubleshooting37s
-
IPv4 access control lists (ACLs)10m 39s
-
IPv6 traffic filters7m 25s
-
Unicast Reverse Path Forwarding (uRPF)8m 24s
-
Control Plane Policing (CoPP)12m 34s
-
IPv6 RA Guard2m 36s
-
DHCPv6 Guard2m 51s
-
IPv6 neighbor discovery inspection and snooping2m 10s
-
IPv6 source guard2m 53s
-
Lab: IPv4 ACL troubleshooting7m 48s
-
Chapter 2 summary42s
-
-