- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- Comware: finally a working IPv6 "RA guard"?
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-25-2016 03:58 AM - edited 08-25-2016 03:59 AM
08-25-2016 03:58 AM - edited 08-25-2016 03:59 AM
Comware: finally a working IPv6 "RA guard"?
Hello,
while reading the R5501P27 release notes (rfor the HP A5500-HI switches I happily found a new IPv6 "RA guard" for host ports:
It would be great if we get that feature on some other switches as well, e.,g. A5500-EI.
Perhaps someone of the HPE team could help with this?
Regards
Michael
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-02-2016 11:31 PM
09-02-2016 11:31 PM
Re: Comware: finally a working IPv6 "RA guard"?
Even on low end switch HP1920 , I can block incoming RAs on a port. Snippet below uses ipv6 ICMP type, you can also block specific destination MAC instead.
acl number 4000
description Select IPv6 RA MAC address
rule 0 permit dest-mac 3333-0000-0001 ffff-ffff-ffff
acl ipv6 number 3000
description IPv6_RA
rule 0 permit icmpv6 icmp6-type router-advertisement
traffic classifier CL_IPv6RA operator and
if-match acl ipv6 3000
qos policy POL_BlockRA
classifier CL_IPv6RA behavior Block
interface GigabitEthernet1/0/1
qos apply policy POL_BlockRA inbound