- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- Re: ACL to completely block IPv6 on 5700 FF
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-07-2016 01:15 AM
03-07-2016 01:15 AM
ACL to completely block IPv6 on 5700 FF
Hello everybody,
i have a question about ACL's. We have a customer who's using the HP 577 FF as LAN-Core. There are specific printers tha have varius problems with IPv6 Traffic. Sometimes, the whole Network is going down.
I want to block all IPv6 Traffic on the lan core. I've tried to create an ACL to block IPv6 but it didn't work. Can anybody tell me how to create the ACL rule correctly?
Thanks in advance!
Greetings Sebastian
- Tags:
- ACLs
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-07-2016 01:52 AM
03-07-2016 01:52 AM
Re: ACL to completely block IPv6 on 5700 FF
What did you try?
I'd start using port based (not VLAN based) rules blocking "ipv6 any-any" in both in and out-going direction.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-07-2016 11:42 PM
03-07-2016 11:42 PM
Re: ACL to completely block IPv6 on 5700 FF
Hey,
thanks for your reply.
I've tried the following command (as advanced IPv6 rule): rule deny ipv6 source any destination any
My current config:
[HP]dis acl ipv6 all
Advanced IPv6 ACL 3001, named -none-, 2 rules,
ACL's step is 5
rule 0 deny ipv6 logging
rule 1 deny icmpv6
I've also tried to set a second rule to deny icmpv6. But it seems, that none of the rules works properly. There's still IPv6 Traffic going through the device.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-08-2016 12:38 AM
03-08-2016 12:38 AM
Re: ACL to completely block IPv6 on 5700 FF
Drop the "logging" on the ACL .
On lower end switches, logging only works om management plane ACL.
On switch fabric there's probably no logging possibility, so rule doesn't get applied