Point-to-point /64
Havard Eidnes
he at uninett.no
Mon Jun 3 11:37:39 CEST 2013
> On 03/06/2013 08:49, Darren Pilgrim wrote:
> ...
>> I'm not sure about other switches, but for the Catalyst 3750/3750G, it
>> means some quirks with IPv6 ACLs. The 3750/3750D can do ACLs on full
>> /128's, but only if the lower 64 bits are EUI64.
>
> Huh? How can it possibly know that? (see draft-ietf-6man-ug)
"Erroneously formulated". Those boxes can do ACLs on "full"
/128s with port numbers only if it ignores the middle 16 bits in
the lower 64 bits of the addresses, because the TCAM to match
with only has so many bits width... You can safely do this if
you don't need to distinguish on those bits, which usually
happens to be the case if you are using EUI64 address assignment.
Regards,
- Håvard
More information about the ipv6-ops
mailing list