IPv6 Type 0 Routing Header issues
Hank Nussbacher
hank at efes.iucc.ac.il
Mon Apr 30 18:44:14 CEST 2007
On Mon, 30 Apr 2007, Patrick Grossetete wrote:
When fixing IPv6, plz fix the ACL show syntax:
petach-tikva-gp#sho ipv6 access-l filter-rh
IPv6 access list filter-rh
deny ipv6 any any log routing sequence 10
permit ipv6 any any (186343 matches) sequence 20
which shows like that even though the input syntax is reversed (and
normal) as: "deny ipv6 any any routing log"
That was taken from 12.2(18)SXE6b.
-Hank
> Gert,
>
> I will recommend looking at the PSIRT published in January
> <http://www.cisco.com/warp/public/707/cisco-sa-20070124-IOS-IPv6.shtml>http://www.cisco.com/warp/public/707/cisco-sa-20070124-IOS-IPv6.shtml
> to find what is available from a given IOS release. I understand we need to
> get "no ipv6 source-route"
> as default across all release trains but can't state when it will happen.
>
> Regards
> Patrick
>
>
> At 05:30 PM 4/30/2007, Gert Doering wrote:
>> Hi,
>>
>> On Mon, Apr 30, 2007 at 05:26:01PM +0200, Sebastian Wiesinger wrote:
>> > > Unfortunately, not supported in 12.2 SXE/SXF versions for the large
>> > > 6500/7600 groupies here.
>> >
>> > Alternative:
>> >
>> > ipv6 access-list ipv6-infrastructure-acl-policy
>> > deny ipv6 any any routing-type 0
>> > [..]
>> > !
>>
>> Good plan... if it would work.
>>
>> Cisco-M-XXI(config)#ipv6 access-list ipv6-infrastructure-acl-policy
>> Cisco-M-XXI(config-ipv6-acl)# deny ipv6 any any routing-type 0
>> ^
>> - all the nice and shiny IPv6 filtering stuff isn't available in
>> 12.2S-based releases yet. Thanksverymuch.
>>
>> Gert Doering
>> -- NetMaster
>> --
>> Total number of prefixes smaller than registry allocations: 113403
>>
>> SpaceNet AG Vorstand: Sebastian v. Bomhard
>> Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
>> D-80807 Muenchen HRB: 136055 (AG Muenchen)
>> Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
>
More information about the ipv6-ops
mailing list