-
Cisco IOS IPv6 Command Reference
-
Introduction
-
IPv6 Commands: aaa accounting multicast default through clear ipv6 mobile home-agents
-
IPv6 Commands: clear ipv6 mobile traffic through debug bgp vpnv6 unicast
-
IPv6 Commands: debug crypto ipv6 ipsec through debug ipv6 pim
-
IPv6 Commands: debug ipv6 pim df-election through ip http server
-
IPv6 Commands: ip name server through ipv6 general-prefix
-
IPv6 Commands: ipv6 hello-interval eigrp through ipv6 mld static-group
-
IPv6 Commands: ipv6 mobile home-agent through ipv6 ospf database-filter all out
-
IPv6 Commands: ipv6 ospf dead-interval through ipv6 split-horizon eigrp
-
IPv6 Commands: mpls traffic-eng auto-bw timers through route-map
-
IPv6 Commands: router-id (IPv6) through show bgp ipv6 labels
-
IPv6 Commands: show bgp ipv6 neighbors through show crypto isakmp peers
-
IPv6 Commands: show crypto isakmp policy through show ipv6 eigrp neighbors
-
IPv6 Commands: show ipv6 eigrp topology through show ipv6 nat statistics
-
IPv6 Commands: show ipv6 nat translations through show ipv6 protocols
-
IPv6 Commands: show ipv6 rip through snmp-server host
-
IPv6 Commands: snmp-server user through variance (EIGRP)
-
Table Of Contents
ipv6 access-list log-update threshold
ipv6 authentication key-chain eigrp
ipv6 authentication mode eigrp
ipv6 dhcp client information refresh minimum
ipv6 flow-export template options
ip name-server
To specify the address of one or more name servers to use for name and address resolution, use the ip name-server command in global configuration mode. To remove the addresses specified, use the no form of this command.
ip name-server [vrf vrf-name] server-address1 [server-address2...server-address6]
no ip name-server [vrf vrf-name] server-address1 [server-address2...server-address6]
Syntax Description
Command Default
No name server addresses are specified.
Command Modes
Global configuration
Command History
Examples
The following example shows how to specify IPv4 hosts 172.16.1.111 and 172.16.1.2 as the name servers:
ip name-server 172.16.1.111 172.16.1.2This command will be reflected in the configuration file as follows:
ip name-server 172.16.1.111ip name-server 172.16.1.2The following example shows how to specify IPv4 hosts 172.16.1.111 and 172.16.1.2 as the name servers for vpn1:
Router(config)# ip name-server vrf vpn1 172.16.1.111 172.16.1.2
The following example shows how to specify IPv6 hosts 3FFE:C00::250:8BFF:FEE8:F800 and 2001:0DB8::3 as the name servers:
ip name-server 3FFE:C00::250:8BFF:FEE8:F800 2001:0DB8::3This command will be reflected in the configuration file as follows:
ip name-server 3FFE:C00::250:8BFF:FEE8:F800ip name-server 2001:0DB8::3Related Commands
ip route-cache
To control the use of switching methods for forwarding IP packets, use the ip route-cache command in interface configuration mode. To disable any of these switching methods, use the no form of this command.
ip route-cache [cef | distributed | flow | policy | same-interface]
no ip route-cache [cef | distributed | flow | policy | same-interface]
Syntax Description
Defaults
Fast Switching
The default behavior for Fast Switching varies by interface and media.
Distributed Switching
Distributed switching is disabled.
Cisco Express Forwarding and Distributed Cisco Express Forwarding
When Cisco Express Forwarding or distributed Cisco Express Forwarding operation is enabled globally, all interfaces that support Cisco Express Forwarding or distributed Cisco Express Forwarding are enabled by default.
NetFlow Accounting
NetFlow accounting is disabled.
Fast Switching for PBR (FSPBR)
FSPBR is disabled.
Command Modes
Interface configuration
Command History
Usage Guidelines
IP Route Cache
Note
The Cisco 10000 series routers do not support the ip route-cache command.
Using the route cache is often called fast switching. The route cache allows outgoing packets to be load-balanced on a per-destination basis rather than on a per-packet basis. The ip route-cache command with no additional keywords enables fast switching.
Entering the ip route-cache command has no effect on a subinterface. Subinterfaces accept the no form of the command; however, this disables Cisco Express Forwarding or distributed Cisco Express Forwarding on the physical interface and all subinterfaces associated with the physical interface
IP Route Cache Same Interface
You can enable IP fast switching when the input and output interfaces are the same interface, using the ip route-cache same-interface command. This configuration normally is not recommended, although it is useful when you have partially meshed media, such as Frame Relay or you are running Web Cache Communication Protocol (WCCP) redirection. You could use this feature on other interfaces, although it is not recommended because it would interfere with redirection of packets to the optimal path.
IP Route Cache Flow
The flow caching option can be used in conjunction with Cisco Express Forwarding switching to enable NetFlow, which allows statistics to be gathered with a finer granularity. The statistics include IP subprotocols, well-known ports, total flows, average number of packets per flow, and average flow lifetime.
Note
ip flow ingress command is configured, both commands will appear in the output of the
show running-config command.IP Route Cache Distributed
The distributed option is supported on Cisco routers with line cards and Versatile Interface Processors (VIPs) that support Cisco Express Forwarding switching.
On Cisco routers with Route/Switch Processor (RSP) and VIP controllers, the VIP hardware can be configured to switch packets received by the VIP with no per-packet intervention on the part of the RSP. When VIP distributed switching is enabled, the input VIP interface tries to switch IP packets instead of forwarding them to the RSP for switching. Distributed switching helps decrease the demand on the RSP.
If the ip route-cache distributed, ip cef distributed, and ip route-cache flow commands are configured, the VIP performs distributed Cisco Express Forwarding switching and collects a finer granularity of flow statistics.
IP Route-Cache Cisco Express Forwarding
In some instances, you might want to disable Cisco Express Forwarding or distributed Cisco Express Forwarding on a particular interface because that interface is configured with a feature that
Cisco Express Forwarding or distributed Cisco Express Forwarding does not support. Because all interfaces that support Cisco Express Forwarding or distributed Cisco Express Forwarding are enabled by default when you enable Cisco Express Forwarding or distributed Cisco Express Forwarding operation globally, you must use the no form of the ip route-cache distributed command in the interface configuration mode to turn Cisco Express Forwarding or distributed Cisco Express Forwarding operation off a particular interface.Disabling Cisco Express Forwarding or distributed Cisco Express Forwarding on an interface disables Cisco Express Forwarding or distributed Cisco Express Forwarding switching for packets forwarded to the interface, but does not affect packets forwarded out of the interface.
Additionally, when you disable distributed Cisco Express Forwarding on the RSP, Cisco IOS software switches packets using the next-fastest switch path (Cisco Express Forwarding).
Enabling Cisco Express Forwarding globally disables distributed Cisco Express Forwarding on all interfaces. Disabling Cisco Express Forwarding or distributed Cisco Express Forwarding globally enables process switching on all interfaces.
Note
IP Route Cache Policy
If Cisco Express Forwarding is already enabled, the ip route-cache route command is not required because PBR packets are Cisco Express Forwarding-switched by default.
Before you can enable fast-switched PBR, you must first configure PBR.
FSPBR supports all of PBR's match commands and most of PBR's set commands, with the following restrictions:
•
•
Also, at the process level, the routing table is consulted to determine if the interface is on a reasonable path to the destination. During fast switching, the software does not make this check. Instead, if the packet matches, the software blindly forwards the packet to the specified interface.
Note
Examples
Configuring Fast Switching and Disabling Cisco Express Forwarding Switching
The following example shows how to enable fast switching and disable Cisco Express Forwarding switching:
Router(config)# interface ethernet 0/0/0Router(config-if)# ip route-cacheThe following example shows that fast switching is enabled:
Router# show ip interface fastEthernet 0/0/0FastEthernet0/0/0 is up, line protocol is upInternet address is 10.1.1.254/24Broadcast address is 255.255.255.255Address determined by non-volatile memoryMTU is 1500 bytesHelper address is not setDirected broadcast forwarding is disabledMulticast reserved groups joined: 224.0.0.10Outgoing access list is not setInbound access list is not setProxy ARP is enabledSecurity level is defaultSplit horizon is enabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is disabledIP Flow switching is disabledIP Distributed switching is disabledIP Feature Fast switching turbo vectorIP Null turbo vectorIP multicast fast switching is enabledThe following example shows that Cisco Express Forwarding switching is disabled:
Router# show cef interface fastEthernet 0/0/0FastEthernet0/0/0 is up (if_number 3)Corresponding hwidb fast_if_number 3Corresponding hwidb firstsw->if_number 3Internet address is 10.1.1.254/24ICMP redirects are always sentPer packet load-sharing is disabledIP unicast RPF check is disabledInbound access list is not setOutbound access list is not setIP policy routing is disabledHardware idb is FastEthernet0/0/0Fast switching type 1, interface type 18IP CEF switching disabledIP Feature Fast switching turbo vectorIP Null turbo vectorInput fast flags 0x0, Output fast flags 0x0ifindex 1(1)Slot 0 Slot unit 0 VC -1Transmit limit accumulator 0x48001A02 (0x48001A02)IP MTU 1500The following example shows the configuration information for interface fastethernet 0/0/0:
Router# show running-config..!interface FastEthernet0/0/0ip address 10.1.1.254 255.255.255.0no ip route-cache cefno ip route-cache distributed!The following example shows how to enable Cisco Express Forwarding (and to disable distributed
Cisco Express Forwarding if it is enabled):Router(config-if)# ip route-cache cefThe following example shows how to enable VIP distributed Cisco Express Forwarding and per-flow accounting on an interface (regardless of the previous switching type enabled on the interface):
Router(config)# interface e0Router(config-if)# ip address 17.252.245.2 255.255.255.0Router(config-if)# ip route-cache distributedRouter(config-if)# ip route-cache flowThe following example shows how to enable Cisco Express Forwarding on the router globally (which also disables distributed Cisco Express Forwarding on any interfaces that are running distributed
Cisco Express Forwarding), and disable Cisco Express Forwarding (which enables process switching) on Ethernet interface 0:Router(config)# ip cefRouter(config)# interface e0Router(config-if)# no ip route-cache cefThe following example shows how to enable distributed Cisco Express Forwarding operation on the router (globally), and disable Cisco Express Forwarding operation on Ethernet interface 0:
Router(config)# ip cef distributedRouter(config)# interface e0Router(config-if)# no ip route-cache cefThe following example shows how to reenable distributed Cisco Express Forwarding operation on Ethernet interface 0:
Router(config)# ip cef distributedRouter(config)# interface e0Router(config-if)# ip route-cache distributedConfiguring Fast Switching for Traffic That Is Received and Transmitted over the Same Interface
The following example shows how to enable fast switching and disable Cisco Express Forwarding switching:
Router(config)# interface ethernet 0/0/0Router(config-if)# ip route-cache same-interfaceThe following example shows that fast switching on the same interface is enabled for interface fastethernet 0/0/0:
Router# show ip interface fastEthernet 0/0/0FastEthernet0/0/0 is up, line protocol is upInternet address is 10.1.1.254/24Broadcast address is 255.255.255.255Address determined by non-volatile memoryMTU is 1500 bytesHelper address is not setDirected broadcast forwarding is disabledMulticast reserved groups joined: 224.0.0.10Outgoing access list is not setInbound access list is not setProxy ARP is enabledSecurity level is defaultSplit horizon is enabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is enabledIP Flow switching is disabledIP Distributed switching is disabledIP Feature Fast switching turbo vectorIP Null turbo vectorIP multicast fast switching is enabledIP multicast distributed fast switching is disabledIP route-cache flags are FastRouter Discovery is disabledIP output packet accounting is disabledIP access violation accounting is disabledTCP/IP header compression is disabledRTP/IP header compression is disabledProbe proxy name replies are disabledPolicy routing is disabledNetwork address translation is disabledWCCP Redirect outbound is disabledWCCP Redirect inbound is disabledWCCP Redirect exclude is disabledBGP Policy Mapping is disabledIP multicast multilayer switching is disabledThe following example shows the configuration information for interface fastethernet 0/0/0:
Router# show running-config..!interface FastEthernet0/0/0ip address 10.1.1.254 255.255.255.0ip route-cache same-interfaceno ip route-cache cefno ip route-cache distributed!Enabling NetFlow Accounting
The following example shows how to enable NetFlow switching:
Router(config)# interface ethernet 0/0/0Router(config-if)# ip route-cache flowThe following example shows that NetFlow accounting is enabled for interface fastethernet 0/0/0:
Router# show ip interface fastEthernet 0/0/0FastEthernet0/0/0 is up, line protocol is upInternet address is 10.1.1.254/24Broadcast address is 255.255.255.255Address determined by non-volatile memoryMTU is 1500 bytesHelper address is not setDirected broadcast forwarding is disabledMulticast reserved groups joined: 224.0.0.10Outgoing access list is not setInbound access list is not setProxy ARP is enabledSecurity level is defaultSplit horizon is enabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is disabledIP Flow switching is enabledIP Distributed switching is disabledIP Flow switching turbo vectorIP Null turbo vectorIP multicast fast switching is enabledIP multicast distributed fast switching is disabledIP route-cache flags are Fast, FlowRouter Discovery is disabledIP output packet accounting is disabledIP access violation accounting is disabledTCP/IP header compression is disabledRTP/IP header compression is disabledProbe proxy name replies are disabledPolicy routing is disabledNetwork address translation is disabledWCCP Redirect outbound is disabledWCCP Redirect inbound is disabledWCCP Redirect exclude is disabledBGP Policy Mapping is disabledIP multicast multilayer switching is disabledConfiguring Distributed Switching
The following example shows how to enable distributed switching:
Router(config)# ip cef distributedRouter(config)# interface ethernet 0/0/0Router(config-if)# ip route-cache distributedThe following example shows that distributed Cisco Express Forwarding switching is for interface fastethernet 0/0/0:
Router# show cef interface fastEthernet 0/0/0FastEthernet0/0/0 is up (if_number 3)Corresponding hwidb fast_if_number 3Corresponding hwidb firstsw->if_number 3Internet address is 10.1.1.254/24ICMP redirects are always sentPer packet load-sharing is disabledIP unicast RPF check is disabledInbound access list is not setOutbound access list is not setIP policy routing is disabledHardware idb is FastEthernet0/0/0Fast switching type 1, interface type 18IP Distributed CEF switching enabledIP Feature Fast switching turbo vectorIP Feature CEF switching turbo vectorInput fast flags 0x0, Output fast flags 0x0ifindex 1(1)Slot 0 Slot unit 0 VC -1Transmit limit accumulator 0x48001A02 (0x48001A02)IP MTU 1500Configuring Fast Switching for PBR
The following example shows how to configure a simple policy-based routing scheme and to enable FSPBR:
Router(config)# access-list 1 permit 10.1.1.0 0.0.0.255Router(config)# route-map mypbrtag permit 10Router(config-route-map)# match ip address 1Router(config-route-map)# set ip next-hop 10.1.1.195Router(config-route-map)# exitRouter(config)# interface fastethernet 0/0/0Router(config-if)# ip route-cache policyRouter(config-if)# ip policy route-map mypbrtagThe following example shows that FSPBR is enabled for interface fastethernet 0/0/0:
Router# show ip interface fastEthernet 0/0/0FastEthernet0/0/0 is up, line protocol is upInternet address is 10.1.1.254/24Broadcast address is 255.255.255.255Address determined by non-volatile memoryMTU is 1500 bytesHelper address is not setDirected broadcast forwarding is disabledMulticast reserved groups joined: 224.0.0.10Outgoing access list is not setInbound access list is not setProxy ARP is enabledSecurity level is defaultSplit horizon is enabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is disabledIP Flow switching is disabledIP CEF switching is enabledIP Distributed switching is enabledIP Feature Fast switching turbo vectorIP Feature CEF switching turbo vectorIP multicast fast switching is enabledIP multicast distributed fast switching is disabledIP route-cache flags are Fast, Distributed, Policy, CEFRouter Discovery is disabledIP output packet accounting is disabledIP access violation accounting is disabledTCP/IP header compression is disabledRTP/IP header compression is disabledProbe proxy name replies are disabledPolicy routing is enabled, using route map my_pbr_tagNetwork address translation is disabledWCCP Redirect outbound is disabledWCCP Redirect inbound is disabledWCCP Redirect exclude is disabledBGP Policy Mapping is disabledIP multicast multilayer switching is disabledRelated Commands
ip router isis
To configure an Intermediate System-to-Intermediate System (IS-IS) routing process for IP on an interface and to attach an area designator to the routing process, use the ip router isis command in interface configuration mode. To disable IS-IS for IP, use the no form of the command.
ip router isis area-tag
no ip router isis area-tag
Syntax Description
Defaults
No routing processes are specified.
Command Modes
Interface configuration
Command History
Usage Guidelines
Before the IS-IS routing process is useful, a network entity title (NET) must be assigned with the net command and some interfaces must have IS-IS enabled.
If you have IS-IS running and at least one International Organization for Standardization Interior Gateway Routing Protocol (ISO-IGRP) process, the IS-IS process and the ISO-IGRP process cannot both be configured without an area tag. The null tag can be used by only one process. If you run ISO-IGRP and IS-IS, a null tag can be used for IS-IS, but not for ISO-IGRP at the same time. However, each area in an IS-IS multiarea configuration should have a nonnull area tag to facilitate identification of the area.
You can configure only one process to perform Level 2 (interarea) routing. If Level 2 routing is configured on any process, all additional processes are automatically configured as Level 1. You can configure this process to perform intra-area (Level 1) routing at the same time. You can configure up to 29 additional processes as Level 1-only processes. Use the is-type command to remove Level 2 routing from a router instance. You can then use the is-type command to enable Level 2 routing on some other IS-IS router instance.
An interface cannot be part of more than one area, except in the case where the associated routing process is performing both Level 1 and Level 2 routing. On media such as WAN media where subinterfaces are supported, different subinterfaces could be configured for different areas.
Examples
The following example specifies IS-IS as an IP routing protocol for a process named Finance, and specifies that the Finance process will be routed on Ethernet interface 0 and serial interface 0:
router isis Financenet 49.0001.aaaa.aaaa.aaaa.00interface Ethernet 0ip router isis Financeinterface serial 0ip router isis FinanceThe following example shows an IS-IS configuration with two Level 1 areas and one Level 1-2 area:
ip routing...interface Tunnel529ip address 10.0.0.5 255.255.255.0ip router isis BBinterface Ethernet1ip address 10.1.1.5 255.255.255.0ip router isis A3253-01!interface Ethernet2ip address 10.2.2.5 255.255.255.0ip router isis A3253-02...! Defaults to "is-type level-1-2"router isis BBnet 49.2222.0000.0000.0005.00!router isis A3253-01net 49.0553.0001.0000.0000.0005.00is-type level-1!router isis A3253-02net 49.0553.0002.0000.0000.0005.00is-type level-1Related Commands
is-type
Configures the routing level for an IS-IS routing process.
net
Configures an IS-IS NET for a CLNS routing process.
router isis
Enables the IS-IS routing protocol.
ipv6 access-class
To filter incoming and outgoing connections to and from the router based on an IPv6 access list, use the ipv6 access-class command in line configuration mode. To disable the filtering of incoming and outgoing connections to the router, use the no form of this command.
ipv6 access-class ipv6-access-list-name {in | out}
no ipv6 access-class
Syntax Description
Command Default
The filtering of incoming and outgoing connections to and from the router is not enabled.
Command Modes
Line configuration
Command History
Usage Guidelines
The ipv6 access-class command is similar to the access-class command, except that it is IPv6-specific.
The incoming connection source address is used to match against the access list source prefix. The router address on the received interface is used to match against the access list destination prefix.
IPv6 access control list (ACL) matches are made using TCP; an ACL permit match using IPv6 or TCP is required to allow access to a router.
Examples
The following example filters incoming connections on virtual terminal lines 0 to 4 of the router based on the IPv6 access list named cisco:
ipv6 access-list ciscopermit ipv6 host 2001:0DB8:0:4::2/128 anyline vty 0 4ipv6 access-class cisco inRelated Commands
ipv6 access-list
To define an IPv6 access list and to place the router in IPv6 access list configuration mode, use the ipv6 access-list command in global configuration mode. To remove the access list, use the no form of this command.
ipv6 access-list access-list-name
no ipv6 access-list access-list-name
Syntax Description
access-list-name
Name of the IPv6 access list. Names cannot contain a space or quotation mark, or begin with a numeric.
Command Default
No IPv6 access list is defined.
Command Modes
Global configuration
Command History
Usage Guidelines
The ipv6 access-list command is similar to the ip access-list command, except that it is IPv6-specific.
In Cisco IOS Release 12.2(2)T or later releases, 12.0(21)ST, and 12.0(22)S, standard IPv6 access control list (ACL) functionality is used for basic traffic filtering functions—traffic filtering is based on source and destination addresses, inbound and outbound to a specific interface, and with an implicit deny statement at the end of each access list (functionality similar to standard ACLs in IPv4). IPv6 ACLs are defined and their deny and permit conditions are set by using the ipv6 access-list command with the deny and permit keywords in global configuration mode.
In Cisco IOS Release 12.0(23)S or later releases, the standard IPv6 ACL functionality is extended to support—in addition to traffic filtering based on source and destination addresses—filtering of traffic based on IPv6 option headers and optional, upper-layer protocol type information for finer granularity of control (functionality similar to extended ACLs in IPv4). IPv6 ACLs are defined by using the ipv6 access-list command in global configuration mode and their permit and deny conditions are set by using the deny and permit commands in IPv6 access list configuration mode. Configuring the ipv6 access-list command places the router in IPv6 access list configuration mode—the router prompt changes to Router(config-ipv6-acl)#. From IPv6 access list configuration mode, permit and deny conditions can be set for the defined IPv6 ACL.
Note
In Cisco IOS Release 12.0(23)S or later releases, and 12.2(11)S or later releases, for backward compatibility, the ipv6 access-list command with the deny and permit keywords in global configuration mode is still supported; however, an IPv6 ACL defined with deny and permit conditions in global configuration mode is translated to IPv6 access list configuration mode.
Refer to the deny (IPv6) and permit (IPv6) commands for more information on filtering IPv6 traffic based on IPv6 option headers and optional, upper-layer protocol type information. See the "Examples" section for an example of a translated IPv6 ACL configuration.
Note
The IPv6 neighbor discovery process makes use of the IPv6 network layer service; therefore, by default, IPv6 ACLs implicitly allow IPv6 neighbor discovery packets to be sent and received on an interface. In IPv4, the Address Resolution Protocol (ARP), which is equivalent to the IPv6 neighbor discovery process, makes use of a separate data link layer protocol; therefore, by default, IPv4 ACLs implicitly allow ARP packets to be sent and received on an interface.
Note
Use the ipv6 traffic-filter interface configuration command with the access-list-name argument to apply an IPv6 ACL to an IPv6 interface. Use the ipv6 access-class line configuration command with the access-list-name argument to apply an IPv6 ACL to incoming and outgoing IPv6 virtual terminal connections to and from the router.
Note
Note
Examples
The following example is from a router running Cisco IOS Release 12.0(23)S or later releases. The example configures the IPv6 ACL list named list1 and places the router in IPv6 access list configuration mode.
Router(config)# ipv6 access-list list1Router(config-ipv6-acl)#The following example is from a router running Cisco IOS Release 12.2(2)T or later releases, 12.0(21)ST, or 12.0(22)S. The example configures the IPv6 ACL named list2 and applies the ACL to outbound traffic on Ethernet interface 0. Specifically, the first ACL entry keeps all packets from the network FEC0:0:0:2::/64 (packets that have the site-local prefix FEC0:0:0:2 as the first 64 bits of their source IPv6 address) from exiting out of Ethernet interface 0. The second entry in the ACL permits all other traffic to exit out of Ethernet interface 0. The second entry is necessary because an implicit deny all condition is at the end of each IPv6 ACL.
Router(config)# ipv6 access-list list2 deny FEC0:0:0:2::/64 anyRouter(config)# ipv6 access-list list2 permit any anyRouter(config)# interface ethernet 0Router(config-if)# ipv6 traffic-filter list2 outIf the same configuration was entered on a router running Cisco IOS Release 12.0(23)S or later releases, the configuration would be translated into IPv6 access list configuration mode as follows:
ipv6 access-list list2deny FEC0:0:0:2::/64 anypermit ipv6 any anyinterface ethernet 0ipv6 traffic-filter list2 out
Note
Note
Note
Related Commands
ipv6 access-list log-update threshold
To specify the number of updates that are logged for IPv6 access lists, use the ipv6 access-list log-update threshold command in global configuration mode. To return the number of logged updates to the default setting, use the no form of this command.
ipv6 access-list log-update threshold value
no ipv6 access-list log-update threshold
Syntax Description
value
Specifies the number of updates that are logged for every IPv6 access list configured on the router. The acceptable range is from 0 to 2147483647.
Command Default
2147483647 updates.
Command Modes
Global configuration
Command History
Usage Guidelines
The ipv6 access-list log-update threshold command is similar to the ip access-list log-update threshold command, except that it is IPv6-specific.
IPv6 ACL updates are logged at five minute intervals, following the first logged update. Configuring a lower number of updates (a number lower than the default) is useful when more frequent update logging is desired.
Examples
The following example configures a log threshold of ten updates for every IPv6 access list configured on the router.
ipv6 access-list log-update threshold 10Related Commands
ipv6 access-list
Defines an IPv6 access list and enters IPv6 access list configuration mode.
show ipv6 access-list
Displays the contents of all current IPv6 access lists.
ipv6 address
To configure an IPv6 address based on an IPv6 general prefix and enable IPv6 processing on an interface, use the ipv6 address command in interface configuration mode. To remove the address from the interface, use the no form of this command.
ipv6 address {ipv6-address/prefix-length | prefix-name sub-bits/prefix-length | [%vrf-name]}
no ipv6 address {ipv6-address/prefix-length | prefix-name sub-bits/prefix-length | [%vrf-name]}
Syntax Description
Command Default
No IPv6 addresses are defined for any interface.
Command Modes
Interface configuration
Command History
Usage Guidelines
The ipv6 address command allows multiple IPv6 addresses to be configured on an interface in various different ways, with varying options. The most common way is to specify the IPv6 address with the prefix length.
Addresses may also be defined using the general prefix mechanism, which separates the aggregated IPv6 prefix bits from the subprefix and host bits. In this case, the leading bits of the address are defined in a general prefix, which is globally configured or learned (for example, through use of DHCP-PD), and then applied using the prefix-name argument. The subprefix bits and host bits are defined using the sub-bits argument.
Using the no ipv6 address autoconfig command without arguments removes all IPv6 addresses from an interface.
Examples
The following example shows how to enable IPv6 processing on the interface and configure an address based on the general prefix called my-prefix and the directly specified bits:
Router(config-if) ipv6 address my-prefix 0:0:0:7272::72/64Assuming the general prefix named my-prefix has the value of 2001:DB8:2222::/48, then the interface would be configured with the global address 2001:DB8:2222:7272::72/64.
Related Commands
