[154226] in North American Network Operators' Group
IPV6 ACL command to block ICMPv6 Type and code
daemon@ATHENA.MIT.EDU (Roman)
Fri Jun 29 00:52:48 2012
Date: Fri, 29 Jun 2012 14:52:06 +1000
From: Roman <nurul@apnic.net>
To: "nanog@nanog.org" <nanog@nanog.org>
Reply-To: nurul@apnic.net
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hi,
I am looking for Cisco IOS command to block specific ICMPv6 message type
and code. For example how to block only code 1 (communication with
destination administratively prohibited) of message type 1 (destination
unreachable). All other code will be permited.
deny icmp any any type 1 code 1
In my router I can see these:
Router(config-ipv6-acl)#deny icmp any any destination-unreachable ?
auth Match on authentication header
dest-option Destination Option header (all types)
dest-option-type Destination Option header with type
dscp Match packets with given dscp value
flow-label Flow label
log Log matches against this entry
log-input Log matches against this entry, including input
mobility Mobility header (all types)
mobility-type Mobility header with type
routing Routing header (all types)
routing-type Routing header with type
sequence Sequence number for this entry
time-range Specify a time-range
<cr>
My IOS is c2800nm-ipvoicek9-mz.124-24.T2
Regards
Rom
