ipv6security-raguard-create

Create a Router Advertisement (RA) IPv6 security policy for IPv6 addresses.

Syntax   ipv6security-raguard-create

name name-string

Specify the RA policy name.

device host|router

Specify the type of device as host or router.

router-priority low|medium|high

Specify the router priority as low, medium, or high.

access-list name-string

Specify the access list name.

prefix-list name-string

Specify the prefix list name.

Defaults   None

Access   Network Administrator

History   Command introduced in Version 3.0.0.

Usage   Use this command to create a RA Guard policy for IPv6 addresses.

Examples  To create a RA Guard policy with the name ra-guard-policy, device router, router-priority low, access-list ra-access-1, and prefix-list ra-prefix-1, use the following syntax:

CLI network-admin@switch > ipv6security-raguard-create name ra-guard-policy device router router-priority low access-list ra-access-1 prefix-list ra-prefix-1


ipv6security-raguard-delete

Delete a Router Advertisement (RA) IPv6 security policy for IPv6 addresses.

Syntax   ipv6security-raguard-delete

name name-string

Specify the RA policy name.

Defaults   None

Access   Network Administrator

History   Command introduced in Version 3.0.0.

Usage   Use this command to delete a RA Guard policy for IPv6 addresses.

Examples  To delete a RA Guard policy with the name ra-guard-policy, device router, router-priority low, access-list ra-access-1, and prefix-list ra-prefix-1, use the following syntax:

CLI network-admin@switch > ipv6security-raguard-delete name ra-guard-policy

ipv6security-raguard-modify

Modify a Router Advertisement (RA) IPv6 security policy for IPv6 addresses.

Syntax   ipv6security-raguard-modify


name name-string

Specify the RA policy name.

device host|router

Specify the type of device as host or router.

router-priority low|medium|high

Specify the router priority as low, medium, or high.

access-list name-string

Specify the access list name.

prefix-list name-string

Specify the prefix list name.

attached-ports port-list

Specify the ports attached to the RA Guard policy.

Defaults   None

Access   Network Administrator

History   Command introduced in Version 3.0.0.

Usage   Use this command to modify a RA Guard policy for IPv6 addresses.

Examples  To modify a RA Guard policy with the name ra-guard-policy, device router, router-priority low, access-list ra-access-1, and prefix-list ra-prefix-1, and add ports 11-13, use the following syntax:

CLI network-admin@switch > ipv6security-raguard-modify name ra-guard-policy device router router-priority low access-list ra-access-1 prefix-list ra-prefix-1 attached-ports 11-13

ipv6security-raguard-remove

Remove ports from an IPv6 RA Guard policy.

Syntax   ipv6security-raguard-port-remove

name name-string

Specify the name of the RA Guard policy to add ports.

ports port-list

Specify the list of ports to add to the policy.

Defaults   None

Access   Network Administrator

History   Command introduced in Version 3.0.0.

Usage   Use this command to remove ports to a RA Guard policy.

Examples  To remove ports from a RA Guard policy, ra-guard-policy, use the following syntax:

CLI network-admin@switch > ipv6security-raguard-port-remove name ra-guard-policy ports 11-13

ipv6security-raguard-show

Display information about a Router Advertisement (RA) IPv6 security policy configuration.

Syntax   ipv6security-raguard-show

name name-string

Displays the RA policy name.

device host|router

Displays the type of device as host or router.

router-priority low|medium|high

Displays the router priority as low, medium, or high.

access-list name-string

Displays the access list name.

prefix-list name-string

Displays the prefix list name.

attached-ports port-list

Displays the ports attached to the policy.

Defaults   None

Access   Network Administrator

History   Command introduced in Version 3.0.0.

Usage   Use this command to display information about a RA Guard policy configuration.

Examples  To display information about a RA Guard policy configuration, NAT-1, use the following syntax:

CLI network-admin@switch > ipv6security-raguard-show

switch     name            device router-priority access-list prefix-list attached-ports

---------- --------------- ------ --------------- ----------- ----------- --------------

leo-ext-22 ra-guard-policy router low             ra-access-1 ra-prefix-1 none

ipv6security-raguard-vlan-add

The IPv6 RA Guard feature provides support for allowing the network administrator to block or reject unwanted or rogue RA guard messages arriving at the network device platform.

Syntax   ipv6security-raguard-vlan-add

name name-string

Specify the name of the RA Guard policy to add VLANs.

vlans vlan-id

Specify the VLANs to add to the policy.

Defaults   None

Access   Network Administrator

History   Command introduced in Version 3.0.0

Usage   Use this command to add a VLAN to an RA Guard policy.

Examples  To add VLAN 33 to RA Policy, RA-Guard, use the following syntax:

CLI network-admin@switch > ipv6security-raguard-vlan-add name RA-Guard vlans 33

ipv6security-raguard-vlan-remove

The IPv6 RA Guard feature provides support for allowing the network administrator to block or reject unwanted or rogue RA guard messages that arrive at the network device platform.

Syntax   ipv6security-raguard-vlan-remove

name name-string

Specify the name of the RA Guard policy to add VLANs.

vlans vlan-id

Specify the VLANs to add to the policy.

Defaults   None

Access   Network Administrator

History   Command introduced in Version 3.0.0

Usage   Use this command to remove a VLAN from an RA Guard policy.

Examples  To remove VLAN 33 to RA Policy, RA-Guard, use the following syntax:

CLI network-admin@switch > ipv6security-raguard-vlan-remove name RA-Guard vlans 33

ipv6security-raguard-vlan-show

The IPv6 RA Guard feature provides support for allowing the network administrator to block or reject unwanted or rogue RA guard messages that arrive at the network device platform.

Syntax   ipv6security-raguard-vlan-show

name name-string

Specify the name of the RA Guard policy to add VLANs.

vlans vlan-id

Specify the VLANs to add to the policy.

Defaults   None

Access   Network Administrator

History   Command introduced in Version 3.0.0

Usage   Use this command to display a VLAN assigned to an RA Guard policy.

Examples  To display for the RA Policy, RA-Guard, use the following syntax:

CLI network-admin@switch > ipv6security-raguard-vlan-show name RA-Guard vlans 33