Cisco WS-C3560E-48PD-SF Command Reference - Page 105
Syntax Description, range
View all Cisco WS-C3560E-48PD-SF manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 105 highlights
Chapter 2 Catalyst 3560 Switch Cisco IOS Commands deny (IPv6 access-list configuration) Syntax Description protocol Name or number of an Internet protocol. It can be one of the keywords ahp, esp, icmp, ipv6, pcp, sctp, tcp, or udp, or an integer in the range from 0 to 255 representing an IPv6 protocol number. source-ipv6-prefix/prefix- The source IPv6 network or class of networks about which to set deny length conditions. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons. any host source-ipv6-address Note Although the CLI help shows a prefix-length range of /0 to /128, the switch supports IPv6 address-matching only for prefixes in the range of /0 to /64 and extended universal identifier (EUI)-based /128 prefixes for aggregatable global unicast and link-local host addresses. An abbreviation for the IPv6 prefix ::/0. The source IPv6 host address for which to set deny conditions. operator [port-number] This source-ipv6-address argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons. (Optional) Specify an operator that compares the source or destination ports of the specified protocol. Operators are lt (less than), gt (greater than), eq (equal), neq (not equal), and range (inclusive range). If the operator is positioned after the source-ipv6-prefix/prefix-length argument, it must match the source port. If the operator is positioned after the destination-ipv6-prefix/prefix-length argument, it must match the destination port. The range operator requires two port numbers. All other operators require one port number. destination-ipv6-prefix/ prefix-length The optional port-number argument is a decimal number or the name of a TCP or a UDP port. A port number is a number from 0 to 65535. TCP port names can be used only when filtering TCP. UDP port names can be used only when filtering UDP. The destination IPv6 network or class of networks for which to set deny conditions. This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons. host destination-ipv6-address dscp value Note Although the CLI help shows a prefix-length range of /0 to /128, the switch supports IPv6 address-matching only for prefixes in the range of /0 to /64 and EUI-based /128 prefixes for aggregatable global unicast and link-local host addresses. The destination IPv6 host address for which to set deny conditions. This destination-ipv6-address argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16-bit values between colons. (Optional) Match a differentiated services code point value against the traffic class value in the Traffic Class field of each IPv6 packet header. The acceptable range is from 0 to 63. 78-16405-05 Catalyst 3560 Switch Command Reference 2-73