Cisco 7604 Configuration Guide - Page 198
Configuring IPv6 Neighbor Discovery, Configuring Neighbor Solicitation Messages
View all Cisco 7604 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 198 highlights
Configuring IPv6 Neighbor Discovery Chapter 10 Configuring IPv6 Step 2 • protocol-Specifies the traffic being controlled by the access list entry. This can be the name (ip, tcp, or udp) or number (1-254) of an IP protocol. Alternatively, you can specify a protocol object group using object-group grp_id. • source and destination-Specifies the source or destination of the traffic. The source or destination can be an IPv6 prefix, in the format prefix/length, to indicate a range of addresses, the keyword any, to specify any address, or a specific host designated by host host_ipv6_addr. • src_port and dst_port-The source and destination port (or service) argument. Enter an operator (lt for less than, gt for greater than, eq for equal to, neq for not equal to, or range for an inclusive range) followed by a space and a port number (or two port numbers separated by a space for the range keyword). • icmp_type-Specifies the ICMP message type being filtered by the access rule. The value can be a valid ICMP type number (from 0 to 155) or one of the ICMP type literals as shown in Appendix E, "Addresses, Protocols, and Ports". Alternatively, you can specify an ICMP object group using object-group id. To apply the access list to an interface, enter the following command: hostname(config)# access-group access_list_name {in | out} interface if_name See the "Example 4: IPv6 Configuration Example" section on page B-13 for an example IPv6 access list. Configuring IPv6 Neighbor Discovery The IPv6 neighbor discovery process uses ICMPv6 messages and solicited-node multicast addresses to determine the link-layer address of a neighbor on the same network (local link), verify the reachability of a neighbor, and keep track of neighboring routers. This section contains the following topics: • Configuring Neighbor Solicitation Messages, page 10-6 • Configuring Router Advertisement Messages, page 10-8 Configuring Neighbor Solicitation Messages Neighbor solicitation messages (ICMPv6 Type 135) are sent on the local link by nodes attempting to discover the link-layer addresses of other nodes on the local link. The neighbor solicitation message is sent to the solicited-node multicast address.The source address in the neighbor solicitation message is the IPv6 address of the node sending the neighbor solicitation message. The neighbor solicitation message also includes the link-layer address of the source node. After receiving a neighbor solicitation message, the destination node replies by sending a neighbor advertisement message (ICPMv6 Type 136) on the local link. The source address in the neighbor advertisement message is the IPv6 address of the node sending the neighbor advertisement message; the destination address is the IPv6 address of the node that sent the neighbor solicitation message. The data portion of the neighbor advertisement message includes the link-layer address of the node sending the neighbor advertisement message. After the source node receives the neighbor advertisement, the source node and destination node can communicate. Figure 10-1 shows the neighbor solicitation and response process. 10-6 Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM OL-20748-01