IPV6 ACL command to block ICMPv6 Type and code

Roman nurul at apnic.net
Fri Jun 29 04:52:06 UTC 2012


Hi,

I am looking for Cisco IOS command to block specific ICMPv6 message type 
and code. For example how to block only code 1 (communication with 
destination administratively prohibited) of message type 1 (destination 
unreachable). All other code will be permited.

deny icmp any any type 1 code 1

In my router I can see these:

Router(config-ipv6-acl)#deny icmp any any destination-unreachable ?
   auth              Match on authentication header
   dest-option       Destination Option header (all types)
   dest-option-type  Destination Option header with type
   dscp              Match packets with given dscp value
   flow-label        Flow label
   log               Log matches against this entry
   log-input         Log matches against this entry, including input
   mobility          Mobility header (all types)
   mobility-type     Mobility header with type
   routing           Routing header (all types)
   routing-type      Routing header with type
   sequence          Sequence number for this entry
   time-range        Specify a time-range
   <cr>

My IOS is c2800nm-ipvoicek9-mz.124-24.T2

Regards

Rom





More information about the NANOG mailing list