Prefix usage differences between ACLs and other IPv6 addressing
For ACLs, the prefix is used to specify the leftmost bits in an address that are meaningful for a packet match. In other IPv6 usage, the prefix separates network and subnet values from the device identifier in an address.
Prefix usage |
Examples |
Notes |
---|---|---|
For an SA or DA in the ACE belonging to an IPv6 ACL, the associated prefix specifies how many consecutive, leading bits in the address are used to define a match with the corresponding bits in the SA or DA of a packet being filtered. |
2530:0:a03:e102:215:60ff:fe7a:adc0/128 |
All bits. Used for a specific SA or DA. |
2530:0:a03:e102:215/80 |
The first 80 bits. Used for an SA or DA having 2620:0:a03:e102:215 in the leftmost 80 bits of an address. |
|
::/0 |
Zero bits. Used to allow a match with “Any” SA or DA. |
|
For the IPv6 address assigned to a given device, the prefix defines the type of address and the network and subnet in which the address resides. In this case, the bits to the right of the prefix comprise the device identifier. |
fe80::215:60ff:fe7a:adc0/64 |
Link-Local address with a prefix of 64 bits and a device ID of 64 bits. |
2530:0:a03:e102:215:60ff:fe7a:adc0/64 |
Global unicast address with a prefix of 64 bits and a device ID of 64 bits. |
|
For a router advertisement (RA), the included prefix defines the network or range of networks, and the subnets the router is advertising. |
2530:0:a03::/48 |
An RA with a 48-Bit Prefix |
2530:0:a03:e102::/64 |
An RA with a 64-Bit Prefix |