Configuring and applying an RA guard policy
Configure an RA guard policy if you do not specify a role for the attached device or if you want to filter the RA messages sent by a router.
To configure and apply an RA guard policy:
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Create an RA guard policy and enter its view. | ipv6 nd raguard policy policy-name | By default, no RA guard policies exist. |
3. Specify an ACL match criterion. | if-match acl { ipv6-acl-number | name ipv6-acl-name } | By default, no ACL match criterion exists. |
4. Specify a prefix match criterion. | if-match prefix acl { ipv6-acl-number | name ipv6-acl-name } | By default, no prefix match criterion exists. |
5. Specify a router preference match criterion. | if-match router-preference maximum { high | low | medium } | By default, no router preference match criterion exists. |
6. Specify an M flag match criterion. | if-match autoconfig managed-address-flag { off | on } | By default, no M flag match criterion exists. |
7. Specify an O flag match criterion. | if-match autoconfig other-flag { off | on } | By default, no O flag match criterion exists. |
8. Specify a maximum or minimum hop limit match criterion. | if-match hop-limit { maximum | minimum } limit | By default, no hop limit match criterion exists. |
9. Quit RA guard policy view. | quit | N/A |
10. Enter VLAN view. | vlan vlan-number | N/A |
11. Apply an RA guard policy to the VLAN. | ipv6 nd raguard apply policy [ policy-name ] | By default, no RA guard policy is applied to the VLAN. |