Command Line Reference
Security Configuration
IPv6 RA Guard Configuration
13 min
ipv6 ra guard configuration ipv6 ra guard configuration show raguard policy show raguard policy \[command] show raguard policy \[purpose] view the configuration of the ra guard policy \[view] system view \[use cases] sonic# show raguard policy + + + \| vlan |policy | +==========+==================================================+ \| vlan800 | {'prefix@' 'fd00 803 /64,fd00 403 /64'} | + + + show raguard role show raguard role \[command] show raguard role \[purpose] view ra guard interface role configuration \[view] system view \[use cases] sonic# show raguard role + + + \| port | role | +=============+=========+ \| ethernet5 | user | + + + raguard role raguard role \[command] raguard role {user|router|hybrid} no raguard role {user|router|hybrid} \[purpose] configure the interface role for the ra guard function \[parameter] true 86,424 left #4283c7 unhandled content type left #4283c7 unhandled content type left unhandled content type left unhandled content type left #d8e5f5 1 1 unhandled content type left #d8e5f5 1 1 unhandled content type left 1 1 unhandled content type left 1 1 unhandled content type \[view] interface view \[use cases] sonic(config)# interface ethernet 1 sonic(config if 1)# raguard role user raguard policy src ip raguard policy src ip a b \[command] raguard policy src ip a b no raguard policy param src ip no raguard policy \[purpose] configure the matching rules for the source ipv6 address of ra packets \[parameter] true 105,405 left #4283c7 unhandled content type left #4283c7 unhandled content type left unhandled content type left unhandled content type \[view] vlan view \[use cases] sonic(config)# vlan 100 sonic(config vlan 100)# raguard policy src ip fe80 1a17 25ff\ fe37 6722, fe80 1a17 25ff\ fe37 6723 raguard policy src mac raguard policy src mac hh\ hh\ hh\ hh\ hh \ hh \[command] raguard policy src mac hh\ hh\ hh\ hh\ hh \ hh no raguard policy param src mac no raguard policy \[purpose] configure the matching rules for the source mac address of ra packets \[parameter] true 151,359 left #4283c7 unhandled content type left #4283c7 unhandled content type left unhandled content type left unhandled content type \[view] vlan view \[use cases] sonic(config)# vlan 100 sonic(config vlan 100)# raguard policy src mac 00 00 01 02 03 11 raguard policy {hop limit high|hop limit low} raguard policy {hop limit high|hop limit low} \[command] raguard policy {hop limit high|hop limit low} value no raguard policy param {hop limit high|hop limit low} no raguard policy \[purpose] configure the maximum and minimum value matching rules for the hop limit in ra packets \[parameter] true 255,255 left #4283c7 unhandled content type left #4283c7 unhandled content type left unhandled content type left unhandled content type \[view] vlan view \[use cases] sonic(config)# vlan 100 sonic(config vlan 100)# raguard policy hop limit high 10 raguard policy managed flag raguard policy managed flag \[command] raguard policy managed flag {on|off} no raguard policy param managed flag no raguard policy \[purpose] configure the matching rules for the m flag bit in ra packets \[view] vlan view \[use cases] sonic(config)# vlan 100 sonic(config vlan 100)# raguard policy managed flag on raguard policy other flag raguard policy other flag \[command] raguard policy other flag {on|off} no raguard policy param other flag no raguard policy \[purpose] configure the matching rules for the o flag bit in ra packets \[view] vlan view \[use cases] sonic(config)# vlan 100 sonic(config vlan 100)# raguard policy other flag on raguard policy prefix raguard policy prefix a b/m \[command] raguard policy prefix a b/m no raguard policy param prefix no raguard policy \[purpose] configure the matching rules for the ipv6 prefixes carried by ra packets \[parameter] true 78,432 left #4283c7 unhandled content type left #4283c7 unhandled content type left unhandled content type left unhandled content type \[view] vlan view \[use cases] sonic(config)# vlan 100 sonic(config vlan 100)# raguard policy prefix raguard policy router pref max raguard policy router pref max \[command] raguard policy router pref max {low|medium|high} no raguard policy param router pref max no raguard policy \[purpose] configure the highest priority matching rule for routing ra packets \[view] vlan view \[notes] when an interface configured with this policy receives ra packets, it will check the routing priority carried by the packet, and ra packets with a priority less than or equal to that configured by the rule will be forwarded, otherwise they will be dropped \[use cases] sonic(config)# vlan 100 sonic(config vlan 100)# raguard policy router pref max medium
