policy ipv6 access-list sequence match—Define the properties that must be matched so that an IPv6 policy action can take effect (on vEdge routers only).
For Localized Data Policy for IPv6
- class class-name
Match the specified class name. The name can be from 1 through 32 characters.
- Destination Port
- destination-port number
Match a destination port number. number can be 0 though 65535. Specify a single number, a list of numbers (with numbers separated by a space), or a range of numbers (with the two numbers separated with a hyphen [-]).
- Next Protocol
- next-header protocol
Match the next TCP or IP protocol in the IPv6 header. protocol is the number of an IPv6 protocol, and can be a value from 0 through 255.
- Packet Length
- packet-length number
Match packets of the specified length. The packet length is a combination of the lengths of the IPv6 header and the packet payload. number can be 0 though 65535. Specify a single length, a list of lengths (with numbers separated by a space), or a range of lengths (with the two numbers separated with a hyphen [-])
- Packet Loss Priority
- plp (high | low)
Match a packet's loss priority (PLP). By default, packets have a PLP value of low. To set a packet's PLP value to high, apply a policer that includes the exceed remark option.
- Source Port
- source-port number
Match a source port. number can be 0 through 65535. Specify a single number, a list of numbers (with numbers separated by a space), or a range of numbers (with the two numbers separated with a hyphen [-]).
- TCP Flag
- tcp flag
Match TCP flags. flag can be syn.
- Traffic Class
- traffic-class number
Match the specified traffic class value. number can be from 0 through 63.
show running-config policy
Configure an IPv6 ACL that changes the traffic class on TCP port 80 data traffic, and apply the ACL to an interface in VPN 0:
vEdge# show running-config policy ipv6 access-list policy ipv6 access-list traffic-class-48-to-46 sequence 10 match destination-port 80 traffic-class 48 ! action accept count port_80 log set traffic-class 46 ! ! ! default-action accept ! ! vEdge# show running-config vpn 0 interface ge0/7 ipv6 vpn 0 interface ge0/7 ipv6 access-list traffic-class-48-to-46 in ! !
Command introduced in Viptela Software Release 14.1.
In Release 16.3, add support for IPv6 ACLs.