IPv6 ACLs

IPv6 ACLs enable filtering on the following:
  • Source and destination IPv6 addresses (required), in one of the following options:
    • Specific host IPv6

    • Subnet or contiguous set of IPv6 addresses

    • Any IPv6 address

  • Choice of any IPv6 protocol

  • Optional packet-type criteria for ICMP traffic

  • Optional source and/or destination TCP or UDP port, with a further option for comparison operators

  • TCP flag (control bit) options

  • Filtering for TCP traffic based on whether the subject traffic is initiating a connection ("established" option)

  • Optional DSCP (IP precedence and ToS) criteria

The total number of ACLs each for IPv4 and IPv6 is determined from the number of unique identifiers in the configuration. For example, configuring two IPv6 ACLs results in an ACL total of two, even if neither is assigned to an interface. If you then assign a nonexistent IPv6 ACL to an interface, the new total is three, because the switch now has three unique IPv6 ACL names in its configuration.

For information on determining the current resource availability and usage, see the Aruba-OS Switch Management and Configuration Guide for your switch.

For ACL resource limits, see the latest Aruba-OS Switch Management and Configuration Guide for your switch.