ipv6 mld snooping apply access-list
Syntax
ipv6 mld snooping apply access-list <ACL-NAME>
no ipv6 mld snooping apply access-list <ACL-NAME>Description
Configures the ACL on a particular interface to filter the MLD join or leave packets based on rules set in the particular ACL name.
The
no form of this command disables the rules set for the ACL.
NOTE:
This configuration will override the ACL associated with IGMP snooping on the corresponding L2 VLAN.
Command context
config-vlan
Parameters
access-listAssociates an ACL with the IGMP.
<ACL-NAME>Specifies the name of the ACL.
Authority
Administrators or local user group members with execution rights for this command.
Usage
Existing classifier commands are used to configure the ACL. In case an MLDv2 packet with multiple group addresses is received, it will only process the permitted group addresses based on the ACL rule set, and any existing joins will time out. If there is no match or if there is a deny rule match, the packet is dropped.
NOTE:
If the access list is configured for both L2 VLAN and L3 VLAN, the L3 VLAN configuration will be applied.
Examples
Configuring the ACL to filter MLD packets based on rules set in access list
mygroup:
switch(config)# access-list ipv6 mygroup switch(config-acl-ip)# permit icmpv6 any ff55::1 switch(config-acl-ip)# exit switch(config)# interface vlan 2 switch(config-vlan)# ipv6 mld snooping apply access-list mygroup
Configuring the ACL to remove the rules set in access list
mygroup:
switch(config-vlan)# no ipv6 mld snooping apply access-list mygroup