< Home

nd trust port

Function

The nd trust port command configures the ND trusted interface on an AP.

The undo nd trust port command cancels the configuration.

By default, the ND trusted interface is disabled on an AP

Format

nd trust port

undo nd trust port

Parameters

None

Views

VAP profile view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

If a bogus ND server is deployed at the user side, STAs may obtain incorrect IPv6 addresses and network configuration parameters and cannot communicate properly. After the undo nd trust port command is executed in the VAP profile view, an AP discards the ND OFFER, ACK, and NAK packets sent by the bogus ND server and the IPv6 address of the unauthorized ND server.

Before WLAN services are delivered to an AP, run the nd trust port command in the AP wired port profile view. After the command is run, the AP receives the ND OFFER, ACK, and NAK packets sent by the authorized ND server and forwards the packets to STAs so that the STAs can obtain valid IPv6 addresses and go online.

Prerequisites

The function of processing STA IPv6 services has been enabled using the sta-ipv6-service enable command.

Example

# Create the VAP profile vap1 and configure the ND trusted interface on the AP in the VAP profile.

<HUAWEI> system-view
[HUAWEI] wlan 
[HUAWEI-wlan-view] vap-profile name vap1
[HUAWEI-wlan-vap-prof-vap1] nd trust port
Parent Topic: WLAN Security Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >