apply interface-address(ACL IPv6 address pool view)

Function

The apply interface-address command associates an interface IPv6 address with an address pool.

The undo apply interface-address command disassociates an interface IPv6 address from an address pool.

By default, no address pool is associated with an interface IPv6 address.

Format

apply interface-address { main-interface | sub-interface | all-interface } [ public-vpn | all-private-vpn | vpn-instance VpnInstanceName ]

undo apply interface-address { main-interface | sub-interface | all-interface } [ public-vpn | all-private-vpn | vpn-instance VpnInstanceName ]

Parameters

Parameter Description Value
main-interface

Associates an address pool with the IPv6 addresses of all main interfaces.

-
sub-interface

Associates an address pool with IPv6 addresses of all sub-interfaces.

-
all-interface

Associates an address pool with IPv6 addresses of all interfaces.

-
public-vpn

Associates an address pool with all public IPv6 addresses of an interface.

-
all-private-vpn

Associates an address pool with all private IPv6 addresses of an interface.

-
vpn-instance VpnInstanceName

Associates an address pool with a single private IPv6 address of an interface.

The value is a string of 1 to 31 case-sensitive characters, spaces not supported. The VPN instance name cannot be _public_. The character string can contain spaces if it is enclosed with double quotation marks (").

Views

ACL IPv6 address pool view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
acl write

Usage Guidelines

Usage Scenario

To filter packets whose source or destination address is the IPv6 address of the local interface, run the apply interface-address command to associate the interface address with the ACL IPv6 address pool, and configure QoS or security services to reference the ACL6. In this way, the traffic whose source/destination address is the IP address of the local interface is filtered.

Multiple addresses can be configured in the ACL IPv6 address pool view and then referenced by ACL6 rules. After an ACL IPv6 address pool is associated with an interface IPv6 address, if the interface IPv6 address changes, the addresses in the ACL IPv6 address pool change accordingly. This simplifies user configuration and improves flexibility.

Precautions

In the ACL IPv6 address pool view, the associated interface address is mutually exclusive with the manually configured address. You can only run the apply interface-address or ipv6 address command.

This command applies only to QoS or device security services.

The IPv6 address of the management interface cannot be applied to the ACL IPv6 address pool.

Example

# Associate the ACL IPv6 address pool with the IPv6 addresses of all interfaces and a single VPN.
<HUAWEI> system-view
[~HUAWEI] ip vpn-instance vpn1
[*HUAWEI-vpn-instance-vpn1] ipv6-family
[*HUAWEI-vpn-instance-vpn1-af-ipv6] quit
[*HUAWEI-vpn-instance-vpn1] quit
[*HUAWEI] acl ipv6-pool test
[*HUAWEI-acl-ipv6-pool-test] apply interface-address all-interface vpn-instance vpn1
Parent Topic: ACL6 Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >