Hi We just implementing IPv6 in our network. As we operating Cisco 6500/Sup720 we also have to configure some IPv6 ACLs on these devices. In ACLs we need to match tcp/udp port numbers so we will use 'mls ipv6 acl compress address unicast' mode (only match 112 bits of IPv6 address field).
My question is: After enabled 'ipv6 acl compress' Can I use > 112 addresses (eg. single hosts - /128) in IPv6 ACL line which don't have port numbers ? For example: ipv6 access-list test 10 permit ip any 3333:3333:3333:3333:3333:33333:3333:AAAA/128 20 permit tcp any 3333:3333:3333:3333:3333:33333:4444:0000/112 eq 22 Will line '10' work proper or it will match /112 subnet instead of /128 ? Robert _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
