Solved: IPv6 ACL host limitation also for private network?

tresc00000 · ‎07-20-2011

Hello,

I'm using a cisco WS-C3750G-24TS-1U 12.2(44)SE5. I know the IPv6 ACL limitations for this hardware

However, I think that private network(fc00::/7) should not be the case. In my case, I'm using EUI addresses.

switchcore(config-ipv6-acl)#permit tcp any host 2001:0:0:0:222:64ff:fec2:1f5a eq www sequence 20

switchcore(config-ipv6-acl)#permit tcp any host 3FFF:0:0:0:222:64ff:fec2:1f5a eq www sequence 20

switchcore(config-ipv6-acl)#permit tcp any host fdc8:0:0:0:222:64ff:fec2:1f5a eq www sequence 20

% Host address FDC8::222:64FF:FEC2:1F5A can not be supported

% ACE can not be added

% Failed to modify access list

switchcore(config-ipv6-acl)#permit tcp any host fc00:0:0:0:222:64ff:fec2:1f5a eq www sequence 20

% Host address FC00::222:64FF:FEC2:1F5A can not be supported

% ACE can not be added

% Failed to add access list

Is IOS right?

Laurent Aubert · ‎07-20-2011

HI,

What you see is expected as FC00::/7 doesn't belong to the aggregatable global unicast addresses range.

HTH

Laurent.

Laurent Aubert · ‎07-20-2011

HI,

What you see is expected as FC00::/7 doesn't belong to the aggregatable global unicast addresses range.

HTH

Laurent.

tresc00000 · ‎07-20-2011

Hum... yes, you are right. I missed this point. Thanks.

Anyway, "Private Network" would fit very well in this list

–aggregatable global unicast addresses

–link local addresses