cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5901
Views
30
Helpful
7
Replies

IPv6 nd raguard policy

afsharmilad89
Level 1
Level 1

Hi Dear All,

I want to filter the RA packets by using IPv6 nd raguard feature, when I try to create a policy with this command "ipv6 nd raguard policy TEST" it gives me this message: "Service not enabled"

does anyone know which feature or service exactly must be enabled?

 

Device: Nexus7700
Software
BIOS: version 3.1.0
kickstart: version 8.2(1)
system: version 8.2(1)
BIOS compile time: 02/27/2013
kickstart image file is: bootflash:///n7700-s2-kickstart.8.2.1.bin
kickstart compile time: 8/30/2017 23:00:00 [09/27/2017 15:07:16]
system image file is: bootflash:///n7700-s2-dk9.8.2.1.bin
system compile time: 8/30/2017 23:00:00 [09/27/2017 18:37:07]

 

 

Many thanks

Milad

 

2 Accepted Solutions

Accepted Solutions

Peter Paluch
Cisco Employee
Cisco Employee

Hi Milad,

Can you try enabling feature fhs? The FHS stands for First Hop Security and encompasses RA Guard, DHCPv6 Guard, and IPv6 Snooping:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus7000/sw/security/config/cisco_nexus7000_security_config_guide_8x/configuring_ipv6_first_hop_security.html

Best regards,
Peter

View solution in original post