Cisco Systems SG50028PK9NA Manual De Usuario
Security: IPV6 First Hop Security
First Hop Security Overview
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)
411
20
First Hop Security Overview
IPv6 FHS is a suite of features designed to secure link operations in an IPv6-
enabled network. It is based on the Neighbor Discovery Protocol and DHCPv6
messages.
enabled network. It is based on the Neighbor Discovery Protocol and DHCPv6
messages.
In this feature, a Layer 2 switch (as shown in
) filters Neighbor Discovery
Protocol messages, DHCPv6 messages and user data messages according to a
number of different rules.
number of different rules.
Figure 6 First Hop Security Configuration
A separate and independent instance of IPv6 First Hop Security runs on each
VLAN on which the feature is enabled.
VLAN on which the feature is enabled.
Abbreviations
Name Description
CPA message
Certification Path Advertisement message
CPS message
Certification Path Solicitation message
DAD-NS message
Duplicate Address Detection Neighbor
Solicitation message
Solicitation message
FCFS-SAVI
First Come First Served - Source Address
Validation Improvement
Validation Improvement