Cisco Systems SG50028PK9NA Manual De Usuario

Policies, Global Parameters and System Defaults

Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 

421

 

A malicious host could send IPv6 messages with a different destination IPv6 
address for the last hop forwarding, causing overflow of the NBD cache.

An embedded mechanism in the NDP implementation, which limits the number of 
entries allowed in the INCOMPLETE state in the Neighbor Discovery cache, 
provides protection.

Each feature of FHS can be enabled or disabled individually. No feature is enabled 
by default.

Features must initially be enabled on specific VLANs. When you enable the 
feature, you can also define global configuration values for that feature’s rules of 
verification. If you do not define a policy that contain different values for these 
verification rules, the global values are used to apply the feature to packets.

Policies contain the rules of verification that are performed on input packets. They 
can be attached to VLANs and also to ports and LAGs. If the feature is not enabled 
on a VLAN, the policies have no effect.

Policies can be user-defined or default policies (see below).

Empty default polices exist for each FHS feature and are by default attached to all 
VLANs and interfaces. The default policies are named: "vlan_default" and 
"port_default" (for each feature):

•

Rules can be added to these default policies. You cannot manually attach 
default policies to interfaces. They are attached by default.

•

Default policies can never be deleted. You can only delete the user-added 
configuration. 

You can define policies other than the default policies.