Configuring ND Snooping
- Tracy Yang
Step 1Â Â Â Enable ND snooping protocol in corresponding VLAN.
set protocols neighbour snooping vlan <vlan-id> enable true
Step 2Â Â Â ND snooping classifies ports connected to IPv6 nodes into trusted and untrusted ports. By default, all ports of the device are untrusted.
set protocols neighbour snooping trust-port <port>
NOTE:
<port>can be a valid physical port or a LAG (Link Aggregation Group) port. The members of the LAG port don’t support configuration as a trust port.
Step 3Â Â (Optional) Configure the maximum number of ND snooping dynamic binding table entries a device is allowed to learn.
set protocols neighbour snooping max-user-number <max-user-num>
Step 4Â Â (Optional) If the device does not send RA messages, the prefix management table entries cannot automatically generate, in this scenario, user can configure static prefix.
set protocols neighbour snooping static-prefix <IPv6Net> vlan <vlan-id>
NOTES:
<IPv6Net>cannot be ::/0, multicast address.<vlan-id>must be configured when add or delete.
Step 5Â Â Â Commit the configuration.
commit
Step 6Â Â Â View the configuration information and table entries about ND snooping.
run show neighbor snooping
run show neighbor snooping prefix [static | dynamic]
run show neighbor snooping binding
Step 7Â Â Â Â (Optional) If needed, users can clear the entries of ND snooping.
run clear neighbor snooping prefix
run clear neighbor snooping binding
Â
Copyright © 2024 Pica8 Inc. All Rights Reserved.