1
00:00:00,910 --> 00:00:05,940
Now IPV Sixaxis lists are similar to IP version for access lists.

2
00:00:05,950 --> 00:00:07,570
Here are some examples.

3
00:00:08,210 --> 00:00:12,050
Both can match the source IP address or destination IP address.

4
00:00:12,050 --> 00:00:22,220
In the protocol header IP V-6 ACLU on IP V-6 IP addresses IP version for access lists on IP version

5
00:00:22,220 --> 00:00:30,560
4 addresses both can match individual hosts addresses or subnets or prefixes in other which you can

6
00:00:30,560 --> 00:00:37,490
match an individual host in a IPV sex and permit or deny that host or you could permit or deny a IP

7
00:00:37,490 --> 00:00:45,740
version 6 Cybernet both IP version 4 and IP version 6 are applied in an inbound or outbound direction

8
00:00:45,830 --> 00:00:53,680
on a layer 3 interface such as a router's interface or switch to virtual interface on a switch both

9
00:00:53,700 --> 00:01:00,770
IP version 4 and IP version 6 can match on transport layer protocol information such as TCAP or UDP

10
00:01:01,430 --> 00:01:09,170
source port number or destination port number both can also match ICMP message types and codes.

11
00:01:09,170 --> 00:01:16,940
Be careful they aren't differences between the types and codes in IP version 6 versus IP version for

12
00:01:17,600 --> 00:01:23,440
both have an implicit deny statement at the end that matches all remaining packets.

13
00:01:23,450 --> 00:01:30,520
So a deny any any to the end of both IP version for an IP version 6.

14
00:01:30,540 --> 00:01:33,950
Both also support time based access lists.

15
00:01:33,950 --> 00:01:39,830
Now there are some differences between IP version for an IP version 6 IP version for access lists only

16
00:01:39,830 --> 00:01:48,920
match IP version 4 packets and not IP version 6 and also only match fields in IP version 4 headers.

17
00:01:48,920 --> 00:01:55,010
We have this concept of ships in the night IP version 6 is totally independent and separate to IP version

18
00:01:55,010 --> 00:01:55,670
4.

19
00:01:55,970 --> 00:02:02,660
So what IP version for is doing has nothing to do with IP version 6 and what IP version 6 is doing has

20
00:02:02,660 --> 00:02:06,590
nothing to do with IP version 4 IP version 6 could be permitted.

21
00:02:06,620 --> 00:02:13,340
But I provision for could be denied as an example IP version 6 access lists match on IP version 6 addresses

22
00:02:13,370 --> 00:02:20,390
only said matches on source destination IP version 6 address as well as other fields unique to an IP

23
00:02:20,390 --> 00:02:21,830
version 6 header.

24
00:02:21,830 --> 00:02:28,700
Here are some examples of the differences between IP version for an IP version 6 IP version 4 access

25
00:02:28,700 --> 00:02:28,990
lists.

26
00:02:29,000 --> 00:02:36,740
Once again only match IP version 4 packets IP version 6 access lists only match IP version 6 packets

27
00:02:37,550 --> 00:02:41,790
IP version for access lists identified by a name or a number.

28
00:02:42,200 --> 00:02:50,600
But IP version 6 access lists only use names IP version for access lists identify whether an access

29
00:02:50,600 --> 00:03:01,030
list is extended or standard by using either numbers such as 1099 being standard access lists or 100

30
00:03:01,120 --> 00:03:09,470
to 199 being extended access lists or they use keywords such as standard or extended IP version 6 access

31
00:03:09,470 --> 00:03:09,980
lists.

32
00:03:09,980 --> 00:03:16,790
Use a similar convention of standard and extended access lists but they're only differentiated by the

33
00:03:16,790 --> 00:03:25,380
use of a word rather than a number because numbers are not used in IP version 6 IP version for access

34
00:03:25,400 --> 00:03:33,170
lists can match on specific values unique to provision for such as precedence type of service TTL and

35
00:03:33,170 --> 00:03:40,970
fragments where as IP version 6 access lists a match on specific values unique to an IP version 6 header

36
00:03:41,540 --> 00:03:49,940
such as a flow label or a DCP Valley as well as extensions an option head of values IP version 6 axis

37
00:03:49,940 --> 00:03:54,110
lists have some implicit permit statements at the end of each access list.

38
00:03:54,350 --> 00:04:00,380
Just above for the implicit deny all at the end of the access list which is IP version 4 access list

39
00:04:00,470 --> 00:04:03,650
do not have implicit permit statements.