Packet filtering helps restrict, limit, and control traffic entering or exiting the network. As in IPv4, on IPv6 routers you can define and enable standard and extended IPv6 ACLs to control IPv6 traffic. This section presents commands and examples of IPv6 ACLs.
To create an IPv6 ACL, you must first assign a unique name to each ACL using the command ipv6 access-list. The steps are presented in Table 3-12. This command enables both standard and extended IPv6 ACLs. Cisco recommends writing IPv6 ACLs using the submode configuration. After the name of the ACL has been defined, the system enters submode configuration and displays the prompt (config-ipv6-acl)#.