Your browser failed to load CSS style sheets. Your browser or web proxy might not support elliptic-curve TLS

Building network automation solutions

9 module online course

Start now!
back to overview

Router Advertisement (RA) Guard on Cisco IOS

During the IPv6 Security webinar Eric Vyncke described various mechanisms you can use to implement RA Guard on Cisco IOS, including private VLANs, port ACLs, RA Guard Lite and full-blown RA Guard available in recent Cisco IOS releases.

Please read our Blog Commenting Policy before writing a comment.


  1. Sadly it doesn´t help against
    HP and other vendors haven´t any working solution for that on, either.

  2. Chris,
    For sake of time, I was unable to cover all details.

    Using 'deny ip any any undetermined-transport' (where applicable) will actually prevent the fragmented attack.

    Using the ra-guard in the latest software release, you can combine this with an ACL to allow only a specific prefix to be advertized, also blocking the flooding attack.



Constructive courteous comments are most welcome. Anonymous trolling will be removed with prejudice.