Hello,

I have a CSS106-5G-1S switch with SwOS 2.16.

I would like to block all IPv6 packet on one of its port (in a nutshell, my whole network is IPv4 + IPv6, but I have an exotic device on this port which doesn't like IPv6 packets that much, so I want to isolate it from such packets type).

I can block IPv6 packets from the port where the device is connected (ACL -> from: the port; Ethertype: 86dd; Redirect to: <nothing selected>), but it's not very helpful.

It's apparently not possible to create an ACL for egress packets on a specific port. Only ingress. It is not possible either to block packets with a MAC destination starting from 33:33:* (we can only give a complete MAC), which would help (basically, the only IPv6 packets which end-up on this device are broadcasted IPv6 packets).

So I tried a workaround: create an ACL rule from all ports with a Redirect To all ports minus the one I want to isolate, and Ethertype: 86dd. This work, but it basically transforms my Switch to a "good old" Hub, as all packets are redistributed to all ports (minus the isolated port), at least according to Wireshark. It's not really ideal.

Is there any simple solution to isolate a port from all IPv6 packets ?

Thank you in advance.