Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

neighbor-discovery-inspection

Syntax

Hierarchy Level

Description

Perform dynamic IPv6 neighbor discovery inspection on the specified VLAN.

When neighbor discovery inspection is configured, the switch inspects IPv6 packets with neighbor discovery messages and validates them against the DHCPv6 binding table. The source IP address and source MAC address of each packet are checked against the table, and if a valid match is not found, the packet is dropped.

Note:

If you configure the neighbor-discovery-inspection statement at the [edit vlans vlan-name forwarding-options dhcp-security] hierarchy level, DHCPv6 snooping is automatically enabled for the specified VLAN.

SeeIPv6 Neighbor Discovery Inspection for more information about this configuration.

If you configure the neighbor-discovery-inspection statement at the [edit ethernet-switching-options secure-access-port vlan (all | vlan-name)] hierarchy level, you must also enable DHCPv6 snooping for the specified VLAN or VLANs.

Default

Disabled.

Required Privilege Level

system—To view this statement in the configuration.

system-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 13.2X51-D20.

Support at the [edit ethernet-switching-options secure-access-port vlan (all | vlan-name)] hierarchy level introduced in Junos OS Release 14.1X53-D10 for EX Series switches.

Related Documentation