You want to filter IPv6 traffic using access-lists.
Cisco supports named access-lists for IPv6:
configure terminalEnter configuration commands, one per line. End with CNTL/Z. Router1(config)#
permit ipv6 host
permit tcp any any eq telnet establishedRouter1(config-ipv6-acl)#
deny tcp any any eq telnet synRouter1(config-ipv6-acl)#
permit udp any any eq snmpRouter1(config-ipv6-acl)#
this is a comment
this comment has a sequence number
permit icmp any any reflect
deny ipv6 any host AAAA:6::1 logRouter1(config-ipv6-acl)#
deny ipv6 any any log-inputRouter1(config-ipv6-acl)#
The ACL shown in this example isn’t particularly useful, but it does show many of the features available with IPv6 access-lists. There are only named IPv6 access-lists, as numbered lists do not exist. However, as we previously saw in Recipes 19.11 and 19.15, this is not a drawback. Anything you can do with numbered access-lists, you can do with named access-lists, and several features such as reflexive access-lists and the ability to edit individual lines ...