When a packet is denied by an IPv6 traffic filter, which additional action does the device perform?
A. It scans the rest of the ACL for a permit entry matching the destination
B. It generates a TCP Fin bit and sends it to the source.
C. A creates a null route for the destination and adds it to the route table
D. It generates an ICMP unreachable message for the frame.
good to know, dont forget to rate-limit your cpu against icmp and other shit
D
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960xr/software/15-2_4_e/configuration_guide/b_1524e_consolidated_2960xr_cg/b_1524e_consolidated_2960xr_cg_chapter_01100000.pdf
If an IPv6 router ACL is configured to deny a packet, the packet is not routed. A copy of the packet is
sent to the Internet Control Message Protocol (ICMP) queue to generate an ICMP unreachable message
for the frame