### Configure IPv6 Neighbor Discovery Inspection
! Defines the ND inspection policy name and enters ND inspection policy configuration mode.
Device(config)# ipv6 nd inspection policy policy1
! Drops messages with no options, invalid options, or an invalid signature.
Device(config-nd-inspection)# drop-unsecure
! Specifies the minimum security level parameter value when cryptographically generated address (CGA) options are used.
Device(config-nd-inspection)# sec-level minimum 2
! Specifies the role of the device attached to the port.
Device(config-nd-inspection)# device-role monitor
! Overrides the default tracking policy on a port.
Device(config-nd-inspection)# tracking disable stale-lifetime infinite
! Configures a port to become a trusted port.
Device(config-nd-inspection)# trusted-port
### Applying IPv6 ND Inspection on an Interface
Device(config)# interface fastethernet 0/0
Device(config-if)# ipv6 nd inspection
### Verifying and Troubleshooting IPv6 ND Inspection
! Displays snooping ND message capture policies.
Device# show ipv6 snooping capture-policy interface ethernet 0/0
! Displays information about the packets counted by the interface counter.
Device# show ipv6 snooping counter interface FastEthernet 4/12
! Displays information about snooping features configured on the device.
Device# show ipv6 snooping features
! Displays information about the configured policies and the interfaces to which they are attached.
Device# show ipv6 snooping policies
! Enables debugging for snooping information in IPv6.
Device# debug ipv6 snooping
