Standard No.:	GB/T 46240.2-2025
English Name:	Security requirements and testing methods of IPv6 network equipment—Part 2：Switch
Chinese Name:	IPv6网络设备安全技术要求和测试方法 第2部分：交换机
Chinese Classification:	M32    Data communication equipment
Professional Classification:	GB    National Standard
ICS Classification:	33.040.40 33.040.40    Data communication networks 33.040.40
Source Content Issued by:	SAMR; SAC
Issued on:	2025-8-29
Implemented on:	2025-12-1
Status:	valid
Target Language:	English
File Format:	PDF
Word Count:	21500 words
Translation Price(USD):	645.0
Delivery:	via email in 1~8 business day

GB/T 46240.2-2025 Security requirements and testing methods of IPv6 network equipment—Part 2：Switch English, Anglais, Englisch, Inglés, えいご This is a draft translation for reference among interesting stakeholders. The finalized translation (passing thorugh draft translation, self-check, revision and varification) will be delivered upon being ordered. ICS 33.040.40 CCS M 32 People's Republic of China National Standard GB/T 46240.2-2025 Security requirements and testing methods of IPv6 network equipment—Part 2: Switch Issued on 2025-08-29 Implemented on 2025-12-01 Issued by State Administration for Market Regulation, Standardization Administration of China Contents Foreword Introduction 1 Scope 2 Normative References 3 Terms and Definitions 4 Abbreviations 5 General Rules 6 Security Technical Requirements 7 Test Methods References 1 Scope This document specifies the security architecture of IPv6-capable switches, as well as security technical requirements and testing methods for data plane, control plane and management plane. This document applies to the design, development and testing of IPv6-capable switch equipment. 2 Normative References GB/T 25069 Information security technology - Terminology GB/T 41267-2022 Security technical requirements for critical network equipment - Switch equipment 3 Terms and Definitions 3.1 Switch Network equipment that provides connectivity between networked devices using internal switching mechanisms. NOTE: The switching mechanism is typically implemented at Layer 2 or Layer 3 of the OSI reference model. [SOURCE: GB/T 41267-2022, 3.1] 4 Abbreviations ACL: Access Control List BGP4+: Border Gateway Protocol for IPv6 CGA: Cryptographically Generated Address CLI: Command-Line Interface CPU: Central Processing Unit DAD: Duplicate Address Detection DUT: Device Under Test HMAC: Hashed Message Authentication Code HTTPS: Hypertext Transfer Protocol Secure ICMPv6: Internet Control Message Protocol version 6 IPsec: Internet Protocol security IPv6: Internet Protocol version 6 IS-IS: Intermediate System to Intermediate System LAND: Local Area Network Denial MAC: Media Access Control MACsec: Media Access Control security MD5: Message-Digest algorithm 5 NA: Neighbor Advertisement ND: Neighbor Discovery NS: Neighbor Solicitation NUD: Neighbor Unreachability Detection OpenFlow: Open Flow Protocol OSPFv3: Open Shortest Path First version 3 RA: Router Advertisement RADIUS: Remote Authentication Dial-In User Service RIPng: Routing Information Protocol next generation RS: Router Solicitation RSA: Rivest-Shamir-Adleman algorithm SHA: Secure Hash Algorithm SLLA: Source Link-Layer Address SNMP: Simple Network Management Protocol SSH: Secure Shell TCP: Transmission Control Protocol TLLA: Target Link-Layer Address TLS: Transport Layer Security URPF: Unicast Reverse Path Forwarding VLAN: Virtual Local Area Network VXLAN: Virtual eXtensible Local Area Network