No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

AR500, AR510, and AR530 V200R007

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
dpd type

dpd type

Function

The dpd type command configures the Dead Peer Detection (DPD) mode.

The undo dpd type command cancels the configuration.

By default, no DPD mode is configured.

Format

dpd type { on-demand | periodic }

undo dpd type

Parameters

Parameter

Description

Value

on-demand

Indicates the on-demand DPD mode.

-
periodic

Indicates the periodic DPD mode.

-

Views

IKE peer view

Level

2: Configuration level

Usage Guidelines

Usage Scenario

In IPSec communication, heartbeat detection detects the peer fault and prevents packet loss. However, periodically sending heartbeat messages consumes CPU resources at both ends. DPD is used to solve the problem. IKE peers send DPD packets to check whether its peer is available.

After the on-demand or periodic DPD mode is set using the dpd type command, IKE peers send DPD packets check whether its peer is available.
  • On-demand DPD

    When the local end needs to send IPSec packets to the remote end, the local end determines that the DPD idle time is reached and sends a DPD request packet to the remote end.

  • Periodic DPD

    The local end determines that the DPD idle time is reached, and periodically sends a DPD request packet to the remote end according to the DPD idle time.

If the local end does not receive a DPD response packet from the remote end within the DPD packet retransmission interval, the local end retransmits the DPD request packet. If the local end still does not receive a DPD response packet after the DPD packet retransmission count is reached, the local end considers that the remote end goes offline, and deletes the IKE SA and IPSec SA.

Precautions

The sequence of the payload in DPD packets configured on IKE peers using the dpd msg command must be the same. Otherwise, DPD does not take effect.

Example

# Configure the on-demand DPD mode.

<Huawei> system-view
[Huawei] ike peer huawei v1
[Huawei-ike-peer-huawei] dpd type on-demand
Related Topics
Translation
Download
Updated: 2019-02-18

Document ID: EDOC1000097293

Views: 35742

Downloads: 101

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next