No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR500, AR510, and AR530 V200R007 Commands Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
display ike statistics

display ike statistics

Function

The display ike statistics command displays statistics about IKE packets.

Format

display ike statistics { all | msg | cert | v1 | v2 }

Parameters

Parameter

Description

Value

all

Displays statistics about all protocol packets exchanged between two ends of the IKE SA.

-

msg

Displays statistics about IKE packets.

-

cert

Displays statistics about authentication packets.

-

v1

Displays statistics about IKEv1 packets.

-

v2

Displays statistics about IKEv2 packets.

-

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

None

Example

# Display statistics about all protocol packets exchanged between two ends of the IKE SA.

<Huawei> display ike statistics all                                                                                
----------------------------------------------------------                      
                                                                                
 IKEv1 statistics information                                                   
 Total number of peers (IKEv1 & IKEv2)              : 37                        
 Number of policy peers (IKEv1 & IKEv2)             : 3                         
 Number of profile peers (IKEv1 & IKEv2)            : 34                        
 Number of transports (IKEv1 & IKEv2)               : 3                         
 Number of IKE proposals                            : 3                         
 Number of exchanges                                : 0                         
 Number of invalid payload type sent                : 0                         
 Number of DOI not supported sent                   : 0                         
 Number of situation not supported sent             : 0                         
 Number of invalid cookie sent                      : 0                         
 Number of invalid major version sent               : 0                         
 Number of invalid minor version sent               : 0                         
 Number of invalid exchange type sent               : 0                         
 Number of invalid flags sent                       : 0                         
 Number of invalid message ID sent                  : 0                         
 Number of invalid protocol ID sent                 : 0                         
 Number of invalid SPI sent                         : 0                         
 Number of invalid transform ID sent                : 0                         
 Number of attribute not supported sent             : 0                         
 Number of no proposal chosen sent                  : 0                         
 Number of bad proposal syntx sent                  : 0                         
 Number of notify payload malformed sent            : 0                         
 Number of invalid key information sent             : 0                         
 Number of invalid ID sent                          : 0                         
 Number of invalid certification encoding sent      : 0                         
 Number of invalid certification sent               : 0                         
 Number of certification type not supported sent    : 0
 Number of invalid certification authority sent     : 0                         
 Number of invalid hash information sent            : 0                         
 Number of authorization failed sent                : 0                         
 Number of invalid signature sent                   : 0                         
 Number of address sent                             : 0                         
 Number of SA lifetime sent                         : 0                         
 Number of certification unavailable sent           : 0                         
 Number of exchange type not supported sent         : 0
 Number of unqualified payload Length sent          : 0                         
 Number of invalid payload type received            : 0                         
 Number of DOI not supported received               : 0                         
 Number of situation not supported received         : 0                         
 Number of invalid cookie received                  : 0                         
 Number of invalid major version received           : 0                         
 Number of invalid minor version received           : 0                         
 Number of invalid exchange type received           : 0                         
 Number of invalid flags received                   : 0                         
 Number of invalid message ID received              : 0                         
 Number of invalid protocol ID received             : 0                         
 Number of invalid SPI received                     : 0                         
 Number of invalid transform ID received            : 0                         
 Number of attribute not supported received         : 0                         
 Number of no proposal choosen received             : 0                         
 Number of bad proposal syntax received             : 0                         
 Number of notify payload malformed received        : 0                         
 Number of invalid key information received         : 0                         
 Number of invalid ID received                      : 0                         
 Number of invalid certification encoding received  : 0                         
 Number of invalid certification received           : 0                         
 Number of certification type not supported received: 0
 Number of invalid certification authority received : 0                         
 Number of invalid hash information received        : 0                         
 Number of authorization failed received            : 0                         
 Number of invalid signature received               : 0                         
 Number of address received                         : 0                         
 Number of SA lifetime received                     : 0                         
 Number of certification unavailable received       : 0                         
 Number of exchange type not supported received     : 0
 Number of unqualified payload length received      : 0                         
 Number of responder lifetime sent                   : 0                         
 Number of replay status sent                       : 0                         
 Number of initial contact sent                     : 0                         
 Number of still connected sent                     : 0                         
 Number of responder lifetime received              : 0                         
 Number of replay status received                   : 0                         
 Number of initial contact received                 : 0                         
 Number of still connected received                 : 0 
 Number of delete SA sent                           : 0                         
 Number of delete SA received                       : 2
----------------------------------------------------------                      
                                                                                
Table 10-19  Description of the display ike statistics all command output

Item

Description

Total number of peers (IKEv1 & IKEv2)

Total number of peers.

Number of policy peers (IKEv1 & IKEv2)

Number of peers referenced by an IPSec policy.

Number of profile peers (IKEv1 & IKEv2)

Number of peers referenced by an IPSec profile.

Number of transports (IKEv1 & IKEv2)

Number of transports through negotiation.

Number of IKE proposals

Number of IKE proposals.

Number of exchanges

Number of IKE exchanges.

Number of invalid payload type sent

Number of messages with invalid payload sent by the local peer.

Number of DOI not supported sent

Number of messages with unsupported DOI sent by the local peer.

Number of situation not supported sent

Number of messages in unsupported situations sent by the local peer.

Number of invalid cookie sent

Number of invalid cookie messages in the IKE header sent by the local peer.

Number of invalid major version sent

Number of invalid major version messages in the IKE header sent by the local peer.

Number of invalid minor version sent

Number of invalid minor version messages in the IKE header sent by the local peer.

Number of invalid exchange type sent

Number of invalid exchange messages in the IKE header sent by the local peer.

Number of invalid flags sent

Number of invalid flags messages in the IKE header sent by the local peer.

Number of invalid message ID sent

Number of messages with invalid message IDs sent by the local peer.

Number of invalid protocol ID sent

Number of messages with invalid protocol IDs sent by the local peer.

Number of invalid SPI sent

Number of invalid SPI messages sent by the local peer.

Number of invalid transform ID sent

Number of messages with invalid transform IDs sent by the local peer.

Number of attribute not supported sent

Number of messages with unsupported attributes sent by the local peer.

Number of no proposal chosen sent

Number of messages with no proposal chosen sent by the local peer.

Number of bad proposal syntx sent

Number of messages with error proposal syntax sent by the local peer.

Number of notify payload malformed sent

Number of messages with error notification payload sent by the local peer.

Number of invalid key information sent

Number of messages with invalid keys sent by the local peer.

Number of invalid ID sent

Number of messages with invalid IDs sent by the local peer.

Number of invalid certification encoding sent

Number of messages with invalid certification encoding sent by the local peer.

Number of invalid certification sent

Number of messages with invalid certification sent by the local peer.

Number of certification type not supported sent

Number of messages of unsupported certification type sent by the local peer.

Number of invalid certification authority sent

Number of messages with invalid certification authorization sent by the local peer.

Number of invalid hash information sent

Number of messages with invalid hash sent by the local peer.

Number of authorization failed sent

Number of authorization failure messages sent by the local peer.

Number of invalid signature sent

Number of messages with invalid signatures sent by the local peer.

Number of address sent

Number of address messages sent by the local peer.

Number of SA lifetime sent

Number of SA lifetime messages sent by the local peer.

Number of certification unavailable sent

Number of messages with unavailable certificates sent by the local peer.

Number of exchange type not supported sent

Number of messages of not supported exchange type sent by the local peer.

Number of unqualified payload Length sent

Number of messages with incorrect payload length sent by the local peer.

Number of invalid payload type received

Number of messages with invalid payload received by the local peer.

Number of DOI not supported received

Number of messages with unsupported DOI received by the local peer.

Number of situation not supported received

Number of messages in unsupported situations received by the local peer.

Number of invalid cookie received

Number of invalid cookie messages in the IKE header received by the local peer.

Number of invalid major version received

Number of invalid major version messages in the IKE header received by the local peer.

Number of invalid minor version received

Number of invalid minor version messages in the IKE header received by the local peer.

Number of invalid exchange type received

Number of invalid exchange messages in the IKE header received by the local peer.

Number of invalid flags received

Number of invalid flags messages in the IKE header received by the local peer.

Number of invalid message ID received

Number of messages with invalid message IDs received by the local peer.

Number of invalid protocol ID received

Number of messages with invalid protocol IDs received by the local peer.

Number of invalid SPI received

Number of messages with invalid SPIs received by the local peer.

Number of invalid transform ID received

Number of messages with invalid transform IDs received by the local peer.

Number of attribute not supported received

Number of messages with not supported attributes received by the local peer.

Number of no proposal choosen received

Number of messages with no proposal chosen received by the local peer.

Number of bad proposal syntax received

Number of messages with error proposal syntax received by the local peer.

Number of notify payload malformed received

Number of messages with error notification payload received by the local peer.

Number of invalid key information received

Number of messages with invalid keys received by the local peer.

Number of invalid ID received

Number of messages with invalid IDs received by the local peer.

Number of invalid certification encoding received

Number of messages with invalid certification encoding received by the local peer.

Number of invalid certification received

Number of messages with invalid certification received by the local peer.

Number of certification type not supported received

Number of messages of not supported certification type received by the local peer.

Number of invalid certification authority received

Number of messages with invalid certification authorization received by the local peer.

Number of invalid hash information received

Number of messages with invalid hash received by the local peer.

Number of authorization failed received

Number of authorization failure messages received by the local peer.

Number of invalid signature received

Number of messages with invalid signatures received by the local peer.

Number of address received

Number of address messages received by the local peer.

Number of SA lifetime received

Number of SA lifetime messages received by the local peer.

Number of certification unavailable received

Number of messages with unavailable certificates received by the local peer.

Number of exchange type not supported received

Number of messages of not supported exchange type received by the local peer.

Number of unqualified payload length received

Number of messages with incorrect payload length received by the local peer.

Number of responder lifetime sent

Number of responder lifetime messages sent by the local peer.

Number of replay status sent

Number of anti-replay messages sent by the local peer.

Number of initial contact sent

Number of messages for initial exchanges sent by the local peer.

Number of still connected sent

Number of messages for maintaining connections sent by the local peer.

Number of responder lifetime received

Number of responder lifetime messages received by the local peer.

Number of replay status received

Number of anti-replay messages received by the local peer.

Number of initial contact received

Number of messages for initial exchanges received by the local peer.

Number of still connected received

Number of messages for maintaining connections received by the local peer.

Number of DPD request sent

Number of DPD packets sent by the local peer.

Number of DPD ack received

Number of DPD response packets received by the local peer.

Number of DPD request received

Number of DPD packets received by the local peer.

Number of DPD ack sent

Number of DPD response packets sent by the local peer.

Number of delete SA sent

Number of SA deletion messages sent by the local peer.

Number of delete SA received

Number of SA deletion messages received by the local peer.

# Display the statistics on all protocol packets exchanged between two ends of the IKEv1 SA.
<Huawei> display ike statistics v1
---------------------------------------------------------------------------
                                                                                
 IKE V1 statistics information                                                  
 Number of total peers                        : 22                              
 Maximum of total peers in history            : 0                               
 Begin time of total peers                    : 2013-10-18 20:22:22             
 Maximum time of total peers                  : 2013-10-18 20:22:22             
 Number of policy peers                       : 5                               
 Number of profile peers                      : 17                              
 Number of proposals                          : 8                               
 Number of established V1 phase 1 SAs         : 0                               
 Number of established V1 phase 2 SAs         : 0                               
 Number of total V1 phase 1 SAs               : 0                               
 Number of total V1 phase 2 SAs               : 0                               
 Number of total SAs                          : 0                               
 Maximum of V1 phase 1 SAs in history         : 0                               
 Begin time of V1 phase 1 SAs                 : 2013-10-18 20:22:22             
 Maximum time of V1 phase 1 SAs               : 2013-10-18 20:22:22             
 Maximum of V1 phase 2 SAs in history         : 0                               
 Begin time of V1 phase 2 SAs                 : 2013-10-18 20:22:22             
 Maximum time of V1 phase 2 SAs               : 2013-10-18 20:22:22             
 Maximum of total SAs in history              : 0                               
 Begin time of total SAs                      : 2013-10-18 20:22:22             
 Maximum time of total SAs                    : 2013-10-18 20:22:22             
 Keep alive time                              : 0                               
 Keep alive interval                          : 0                               
 keepalive spi list                           : Enable                          
--------------------------------------------------------------------------------
Table 10-20  Description of the display ike statistics v1 command output

Item

Description

Number of total peers

Total number of IKE peers.

Maximum of total peers in history

Maximum number of IKE peers in the history.

Begin time of total peers

Time when collection of statistics on the number of IKE peers begins.

Maximum time of total peers

Time when the number of IKE peers reaches the maximum value.

Number of policy peers

Number of IKE peers in an IPSec policy.

Number of profile peers

Number of IKE peers in an IPSec profile.

Number of proposals

Number of IKE proposals.

Number of established V1 phase 1 SAs

Total number of IKEv1 SAs that have been established successfully.

Number of established V1 phase 2 SAs

Total number of IKEv2 SAs that have been established successfully.

Number of total V1 phase 1 SAs

Total number of IKEv1 SAs.

Number of total V1 phase 2 SAs

Total number of IKEv2 SAs.

Number of total SAs

Total number of IKE SAs.

Maximum of V1 phase 1 SAs in history

Maximum number of IKEv1 SAs in the history.

Begin time of V1 phase 1 SAs

Time when collection of statistics on the number of IKEv1 SAs begins.

Maximum time of V1 phase 1 SAs

Time when the number of IKEv1 SAs reaches the maximum value.

Maximum of V1 phase 2 SAs in history

Maximum number of IKEv2 SAs in the history.

Begin time of V1 phase 2 SAs

Time when collection of statistics on the number of IKEv2 SAs begins.

Maximum time of V1 phase 2 SAs

Time when the number of IKEv2 SAs reaches the maximum value.

Maximum of total SAs in history

Maximum number of total IKE SAs in the history.

Begin time of total SAs

Time when collection of statistics on the total number of IKE SAs begins.

Maximum time of total SAs

Time when the total number of IKE SAs reaches the maximum value.

Keep alive time

Timeout interval of heartbeat packets.

Keep alive interval

Interval for sending heartbeat packets.

keepalive spi list

Whether heartbeat packets contain the SPI list.

Translation
Download
Updated: 2019-05-29

Document ID: EDOC1000097293

Views: 92020

Downloads: 124

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next