No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR500, AR510, and AR530 V200R007 Commands Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ipsec anti-replay window

ipsec anti-replay window

Function

The ipsec anti-replay window command sets the IPSec anti-replay window size.

By default, the IPSec anti-replay window size is 32 bits.

Format

ipsec anti-replay window window-size

undo ipsec anti-replay window

Parameters

Parameter

Description

Value

window-size

Specifies the IPSec anti-replay window size.

The value can be 32, 64, 128, 256, 512, or 1024.

Views

System view, IPSec policy view, IPSec policy template view, IPSec profile view, Efficient VPN policy view

Default Level

2: Configuration level

Usage Guidelines

Configuration Impact

In some situations, for example, network congestion occurs or QoS is performed for packets, the sequence numbers of some service data packets may be different from those in common data packets. The device that has IPSec anti-replay enabled considers the packets as replayed packets and discards them. You can disable global IPSec anti-replay to prevent packets from being discarded incorrectly or adjust the IPSec anti-replay window size to meet service requirements.

A larger IPSec anti-replay window size increases the system cost and causes system performance to deteriorate. A small IPSec anti-replay window size is recommended.

Prerequisites

This command takes effect when the anti-replay function is enabled. By default, the ipsec anti-reply anti-replay function is enabled.

Precautions

The default value or the value set in the system view is used when other views do not have this command configured. When the current view has this command configured, the current value is used.

Example

# Set the size of the IPSec anti-replay window to 128.
<Huawei> system-view
[Huawei] ipsec anti-replay window 128
Translation
Download
Updated: 2019-05-29

Document ID: EDOC1000097293

Views: 99562

Downloads: 131

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next