No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


CLI-based Configuration Guide - VPN

AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R010

This document describes VPN features on the device and provides configuration procedures and configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Keepalive Detection

Keepalive Detection

GRE does not provide the link status detection function. If the remote interface is unreachable, the tunnel cannot be immediately torn down. As a result, the source continuously forwards packets to the remote end which cannot receive the packets, generating a data black hole.

The Keepalive detection function monitors the tunnel status to check whether the remote end is reachable. If the remote end is unreachable, the source end tears down the tunnel immediately. This prevents data loss and data black holes and ensures reliable data transmission.

The Keepalive detection function is implemented as follows:
  1. After the Keepalive detection function is enabled on the source end of a GRE tunnel, the source end starts a timer to periodically send and count Keepalive probes. The number increases by 1 every time a Keepalive probe is sent.

  2. The remote end sends a reply packet to the source end after receiving a probe.

  3. If the source end receives a reply packet before the counter value reaches the preset value, the source end considers the remote end reachable. If the source end does not receive any reply packet when the counter reaches the preset value (retry times), the source end considers the remote end unreachable and tears down the tunnel. In this case, the source interface still sends Keepalive probes to the remote interface. When the remote interface becomes Up, the source interface becomes Up too and sets up a tunnel with the remote interface.


The Keepalive detection function takes effect on one end of a tunnel as long as it is configured at that end, regardless of whether it is configured on the other end. If the remote end receives a Keepalive probe, it sends a replay packet to the source end, regardless of whether it is configured with the Keepalive detection function.

Updated: 2019-08-07

Document ID: EDOC1100033725

Views: 143469

Downloads: 361

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Previous Next