267
Configuring SGT Exchange Protocol over TCP (SXP) and Layer 3 Transport
Changing the SXP Retry Period
Changing the SXP Retry Period
The SXP retry period determines how often the Cisco TrustSec software retries an SXP connection. When an SXP
connection is not successfully set up, the Cisco TrustSec software makes a new attempt to set up the connection after
the SXP retry period timer expires. The default value is 120 seconds. Setting the SXP retry period to 0 seconds disables
the timer and retries are not attempted.
To change the SXP retry period, perform this task:
Creating Syslogs to Capture Changes of IP Address to SGT
Mapping Learned Through SXP
When the cts sxp log binding-changes global configuration command is executed, SXP syslogs (sev 5 syslog) are
generated whenever a change to IP address to SGT binding occurs (add, delete, change). These changes are learned
and propagated on the SXP connection.
The default is no cts sxp log binding-changes.
To enable logging of binding changes, perform the following task:
Verifying the SXP Connections
To view the SXP connections, perform this task:
Command Purpose
1.
Router# configure terminal
Enters configuration mode.
2.
Router(config)# cts sxp reconciliation
period seconds
Changes the SXP reconciliation timer. The default
value is 120 seconds (2 minutes). The range is from 0
to 64000.
3.
Router(config)# exit
Exits configuration mode.
Command Purpose
1.
Router# configure terminal
Enters configuration mode.
2.
Router(config)# cts sxp retry period
seconds
Changes the SXP retry timer. The default value is 120
seconds (2 minutes). The range is from 0 to 64000.
3.
Router(config)# exit
Exits configuration mode.
Command Purpose
1.
Router# configure terminal
Enters configuration mode.
2.
Router(config)# cts sxp log binding-changes
Turns on logging for IP to SGT binding changes.
To Next Page
Loading...
Need help?
General
