EasyManuals Logo
Home>Cisco>Switch>TrustSec

Cisco TrustSec User Manual

Cisco TrustSec
208 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #65 background imageLoading...
Page #65 background image
4-5
Cisco TrustSec Configuration Guide
OL-22192-01
Chapter 4 Configuring SGT Exchange Protocol over TCP (SXP) and Layer 3 Transport
Changing the SXP Reconciliation Period
Changing the SXP Reconciliation Period
After a peer terminates an SXP connection, an internal hold-down timer starts. If the peer reconnects
before the internal hold-down timer expires, the SXP reconciliation period timer starts. While the SXP
reconciliation period timer is active, the Cisco TrustSec software retains the SGT mapping entries
learned from the previous connection and removes invalid entries. The default value is 120 seconds (2
minutes). Setting the SXP reconciliation period to 0 seconds disables the timer and causes all entries
from the previous connection to be removed.
To change the SXP reconciliation period, perform this task:
Detailed Steps for Catalyst 6500
Changing the SXP Retry Period
The SXP retry period determines how often the Cisco TrustSec software retries an SXP connection.
When an SXP connection is not successfully set up, the Cisco TrustSec software makes a new attempt
to set up the connection after the SXP retry period timer expires. The default value is 120 seconds.
Setting the SXP retry period to 0 seconds disables the timer and retries are not attempted.
To change the SXP retry period, perform this task:
Detailed Steps for Catalyst 6500
Creating Syslogs to Capture Changes of IP Address to SGT
Mapping Learned Through SXP
When the cts sxp log binding-changes global configuration command is executed, SXP syslogs (sev 5
syslog) are generated whenever a change to IP address to SGT binding occurs (add, delete, change).
These changes are learned and propagated on the SXP connection.
The default is no cts sxp log binding-changes.
Command Purpose
Step 1
Router# configure terminal
Enters configuration mode.
Step 2
Router(config)# cts sxp reconciliation
period seconds
Changes the SXP reconciliation timer. The default
value is 120 seconds (2 minutes). The range is from 0
to 64000.
Step 3
Router(config)# exit
Exits configuration mode.
Command Purpose
Step 1
Router# configure terminal
Enters configuration mode.
Step 2
Router(config)# cts sxp retry period
seconds
Changes the SXP retry timer. The default value is 120
seconds (2 minutes). The range is from 0 to 64000.
Step 3
Router(config)# exit
Exits configuration mode.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco TrustSec and is the answer not in the manual?

Cisco TrustSec Specifications

General IconGeneral
BrandCisco
ModelTrustSec
CategorySwitch
LanguageEnglish

Related product manuals