821
VPN-instance/VLAN ID/Inline ID
• VPN-instance—MPLS L3VPN instance where the session is
initiated.
• VLAN ID—VLAN to which the session belongs during Layer 2
forwarding.
• Inline ID—Inline to which the session belongs during Layer 2
forwarding.
If no VPN instance, VLAN ID, or Inline ID is specified, a hyphen (-) is
displayed for each field.
Protocol
Transport layer protocols, including DCCP, ICMP, ICMPv6, Raw IP,
SCTP, TCP, UDP, and UDP-Lite.
Number in parentheses represents the protocol number.
Source security zone
Security zone to which the inbound interface belongs.
If the inbound interface does not belong to any security zone, this field
displays a hyphen (-).
State Protocol status of the session.
Application
Application layer protocol, including FTP and DNS.
If it is an unknown protocol identified by an unknown port, this field
displays
OTHER
.
Start time Establishment time of the session.
TTL Remaining lifetime of the session, in seconds.
Initiator->Responder Number of packets and bytes from initiator to responder.
Responder->Initiator Number of packets and bytes from responder to initiator.
Related commands
reset aspf session
icmp-error drop
Use icmp-error drop to enable ICMP error message check and drop faked messages.
Use undo icmp-error drop to disable ICMP error message check.
Syntax
icmp-error drop
undo icmp-error drop
Default
ICMP error message check is disabled.
Views
ASPF policy view
Predefined user roles
network-admin
Usage guidelines
An ICMP error message carries information about the corresponding connection. ICMP error
message check verifies the information. If the information does not match the connection, ASPF
drops the message.
To Next Page
Loading...
Need help?
General
