569
Predefined user roles
network-admin
Parameters
dns: Specifies the DNS client verification function.
http: Specifies the HTTP client verification function.
tcp: Specifies the TCP client verification function.
destination-ipv6-address: Specifies the IPv6 address to be protected. All connection requests destined for
this address are verified by the client verification function.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the specified IPv6 address
belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. Do not specify
this option if the IPv6 address is on the public network.
port port-number: Specifies the port to be protected, in the range of 1 to 65535. If you do not specify this
option, DNS client verification protects port 53, HTTP client verification protects port 80, and TCP client
verification protects all ports.
Usage guidelines
You can specify multiple protected IPv6 addresses by using this command multiple times.
Examples
# Configure TCP client verification to protect IPv6 address 2013::12 and port 23.
<Sysname> system-view
[Sysname] client-verify tcp protected ipv6 2013::12 port 23
# Configure HTTP client verification to protect IPv6 address 2013::12.
<Sysname> system-view
[Sysname] client-verify http protected ipv6 2013::12
Related commands
display client-verify protected ipv6
client-verify tcp enable
Use client-verify tcp enable to enable TCP client verification on an interface.
Use undo client-verify tcp enable to restore the default.
Syntax
client-verify tcp enable [ mode { syn-cookie | safe-reset } ]
undo client-verify tcp enable
Default
TCP client verification is disabled on an interface.
Views
Layer 3 interface view
Predefined user roles
network-admin
To Next Page
Loading...
Need help?
General
