To Next Page

To Previous Page

460

Step Command Remarks

7. Configure the redundancy

hello packet sending

interval and the maximum

number of consecutive

failures allowed in

receiving redundancy

hello packets.

redundancy hello

{

interval

interval |

number

number } *

Optional.

The default settings are as

follows:

• As the primary KS, the

device sends redundancy

hello packets regularly at

an interval of 20 seconds.

• As a secondary KS, the

device initiates primary KS

re-election when it failed

to receive redundancy

hello packets from the

primary KS for 3 times

consecutively.

8. Configure the redundancy

protocol packet

retransmission interval

and the maximum number

of retransmissions.

redundancy retransmit

{

interval

interval |

number

number } *

Optional.

By default, the retransmission

interval is 10 seconds, and the

maximum number of

retransmissions is 2.

Specifying the source address for packets sent by the KS

Perform this task to specify the source address for GROUPKEY-PUSH protocol packets and

redundancy protocol packets sent by the KS.

To specify the source address for packets sent by the KS:

Step Command Remarks

1. Enter system view.

system-view

N/A

2. Enter GDOI KS group

view.

gdoi ks group

group-name

N/A

3. Specify the source

address for packets sent

by the KS.

source address

ip-address

By default, the KS uses the

source address specified in the

first rule of the rekey ACL as

the source address of sent

packets.

For information about the rekey

ACL, see "

Configuring basic

settings for a G

DOI KS group

Configuring rekey parameters

The following describes the rekey parameters:

• Rekey encryption—Specifies the encryption algorithm used by the KEK.

• Rekey lifetime—Specifies the lifetime of the KEK.

• Rekey transport unicast—Enables unicasting rekey messages. By default, the KS multicasts

rekey messages. Configure this setting only when the network does not support multicasting

because unicast transmission increases overheads and affects device performance.

• Rekey retransmit—Specifies the interval between rekey retransmissions and the maximum

number of retransmissions.

Brand	HPE
Model	FlexNetwork MSR Series
Category	Network Router
Language	English

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Questions and Answers:

HPE FlexNetwork MSR Series Specifications

Related product manuals