H3C MSR Series Command Reference Manual page 682

Rekeys cumulative:
Total received
Rekeys after latest registration: 3
Total rekey ACKs sent
ACL downloaded from KS 90.1.1.2:
rule 0 deny udp source-port eq 848 destination-port eq 848
rule 1 deny ospf
rule 2 permit icmp
KEK:
Rekey transport type
Remaining key lifetime
Encryption algorithm
Key size
Signature algorithm
Signature hash algorithm
Signature key length
TEK:
SPI
Transform
Remaining key lifetime
SPI
Transform
Remaining key lifetime
Table 93 Command output
Field
Group name
Group identity
Address family
Rekeys received
Group server
VRF name
Group member
VRF name
Registration status
Registered with
: 52
: 23
: Unicast
: 159 sec
: AES-CBC
: 128
: RSA
: SHA1
: 1024 bits
: 0x9AE5951E(2598737182)
: ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
: 190 sec
: 0x12C55CFF(314924287)
: ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
: 402 sec
Description
GDOI GM group name.
GDOI GM group ID (a number or an IPv4 address).
N/A indicates that the group is not configured with an ID.
Address family of data flows protected by the GDOI GM group,
IPv4 or IPv6.
Number of rekey messages received.
IP addresses or host names of KSs in the GDOI GM group. A
group supports a maximum of 16 KS IP addresses or host names.
Name of the VRF to which the KS belongs. If the KS belongs to
the public network, this field is not displayed.
IP address of the GM.
Name of the VRF to which the GM belongs. If the GM belongs to
the public network, this field is not displayed.
Registration status: Registered, Registering, or Not registered.
IP address or host name of the KS with which the GM registers.
If a host name is displayed, this field also displays the IP address
of the host in brackets.
659