Display Gdoi Gm Anti-Replay - H3C MSR Series Command Reference Manual

Group name: ipv6
ACL configured locally:
IPsec policy name: gdoi-group1
IPv6 ACL identifier: 3001
rule 0 permit ipv6 source 1::/64 destination 2::/64
# Display information about ACLs that the GM downloaded from the KS.
<Sysname> display gdoi gm acl download
Group name: abc
ACL downloaded from KS 12.1.1.100:
rule 0 permit ip
rule 1 permit ip source 12.1.1.0 0.0.0.255 destination 12.1.1.0 0.0.0.255
# Display information about ACLs that are locally configured on the GM.
<Sysname> display gdoi gm acl local
Group name: abc
ACL configured locally:
IPsec policy name: gdoi-group1
ACL identifier: 3001
rule 0 deny ip source 10.1.1.0 0.0.0.255 destination 10.1.1.0 0.0.0.255
Table 94 Command output
Field
Group name
rule 0 permit ip
rule 1 permit ip source 12.1.1.0 0.0.0.255
destination 12.1.1.0 0.0.0.255
rule 0 deny ip source 10.1.1.0 0.0.0.255
destination 10.1.1.0 0.0.0.255

display gdoi gm anti-replay

Use display gdoi gm anti-replay to display anti-replay information, including the timestamp type
and window size, for a GDOI GM group.
Syntax
display gdoi gm anti-replay [ group group-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
group group-name: Specifies a GDOI GM group by its name. A GDOI GM group name is a
case-insensitive string of 1 to 63 characters. If you do not specify a group, this command displays
anti-replay information for all GDOI GM groups.
Description
GDOI GM group name.
IPsec protects any IP packets.
IPsec protects IP packets whose source and destination
addresses are within subnet 12.1.1.0/24.
IPsec does not protect IP packets whose source and
destination addresses are within subnet 10.1.1.0/24.
662