Table of Contents
Advertisement
Default
The anti-replay window size is 64.
Views
System view
Predefined user roles
network-admin
Parameters
width
: Specifies the size for the anti-replay window. It can be 64, 128, 256, 512, 1024, 2048, or
4096 packets.
Usage guidelines
Service data packets might be received in a very different order than their original order, and the
IPsec anti-replay feature might drop them as replayed packets, affecting normal communications. If
this happens, disable IPsec anti-replay checking or adjust the size of the anti-replay window as
required.
Changing the anti-replay window size affects only the IPsec SAs negotiated later.
Examples
# Set the size of the anti-replay window to 128.
<Sysname> system-view
[
]
Sysname
Related commands
ipsec anti-replay check
ipsec apply
Use
ipsec apply
Use
undo ipsec apply
Syntax
ipsec apply { ipv6-policy | policy } policy-name
undo ipsec apply { ipv6-policy | policy }
Default
No IPsec policy is applied to an interface.
Views
Interface view
Predefined user roles
network-admin
Parameters
ipv6-policy
policy
: Specifies an IPv4 IPsec policy.
policy-name
ipsec anti-replay window 128
to apply an IPsec policy to an interface.
to remove an IPsec policy application from an interface.
: Specifies an IPv6 IPsec policy.
: Specifies an IPsec policy name, a case-insensitive string of 1 to 63 characters.
33
Advertisement
Chapters
Table of Contents
