R211x-HP Flexfabric 11900 MPLS Command Reference
114
Examples
# Configure the idle timeout for RSVP security associations on interface VLAN-interface 10 as 100
seconds.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] rsvp authentication lifetime 100
Related commands
• authentication challenge
• authentication key
• authentication lifetime
• authentication window-size
• display rsvp authentication
• reset rsvp authentication
• rsvp authentication challenge
• rsvp authentication key
• rsvp authentication window-size
rsvp authentication window-size
Use rsvp authentication window-size to configure the RSVP authentication window size, which is the
maximum number of authenticated RSVP messages that can be received out of sequence on an interface.
Use undo rsvp authentication window-size to restore the default.
Syntax
rsvp authentication window-size number
undo rsvp authentication window-size
Default
Only one authenticated RSVP message can be received out of sequence on an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
number: Specifies the maximum number of authenticated RSVP messages that can be received out of
sequence, in the range of 1 to 64.
Usage guidelines
To protect against replay attacks, the sender places a unique sequence number in each RSVP message
that contains authentication information. The sender monotonically increases the value of the sequence
number each time it sends an RSVP message. If the sequence number of a received message is in the
specified authentication window size, the receiver accepts the message. Otherwise, the receiver discards
the message.