Table of Contents 1 IP Address Configuration Commands IP Performance Configuration Commands 2-1

Size: px
Start display at page:

Download "Table of Contents 1 IP Address Configuration Commands IP Performance Configuration Commands 2-1"

Transcription

1 Table of Contents 1 IP Address Configuration Commands 1-1 IP Address Configuration Commands 1-1 display ip interface 1-1 display ip interface brief 1-2 ip address IP Performance Configuration Commands 2-1 IP Performance Configuration Commands 2-1 display fib 2-1 display fib ip-address 2-2 display fib acl 2-3 display fib 2-4 display fib ip-prefix 2-5 display fib statistics 2-5 display icmp statistics 2-6 display ip socket 2-7 display ip statistics 2-8 display tcp statistics 2-10 display tcp status 2-12 display udp statistics 2-13 icmp acl-priority 2-14 icmp redirect send 2-15 icmp unreach send 2-15 ip forward-broadcast 2-16 reset ip statistics 2-17 reset tcp statistics 2-17 reset udp statistics 2-17 tcp timer fin-timeout 2-18 tcp timer syn-timeout 2-18 tcp window 2-19 i

2 1 IP Address Configuration Commands IP Address Configuration Commands display ip interface display ip interface [ interface-type interface-number ] interface-type interface-number: Specifies an interface by its type and number. Use the display ip interface command to display information about a specified or all Layer 3 interfaces. If no argument is specified, information about all Layer 3 interfaces is displayed. # Display information about VLAN-interface 1. <Sysname> display ip interface Vlan-interface 1 Vlan-interface1 current state :UP Line protocol current state :UP Internet Address is /24 Primary Broadcast address : The Maximum Transmit Unit : 1500 bytes IP packets input number: 9678, bytes: , multicasts: 7 IP packets output number: 8622, bytes: , multicasts: 0 TTL invalid packet number: 0 ICMP packet input number: 0 Echo reply: 0 Unreachable: 0 Source quench: 0 Routing redirect: 0 Echo request: 0 Router advert: 0 Router solicit: 0 Time exceed: 0 IP header bad: 0 Timestamp request: 0 1-1

3 Timestamp reply: 0 Information request: 0 Information reply: 0 Netmask request: 0 Netmask reply: 0 Unknown type: 0 Table 1-1 on the fields of the display ip interface command Field Vlan-interface1 current state Current physical state of VLAN-interface 1 Line protocol current state Internet Address Broadcast address The Maximum Transmit Unit IP packets input number: 9678, bytes: , multicasts: 7 IP packets output number: 8622, bytes: , multicasts: 0 TTL invalid packet number ICMP packet input number: 0 Echo reply: 0 Unreachable: 0 Source quench: 0 Routing redirect: 0 Echo request: 0 Router advert: 0 Router solicit: 0 Time exceed: 0 IP header bad: 0 Timestamp request: 0 Timestamp reply: 0 Information request: 0 Information reply: 0 Netmask request: 0 Netmask reply: 0 Unknown type: 0 Current state of the link layer protocol IP address of the interface followed by: Primary: Identifies a primary IP address, or Sub: Identifies a secondary IP address. Directed broadcast address of the subnet attached to the interface Maximum transmission unit on the interface Total number of packets, bytes, and multicast packets forwarded and received on the interface Number of received invalid TTL packets Total number of received ICMP packets, including: Echo reply packet, unreachable packet, source quench packet, routing redirect packet, Echo request packet, router advert packet, router solicit packet, time exceed packet, IP header bad packet, timestamp request packet, timestamp reply packet, information request packet, information reply packet, netmask request packet, netmask reply packet, and unknown types of packets. display ip interface brief display ip interface brief [ interface-type [ interface-number ] ] 1-2

4 interface-type: Interface type. interface-number: Interface number. Use the display ip interface brief command to display brief information about a specified or all Layer 3 interfaces. With no argument included, the command displays information about all layer 3 interfaces; with only the interface type specified, it displays information about all layer 3 interfaces of the specified type; with both the interface type and interface number specified, it displays information about the specified interface. Related commands: display ip interface. # Display brief information about VLAN-interface 1. <Sysname> display ip interface brief vlan-interface 1 *down: administratively down (l): loopback (s): spoofing Interface IP Address Physical Protocol Vlan-interface up up Vlan-inte... Table 1-2 on the fields of the display ip interface brief command Field *down (s) Interface IP Address Physical Protocol The interface is administratively shut down with the shutdown command. Spoofing attribute of the interface. It indicates that the interface whose link layer protocol is displayed up may have no such a link present or the link is set up only on demand. Interface name IP address of the interface (If no IP address is configured, unassigned is displayed.) Physical state of the interface Link layer protocol state of the interface Interface description information. If the description has no more than 12 characters, the whole description can be displayed. If it has more than 12 characters, only the first nine characters are displayed. 1-3

5 ip address ip address ip-address { mask mask-length } [ sub ] undo ip address [ ip-address { mask mask-length } [ sub ] ] VLAN interface view, loopback interface view ip-address: IP address, in dotted decimal notation. mask: Subnet mask, in dotted decimal notation. mask-length: Subnet mask length, the number of consecutive ones in the mask. It is in the range of 0 to 32. sub: Specifies a secondary IP address of a VLAN or loopback interface. Use the ip address command to specify an IP address and mask for a VLAN or loopback interface. Use the undo ip address command to remove an IP address and mask of a VLAN or loopback interface. By default, no IP address is configured for VLAN or loopback interface. Note that: If you execute the undo ip address command without any parameter, the switch deletes both primary and secondary IP addresses of the interface. The undo ip address ip-address { mask mask-length } command is used to delete the primary IP address. The undo ip address ip-address { mask mask-length } sub command is used to delete specified secondary IP addresses. You can assign at most five IP address to an interface, among which one is the primary IP address and the others are secondary IP addresses. A newly specified primary IP address overwrites the previous one if there is any. The primary and secondary IP addresses of an interface cannot reside on the same network segment; the IP address of a VLAN interface must not be in the same network segment as that of a loopback interface on a device. A VLAN interface cannot be configured with a secondary IP address if the interface has been configured to obtain an IP address through BOOTP or DHCP. Related commands: display ip interface. 1-4

6 # Assign the primary IP address and secondary IP address to VLAN-interface 1 with subnet mask <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] interface Vlan-interface 1 [Sysname-Vlan-interface1] ip address [Sysname-Vlan-interface1] ip address sub 1-5

7 2 IP Performance Configuration Commands Support for Canceling the System-Defined ACLs for ICMP Attack Guard is added. For specific commands, refer to icmp acl-priority. IP Performance Configuration Commands display fib display fib Use the display fib command to display all forwarding information base (FIB) information. # Display all FIB information. <Sysname> display fib Flag: U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static R:Reject E:Equal cost multi-path L:Generated by ARP or ESIS Destination/Mask Nexthop Flag TimeStamp Interface / U t[37] Vlan-interface / GHU t[37] InLoopBack / U t[37] LoopBack / GHU t[37] InLoopBack / U t[33] InLoopBack0 2-1

8 Table 2-1 on the fields of the display fib command Field Flag Destination/Mask Nexthop TimeStamp Interface Flags: U: A route is up and available. G: Gateway route H: Local host route B: Blackhole route D: Dynamic route S: Static route R: Rejected route E: Multi-path equal-cost route L: Route generated by ARP or ESIS Destination address/mask length Next hop address Timestamp Forwarding interface display fib ip-address display fib ip-address1 [ { mask1 mask-length1 } [ ip-address2 { mask2 mask-length2 } longer ] longer ] ip-address1, ip-address2: Destination IP addresses, in dotted decimal notation. ip-address1 and ip-address2 together define an address range. The FIB entries in this address range will be displayed. mask1, mask2: Subnet masks, in dotted decimal notation. mask-length1, mask-length2: Length of the subnet masks, the number of consecutive ones in the masks, in the range of 0 to 32. longer: Displays the FIB entries matching the specified address/mask and having masks longer than or equal to the specified mask. If no masks are specified, FIB entries that match the natural network address and have the masks longer than or equal to the natural mask will be displayed. 2-2

9 Use the display fib ip-address command to view the FIB entries matching the specified destination IP address. If no mask or mask length is specified, the FIB entry that matches the destination IP address and has the longest mask will be displayed; if the mask is specified, the FIB entry that exactly matches the specified destination IP address and mask will be displayed. # Display FIB entry information which matches destination and has a mask length no less than eight. <Sysname> display fib longer Route Entry Count: 1 Flag: U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static R:Reject E:Equal cost multi-path L:Generated by ARP or ESIS Destination/Mask Nexthop Flag TimeStamp Interface / U t[85391] Vlan-interface10 # Display FIB entry information which has a destination in the range of /24 to /24 and has a mask length of 24. <Sysname> display fib Route Entry Count: 1 Flag: U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static R:Reject E:Equal cost multi-path L:Generated by ARP or ESIS Destination/Mask Nexthop Flag TimeStamp Interface / U t[85391] Vlan-interface10 For details about the displayed information, see Table 2-1. display fib acl display fib acl acl-number acl-number: Basic ACL number, in the range of 2000 to Use the display fib acl command to display the FIB entries matching a specific ACL. For ACL, refer to the part discussing ACL in this manual. # Configure and display ACL

10 <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] acl number 2001 [Sysname-acl-basic-2001] rule permit source [Sysname-acl-basic-2001] display acl 2001 Basic ACL 2001, 1 rule Acl's step is 1 rule 0 permit source # Display the FIB entries filtered by ACL <Sysname> display fib acl 2001 Route Entry matched by access-list 2001 Summary Counts :1 Flag: U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static R:Reject E:Equal cost multi-path L:Generated by ARP or ESIS Destination/Mask Nexthop Flag TimeStamp Interface / GSU t[250763] Vlan-interface2 For details about the displayed information, see Table 2-1. display fib display fib { begin exclude include } regular-expression : Uses a regular expression to match FIB entries. For detailed information about regular expression, refer to Configuration File Management Command. begin: Displays a specific FIB entry and all the FIB entries following it. The specific FIB entry is the first entry that matches the specified regular expression. exclude: Displays the FIB entries that do not match the specified regular expression. include: Displays the FIB entries that match the specified regular expression. regular-expression: A case-sensitive character string. Use the display fib command to display the FIB entries filtered by the specified regular expression. # Display the entries starting from the first one containing the string <Sysname> display fib begin / U t[0] Vlan-interface / U t[0] Vlan-interface1 For details about the displayed information, see Table

11 display fib ip-prefix display fib ip-prefix ip-prefix-name ip-prefix-name: IP prefix list name, in the range of 1 to 19 characters. Use the display fib ip-prefix command to display the FIB entries matching a specific IP prefix list. For details about IP prefix list, refer to the part discussing IP routing in this manual. # Configure and display the IP prefix list abc. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] ip ip-prefix abc permit [Sysname] display ip ip-prefix abc name index conditions ip-prefix / mask GE LE abc 10 permit / # Display the FIB entries matching IP prefix list abc. <Sysname> display fib ip-prefix abc Route Entry matched by prefix-list abc Summary Counts :1 Flag: U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static R:Reject E:Equal cost multi-path L:Generated by ARP or ESIS Destination/Mask Nexthop Flag TimeStamp Interface / GSU t[250763] Vlan-interface2 For details about the displayed information, see Table 2-1. display fib statistics display fib statistics 2-5

12 Use the display fib statistics command to display the total number of FIB entries. # Display the total number of FIB entries. <Sysname> display fib statistics Route Entry Count : 8 display icmp statistics display icmp statistics Use the display icmp statistics command to display the statistics about ICMP packets. Related commands: display ip interface, reset ip statistics. # Display the statistics about ICMP packets. <Sysname> display icmp statistics Input: bad formats 0 bad checksum 0 echo 5 destination unreachable 0 source quench 0 redirects 0 echo reply 10 parameter problem 0 timestamp 0 information request 0 mask requests 0 mask replies 0 time exceeded 0 Output:echo 10 destination unreachable 0 source quench 0 redirects 0 echo reply 5 parameter problem 0 timestamp 0 information reply 0 mask requests 0 mask replies 0 time exceeded 0 Table 2-2 on the fields of the display icmp statistics command Input: Field bad formats bad checksum echo Number of received wrong format packets Number of received wrong checksum packets Number of received echo packets 2-6

13 Output: Field destination unreachable source quench redirects echo reply parameter problem timestamp information request mask requests mask replies time exceeded echo destination unreachable source quench redirects echo reply parameter problem timestamp information reply mask requests mask replies time exceeded Number of received destination unreachable packets Number of received source quench packets Number of received redirection packets Number of received replies Number of received parameter problem packets Number of received time stamp packets Number of received information request packets Number of received mask requests Number of received mask replies Number of received expiration packets Number of sent echo packets Number of sent destination unreachable packets Number of sent source quench packets Number of sent redirection packets Number of sent replies Number of sent parameter problem packets Number of sent time stamp packets Number of sent information reply packets Number of sent mask requests Number of sent mask replies Number of sent expiration packets display ip socket display ip socket [ socktype sock-type ] [ task-id socket-id ] socktype sock-type: Displays the socket information of this type. The sock type is in the range 1 to 3, corresponding to TCP, UDP and raw IP respectively. task-id: ID of a task, with the value ranging from 1 to 100. socket-id: ID of a socket, with the value ranging from 0 to Use the display ip socket command to display socket information. 2-7

14 # Display the information about the socket of the TCP type. <Sysname> display ip socket socktype 1 SOCK_STREAM: Task = VTYD(18), socketid = 1, Proto = 6, LA = :23, FA = :0, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_ACCEPTCONN SO_KEEPALIVE SO_SENDVPNID SO_SETKEEPALIVE, socket state = SS_PRIV SS_ASYNC Task = VTYD(18), socketid = 2, Proto = 6, LA = :23, FA = :1161, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_KEEPALIVE SO_OOBINLINE SO_SENDVPNID SO_SETKEEPALIVE, socket state = SS_ISCONNECTED SS_PRIV SS_ASYNC Task = VTYD(18), socketid = 3, Proto = 6, LA = :23, FA = :1121, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_KEEPALIVE SO_OOBINLINE SO_SENDVPNID SO_SETKEEPALIVE, socket state = SS_ISCONNECTED SS_PRIV SS_ASYNC Table 2-3 on the fields of the display ip socket command Field SOCK_STREAM SOCK_DGRAM SOCK_RAW Task socketid Proto sndbuf rcvbuf sb_cc rb_cc socket option socket state Indicates the socket type is TCP Indicates the socket type is UDP Indicates the socket type is raw IP Task ID Socket ID Protocol number used by the socket Sending buffer size of the socket Receiving buffer size of the socket Current data size in the sending buffer. The value makes sense only for the socket of TCP type, because only TCP is able to cache data. Current data size in the receiving buffer Option of a socket State of a socket display ip statistics display ip statistics 2-8

15 Use the display ip statistics command to display the statistics about IP packets. Related commands: display ip interface, reset ip statistics. # Display the statistics about IP packets. <Sysname> display ip statistics Input: sum 7120 local 112 bad protocol 0 bad format 0 bad checksum 0 bad options 0 Output: forwarding 0 local 27 dropped 0 no route 2 compress fails 0 Fragment:input 0 output 0 dropped 0 fragmented 0 couldn't fragment 0 Reassembling:sum 0 timeouts 0 Table 2-4 on the fields of the display ip statistics command Input: Output: Field sum local bad protocol bad format bad checksum bad options forwarding local dropped no route compress fails Total number of packets received Total number of packets with destination being local Total number of unknown protocol packets. Unknown protocol packets are destined to the local device, but the upper layer protocol specified in their IP header cannot be processed by the device. (For example, if a switch is not enabled with the Layer 3 multicast function, it considers IGMP packets as unknown protocol packets.) Total number of packets with incorrect header format that contains a wrong version, or has a header length less than 20 bytes. Total number of packets with incorrect checksum Total number of packets with incorrect option Total number of IP packets forwarded by the local device Total number of IP packets initiated from the local device Total number of IP packets discarded Total number of IP packets for which no route is available Total number of IP packets failed to compress 2-9

16 Fragment: Reassembling: Field input output dropped fragmented couldn't fragment sum timeouts Total number of fragments received Total number of fragments sent Total number of fragments discarded Total number of IP packets successfully fragmented Total number of IP packets that cannot be fragmented Total number of IP packets reassembled Total number of reassembly timeout IP packets display tcp statistics display tcp statistics Use the display tcp statistics command to display the statistics about TCP packets. Related commands: display tcp status, reset tcp statistics. # Display the statistics about TCP connections. <Sysname> display tcp statistics Received packets: Total: 753 packets in sequence: 412 (11032 bytes) window probe packets: 0, window update packets: 0 checksum error: 0, offset error: 0, short error: 0 duplicate packets: 4 (88 bytes), partially duplicate packets: 5 (7 bytes) out-of-order packets: 0 (0 bytes) packets of data after window: 0 (0 bytes) packets received after close: 0 ACK packets: 481 (8776 bytes) duplicate ACK packets: 7, too much ACK packets: 0 Sent packets: Total:

17 urgent packets: 0 control packets: 5 (including 1 RST) window probe packets: 0, window update packets: 2 data packets: 618 (8770 bytes) data packets retransmitted: 0 (0 bytes) ACK-only packets: 40 (28 delayed) Retransmitted timeout: 0, connections dropped in retransmitted timeout: 0 Keepalive timeout: 0, keepalive probe: 0, Keepalive timeout, so connections disconnected : 0 Initiated connections: 0, accepted connections: 0, established connections: 0 Closed connections: 0 (dropped: 0, initiated dropped: 0) Packets dropped with MD5 authentication: 0 Packets permitted with MD5 authentication: 0 Table 2-5 on the fields of the display tcp statistics command Received packets: Field Total packets in sequence window probe packets window update packets checksum error offset error short error duplicate packets partially duplicate packets out-of-order packets packets of data after window packets received after close ACK packets duplicate ACK packets too much ACK packets Total number of packets received Number of packets arriving in sequence Number of window probe packets received Number of window update packets received Number of checksum error packets received Number of offset error packets received Number of received packets with length being too small Number of completely duplicate packets received Number of partially duplicate packets received Number of out-of-order packets received Number of packets outside the receiving window Number of packets that arrived after connection is closed Number of ACK packets received Number of duplicate ACK packets received Number of ACK packets for data unsent 2-11

18 Sent packets: Field Total urgent packets control packets window probe packets window update packets data packets data packets retransmitted ACK-only packets: 40 Total number of packets sent Number of urgent packets sent Number of control packets sent; in brackets are retransmitted packets Number of window probe packets sent; in the brackets are resent packets Number of window update packets sent Number of data packets sent Number of data packets retransmitted Number of ACK packets sent; in brackets are delayed ACK packets Retransmitted timeout connections dropped in retransmitted timeout Keepalive timeout keepalive probe Keepalive timeout, so connections disconnected Initiated connections accepted connections established connections Closed connections Packets dropped with MD5 authentication Packets permitted with MD5 authentication Number of retransmission timer timeouts Number of connections broken due to retransmission timeouts Number of keepalive timer timeouts Number of keepalive probe packets sent Number of connections broken due to keepalive probe failures Number of connections initiated Number of connections accepted Number of connections established Number of connections closed; in brackets are connections closed accidentally (before receiving SYN from the peer) and connections closed initiatively (after receiving SYN from the peer) Number of packets dropped with MD5 authentication Number of packets permitted with MD5 authentication display tcp status display tcp status 2-12

19 Use the display tcp status command to display the state of all the TCP connections so that you can monitor TCP connections in real time. # Display the state of all the TCP connections. <Sysname> display tcp status *: TCP MD5 Connection TCPCB Local Add:port Foreign Add:port State 03e37dc : :0 Listening : :65508 Established Table 2-6 on the fields of the display tcp status command Field * TCPCB Local Add:port Foreign Add:port State If there is an asterisk before a connection, it means that the TCP connection is authenticated through the MD5 algorithm. TCP control block Local IP address and port number Remote IP address and port number State of the TCP connection display udp statistics display udp statistics Use the display udp statistics command to display the statistics about UDP packets. Related commands: reset udp statistics. # Display the statistics about UDP packets. <Sysname> display udp statistics Received packets: Total: checksum error: 0 shorter than header: 0, data length larger than packet:

20 no socket on port: 0 total broadcast or multicast packets : no socket broadcast or multicast packets: not delivered, input socket full: 0 input packets missing pcb cache: 1314 Sent packets: Total: 7187 Table 2-7 on the fields of the display udp statistics command Received packets: Sent packets: Total Field checksum error shorter than header data length larger than packet no socket on port total broadcast or multicast packets no socket broadcast or multicast packets not delivered, input socket full input packets missing pcb cache Total Total number of received UDP packets Total number of packets with incorrect checksum Number of packets with data shorter than header Number of packets with data longer than packet Number of unicast packets with no socket on port Total number of received broadcast or multicast packets Total number of broadcast or multicast packets without socket on port Number of not delivered packets due to a full socket cache Number of packets without matching PCB cache Total number of UDP packets sent icmp acl-priority icmp acl-priority undo icmp acl-priority System view Use the icmp acl-priority command to restore the system-defined ACLs for ICMP attack guard. Use the undo icmp acl-priority command to cancel the system-defined ACLs for ICMP attack guard. By default, the system keeps the system-defined ACLs for ICMP attack guard. 2-14

21 In a secure network, you can cancel the system-defined ACLs for ICMP attack guard, and thus increase the available ACL resources for setting user-defined security policies. With the system-defined ACLs for ICMP attack guard canceled, the ICMP attacks in the network may affect the device s processing for normal packets. Therefore, before canceling the system-defined ACLs for ICMP attack guard, check ICMP attack vulnerabilities in the network to make sure that the network can operate properly after you cancel the system-defined ACLs for ICMP attack guard. # Cancel the system-defined ACLs for ICMP attack guard. <Sysname> system-view [Sysname] undo icmp acl-priority icmp redirect send icmp redirect send undo icmp redirect send System view Use the icmp redirect send command to enable the device to send ICMP redirection packets. Use the undo icmp redirect send command to disable the device from sending ICMP redirection packets. By default, the device is enabled to send ICMP redirection packets. # Disable the device from sending ICMP redirection packets. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] undo icmp redirect send icmp unreach send icmp unreach send undo icmp unreach send System view 2-15

22 Use the icmp unreach send command to enable the device to send ICMP destination unreachable packets. After enabled with this feature, the switch, upon receiving a packet with an unreachable destination, discards the packet and then sends a destination unreachable packet to the source host. Use the undo icmp unreach send command to disable the device from sending ICMP destination unreachable packets. By default, the device is enabled to send ICMP destination unreachable packets. # Disable the device from sending ICMP destination unreachable packets. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] undo icmp unreach send ip forward-broadcast ip forward-broadcast undo ip forward-broadcast System view Use the ip forward-broadcast command to enable the device to receive directed broadcasts to a directly connected network. Use the undo ip forward-broadcast command to disable the device from receiving directed broadcasts to a directly connected network. By default, the device is disabled from receiving directed broadcasts to a directly connected network. # Enable the device to receive directed broadcasts to a directly connected network. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] ip forward-broadcast 2-16

23 reset ip statistics reset ip statistics User view Use the reset ip statistics command to clear the statistics about IP packets. You can use the display ip statistics command to view the current IP packet statistics. Related commands: display ip interface. # Clear the statistics about IP packets. <Sysname> reset ip statistics reset tcp statistics reset tcp statistics User view Use the reset tcp statistics command to clear the statistics about TCP packets. You can use the display tcp statistics command to view the current TCP packet statistics. # Clear the statistics about TCP packets. <Sysname> reset tcp statistics reset udp statistics reset udp statistics User view 2-17

24 Use the reset udp statistics command to clear the statistics about UDP packets. You can use the display udp statistics command to view the current UDP packet statistics. # Clear the statistics about UDP packets. <Sysname> reset udp statistics tcp timer fin-timeout tcp timer fin-timeout time-value undo tcp timer fin-timeout System view time-value: TCP finwait timer, in seconds, with the value ranging from 76 to Use the tcp timer fin-timeout command to configure the TCP finwait timer. Use the undo tcp timer fin-timeout command to restore the default value of the TCP finwait timer. By default, the value of the TCP finwait timer is 675 seconds. When the TCP connection state changes from FIN_WAIT_1 to FIN_WAIT_2, the finwait timer is enabled. If the switch does not receive FIN packets before finwait timer times out, the TCP connection will be terminated. Related commands: tcp timer syn-timeout, tcp window. # Configure the value of the TCP finwait timer to 800 seconds. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] tcp timer fin-timeout 800 tcp timer syn-timeout tcp timer syn-timeout time-value undo tcp timer syn-timeout 2-18

25 System view time-value: TCP synwait timer, in seconds, with the value ranging from 2 to 600. Use the tcp timer syn-timeout command to configure the TCP synwait timer. Use the undo tcp timer syn-timeout command to restore the default value of the TCP synwait timer. By default, the value of the TCP synwait timer is 75 seconds. When sending the SYN packet, TCP starts the synwait timer. If the response packet is not received before synwait times out, the TCP connection will be terminated. Related commands: tcp timer fin-timeout, tcp window. # Configure the value of the TCP synwait timer to 80 seconds. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] tcp timer syn-timeout 80 tcp window tcp window window-size undo tcp window System view window-size: Size of the transmission and receiving buffers of the connection-oriented socket, measured in kilobytes (KB), in the range of 1 to 32. Use the tcp window command to configure the size of the transmission and receiving buffers of the connection-oriented socket. Use the undo tcp window command to restore the default size of the transmission and receiving buffers of the connection-oriented socket. By default, the size of the transmission and receiving buffers is 8 KB. Related commands: tcp timer fin-timeout, tcp timer syn-timeout. # Configure the size of the transmission and receiving buffers of the connection-oriented socket to 3 KB. <Sysname> system-view 2-19

26 System : return to User with Ctrl+Z. [Sysname] tcp window

Table of Contents 1 IP Address Configuration Commands IP Performance Configuration Commands 2-1

Table of Contents 1 IP Address Configuration Commands IP Performance Configuration Commands 2-1 Table of Contents 1 IP Address Configuration Commands 1-1 IP Address Configuration Commands 1-1 display ip interface 1-1 display ip interface brief 1-2 ip address 1-3 2 IP Performance Configuration Commands

More information

Command Manual (For Soliton) IP Address-IP Performance. Table of Contents

Command Manual (For Soliton) IP Address-IP Performance. Table of Contents Table of Contents Table of Contents Chapter 1 IP Address Configuration... 1-1 1.1 IP Address Configuration... 1-1 1.1.1 display ip interface... 1-1 1.1.2 display ip interface brief... 1-3 1.1.3 ip address...

More information

IP Services Volume Organization

IP Services Volume Organization IP Services Volume Organization Manual Version 6W100-20090626 Product Version Release 1102 Organization The IP Services Volume is organized as follows: Features IP Address IP Performance Optimization ARP

More information

IP performance optimization

IP performance optimization Contents IP performance optimization 1 display icmp statistics 1 display ip socket 2 display ip statistics 6 display tcp statistics 8 display udp statistics 10 ip forward-broadcast 11 ip icmp flow-control

More information

tcp ipv6 timer fin-timeout 40 tcp ipv6 timer syn-timeout 40 tcp ipv6 window 41

tcp ipv6 timer fin-timeout 40 tcp ipv6 timer syn-timeout 40 tcp ipv6 window 41 Table of Contents IPv6 Basics Configuration Commands 1 IPv6 Basics Configuration Commands 1 display ipv6 fib 1 display ipv6 fibcache 2 display ipv6 interface 2 display ipv6 neighbors 5 display ipv6 neighbors

More information

Contents. IP addressing configuration commands 1 display ip interface 1 display ip interface brief 3 ip address 5

Contents. IP addressing configuration commands 1 display ip interface 1 display ip interface brief 3 ip address 5 Contents IP addressing configuration commands 1 display ip interface 1 display ip interface brief 3 ip address 5 i IP addressing configuration commands display ip interface Syntax View Default level Parameters

More information

Table of Contents 1 IP Addressing Configuration IP Performance Configuration 2-1

Table of Contents 1 IP Addressing Configuration IP Performance Configuration 2-1 Table of Contents 1 IP Addressing Configuration 1-1 IP Addressing Overview 1-1 IP Address Classes 1-1 Special Case IP Addresses 1-2 Subnetting and Masking 1-2 Configuring IP Addresses 1-3 Displaying IP

More information

Operation Manual IP Addressing and IP Performance H3C S5500-SI Series Ethernet Switches. Table of Contents

Operation Manual IP Addressing and IP Performance H3C S5500-SI Series Ethernet Switches. Table of Contents Table of Contents Table of Contents... 1-1 1.1 IP Addressing Overview... 1-1 1.1.1 IP Address Classes... 1-1 1.1.2 Special Case IP Addresses... 1-2 1.1.3 Subnetting and Masking... 1-2 1.2 Configuring IP

More information

Command Manual Network Protocol. Table of Contents

Command Manual Network Protocol. Table of Contents Table of Contents Table of Contents Chapter 1 IP Address Configuration Commands... 1-1 1.1 IP Address Configuration Commands... 1-1 1.1.1 display ip host... 1-1 1.1.2 display ip interface... 1-1 1.1.3

More information

HP FlexFabric 5930 Switch Series

HP FlexFabric 5930 Switch Series HP FlexFabric 5930 Switch Series Layer 3 IP Services Command Reference Part number: 5998-4568 Software version: Release 2406 & Release 2407P01 Document version: 6W101-20140404 Legal and notice information

More information

Table of Contents. 2 Static Route Configuration Commands 2-1 Static Route Configuration Commands 2-1 delete static-routes all 2-1 ip route-static 2-1

Table of Contents. 2 Static Route Configuration Commands 2-1 Static Route Configuration Commands 2-1 delete static-routes all 2-1 ip route-static 2-1 Table of Contents 1 IP Routing Table Commands 1-1 IP Routing Table Commands 1-1 display ip routing-table 1-1 display ip routing-table acl 1-3 display ip routing-table ip-address 1-5 display ip routing-table

More information

HPE FlexNetwork 5510 HI Switch Series

HPE FlexNetwork 5510 HI Switch Series HPE FlexNetwork 5510 HI Switch Series Layer 3 IP Services Command Reference Part number: 5200-0078b Software version: Release 11xx Document version: 6W102-20171020 Copyright 2015, 2017 Hewlett Packard

More information

HPE 5920 & 5900 Switch Series

HPE 5920 & 5900 Switch Series HPE 5920 & 5900 Switch Series Layer 3 IP Services Command Reference Part number: 5998-6643t Software version: Release 2422P01 Document version: 6W101-20171030 Copyright 2016, 2017 Hewlett Packard Enterprise

More information

Operation Manual IPv6 H3C S3610&S5510 Series Ethernet Switches Table of Contents. Table of Contents

Operation Manual IPv6 H3C S3610&S5510 Series Ethernet Switches Table of Contents. Table of Contents Operation Manual IPv6 Table of Contents Table of Contents Chapter 1 IPv6 Basics Configuration... 1-1 1.1 IPv6 Overview... 1-1 1.1.1 IPv6 Features... 1-2 1.1.2 Introduction to IPv6 Address... 1-3 1.1.3

More information

HPE FlexNetwork 5510 HI Switch Series

HPE FlexNetwork 5510 HI Switch Series HPE FlexNetwork 5510 HI Switch Series Layer 3 IP Services Command Reference Part number: 5200-3837 Software version: Release 13xx Document version: 6W100-20170315 Copyright 2015, 2017 Hewlett Packard Enterprise

More information

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1 Table of Contents 1 IPv6 Configuration 1-1 IPv6 Overview 1-1 IPv6 Features 1-1 Introduction to IPv6 Address 1-2 Introduction to IPv6 Neighbor Discovery Protocol 1-5 Introduction to ND Snooping 1-7 Introduction

More information

HPE FlexFabric 7900 Switch Series

HPE FlexFabric 7900 Switch Series HPE FlexFabric 7900 Switch Series Layer 3 IP Services Command Reference Part number: 5200-0982a Software version: Release 2150 and later Document version: 6W101-20170622 Copyright 2016, 2017 Hewlett Packard

More information

Table of Contents 1 IPv6 Basics Configuration 1-1

Table of Contents 1 IPv6 Basics Configuration 1-1 Table of Contents 1 IPv6 Basics Configuration 1-1 IPv6 Overview 1-1 IPv6 Features 1-1 Introduction to IPv6 Address 1-3 Introduction to IPv6 Neighbor Discovery Protocol 1-5 IPv6 PMTU Discovery 1-8 Introduction

More information

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1 Table of Contents 1 IPv6 Configuration 1-1 IPv6 Overview 1-1 IPv6 Features 1-1 Introduction to IPv6 Address 1-3 Introduction to IPv6 Neighbor Discovery Protocol 1-5 Introduction to IPv6 DNS 1-8 Protocols

More information

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1 Table of Contents 1 IPv6 Configuration 1-1 IPv6 Overview 1-1 IPv6 Features 1-1 Introduction to IPv6 Address 1-3 Introduction to IPv6 Neighbor Discovery Protocol 1-6 Introduction to IPv6 DNS 1-8 Protocols

More information

IPv4 and IPv6 Commands

IPv4 and IPv6 Commands This module describes the Cisco IOS XR software commands used to configure the IPv4 and IPv6 commands for Broadband Network Gateway (BNG) on the Cisco ASR 9000 Series Router. For details regarding the

More information

Configuring IPv6 basics

Configuring IPv6 basics Contents Configuring IPv6 basics 1 IPv6 overview 1 IPv6 features 1 IPv6 addresses 2 IPv6 neighbor discovery protocol 5 IPv6 PMTU discovery 8 IPv6 transition technologies 8 Protocols and standards 9 IPv6

More information

H3C S5120-HI Switch Series

H3C S5120-HI Switch Series H3C S5120-HI Switch Series Layer 3 - IP Services Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 52xx Document version: 6W101-20140523 Copyright 2013-2014,

More information

H3C S3100V2-52TP Switch

H3C S3100V2-52TP Switch H3C S3100V2-52TP Switch Layer 3 IP Services Command Reference New H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 2111P02, Release 2112 Document version: 6W101-20180228 Copyright

More information

H3C S3100V2 Switch Series

H3C S3100V2 Switch Series H3C S3100V2 Switch Series Layer 3 IP Services Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 5203P05 and Release 5203P12 Document version: 6W101-20150530

More information

H3C S5130-HI Switch Series

H3C S5130-HI Switch Series H3C S5130-HI Switch Series Layer 3 - IP Services Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1111 Document version: 6W100-20150615 Copyright 2015,

More information

H3C SR6600 Routers. Layer 3 IP Services. Command Reference. Hangzhou H3C Technologies Co., Ltd.

H3C SR6600 Routers. Layer 3 IP Services. Command Reference. Hangzhou H3C Technologies Co., Ltd. H3C SR6600 Routers Layer 3 IP Services Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Document Version: 20100930-C-1.08 Product Version: SR6600-CMW520-R2420 Copyright 2007-2010,

More information

K2289: Using advanced tcpdump filters

K2289: Using advanced tcpdump filters K2289: Using advanced tcpdump filters Non-Diagnostic Original Publication Date: May 17, 2007 Update Date: Sep 21, 2017 Topic Introduction Filtering for packets using specific TCP flags headers Filtering

More information

ICS 451: Today's plan

ICS 451: Today's plan ICS 451: Today's plan ICMP ping traceroute ARP DHCP summary of IP processing ICMP Internet Control Message Protocol, 2 functions: error reporting (never sent in response to ICMP error packets) network

More information

H3C S5500-HI Switch Series

H3C S5500-HI Switch Series H3C S5500-HI Switch Series Layer 3 - IP Services Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 5101 Document version: 6W100-20111031 Copyright 2011,

More information

H3C S5500-HI Switch Series

H3C S5500-HI Switch Series H3C S5500-HI Switch Series Layer 3 - IP Services Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 52xx Document version: 6W102-20131220 Copyright 2013,

More information

Configuring Routes on the ACE

Configuring Routes on the ACE CHAPTER2 This chapter describes how the ACE is considered a router hop in the network when it is in routed mode. In the Admin or user contexts, the ACE supports static routes only. The ACE supports up

More information

H3C S12500 Series Routing Switches

H3C S12500 Series Routing Switches H3C S12500 Series Routing Switches Layer 3 IP Services Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: S12500-CMW710-R7128 Document version: 6W710-20121130 Copyright

More information

Operation Manual - Network and Routing Protocol. Table of Contents

Operation Manual - Network and Routing Protocol. Table of Contents Table of Contents Table of Contents Chapter 1 IP Address and IP Performance Configuration... 5-1 1.1 IP Address Overview...5-1 1.2 Assigning IP Addresses... 5-5 1.2.1 Assigning IP Addresses to Interfaces...

More information

IP - The Internet Protocol. Based on the slides of Dr. Jorg Liebeherr, University of Virginia

IP - The Internet Protocol. Based on the slides of Dr. Jorg Liebeherr, University of Virginia IP - The Internet Protocol Based on the slides of Dr. Jorg Liebeherr, University of Virginia Orientation IP (Internet Protocol) is a Network Layer Protocol. IP: The waist of the hourglass IP is the waist

More information

Introduction to IPv6. IPv6 addresses

Introduction to IPv6. IPv6 addresses Introduction to IPv6 (Chapter 4 in Huitema) IPv6,Mobility-1 IPv6 addresses 128 bits long Written as eight 16-bit integers separated with colons E.g. 1080:0000:0000:0000:0000:0008:200C:417A = 1080::8:800:200C:417A

More information

Portal configuration commands

Portal configuration commands Contents Portal configuration commands 1 display portal acl 1 display portal connection statistics 5 display portal free-rule 7 display portal interface 9 display portal-roaming 11 display portal server

More information

IPv4. Christian Grothoff.

IPv4. Christian Grothoff. IPv4 christian@grothoff.org http://grothoff.org/christian/ Sites need to be able to interact in one single, universal space. Tim Berners-Lee 1 The Network Layer Transports datagrams from sending to receiving

More information

TSIN02 - Internetworking

TSIN02 - Internetworking Lecture 2: The Internet Protocol Literature: Forouzan: ch 4-9 and ch 27 2004 Image Coding Group, Linköpings Universitet Outline About the network layer Tasks Addressing Routing Protocols 2 Tasks of the

More information

Command Manual IPv4 Routing H3C S3610&S5510 Series Ethernet Switches. Table of Contents

Command Manual IPv4 Routing H3C S3610&S5510 Series Ethernet Switches. Table of Contents Table of Contents Table of Contents Chapter 1 Static Routing Configuration Commands... 1-1 1.1 Static Routing Configuration Commands... 1-1 1.1.1 delete static-routes all... 1-1 1.1.2 ip route-static...

More information

Dongsoo S. Kim Electrical and Computer Engineering Indiana U. Purdue U. Indianapolis

Dongsoo S. Kim Electrical and Computer Engineering Indiana U. Purdue U. Indianapolis Session 8. TCP/IP Dongsoo S. Kim (dskim@iupui.edu) Electrical and Computer Engineering Indiana U. Purdue U. Indianapolis IP Packet 0 4 8 16 19 31 Version IHL Type of Service Total Length Identification

More information

Configuring IPv6 for Gigabit Ethernet Interfaces

Configuring IPv6 for Gigabit Ethernet Interfaces CHAPTER 46 IP version 6 (IPv6) provides extended addressing capability beyond those provided in IP version 4 (IPv4) in Cisco MDS SAN-OS. The architecture of IPv6 has been designed to allow existing IPv4

More information

Each ICMP message contains three fields that define its purpose and provide a checksum. They are TYPE, CODE, and CHECKSUM fields.

Each ICMP message contains three fields that define its purpose and provide a checksum. They are TYPE, CODE, and CHECKSUM fields. IP address ICMP Each ICMP message contains three fields that define its purpose and provide a checksum. They are TYPE, CODE, and CHECKSUM fields. The TYPE field identifies the ICMP message, the CODE field

More information

Module 7 Internet And Internet Protocol Suite

Module 7 Internet And Internet Protocol Suite Module 7 Internet And Internet Protocol Suite Lesson 22 IP addressing. ICMP LESSON OBJECTIVE General The lesson will continue the discussion on IPv4 along with the idea of ICMP. Specific The focus areas

More information

TCP/IP Networking. Part 4: Network and Transport Layer Protocols

TCP/IP Networking. Part 4: Network and Transport Layer Protocols TCP/IP Networking Part 4: Network and Transport Layer Protocols Orientation Application Application protocol Application TCP TCP protocol TCP IP IP protocol IP IP protocol IP IP protocol IP Network Access

More information

TCP /IP Fundamentals Mr. Cantu

TCP /IP Fundamentals Mr. Cantu TCP /IP Fundamentals Mr. Cantu OSI Model and TCP/IP Model Comparison TCP / IP Protocols (Application Layer) The TCP/IP subprotocols listed in this layer are services that support a number of network functions:

More information

Internet Protocols (chapter 18)

Internet Protocols (chapter 18) Internet Protocols (chapter 18) CSE 3213 Fall 2011 Internetworking Terms 1 TCP/IP Concepts Connectionless Operation Internetworking involves connectionless operation at the level of the Internet Protocol

More information

CHAPTER-2 IP CONCEPTS

CHAPTER-2 IP CONCEPTS CHAPTER-2 IP CONCEPTS Page: 1 IP Concepts IP is a very important protocol in modern internetworking; you can't really comprehend modern networking without a good understanding of IP. Unfortunately, IP

More information

CS 356: Computer Network Architectures. Lecture 10: IP Fragmentation, ARP, and ICMP. Xiaowei Yang

CS 356: Computer Network Architectures. Lecture 10: IP Fragmentation, ARP, and ICMP. Xiaowei Yang CS 356: Computer Network Architectures Lecture 10: IP Fragmentation, ARP, and ICMP Xiaowei Yang xwy@cs.duke.edu Overview Homework 2-dimension parity IP fragmentation ARP ICMP Fragmentation and Reassembly

More information

HP 6125 Blade Switch Series

HP 6125 Blade Switch Series HP 6125 Blade Switch Series Layer 3 - IP Services Configuration Guide Part number: 5998-3156 Software version: Release 2103 Document version: 6W100-20120907 Legal and notice information Copyright 2012

More information

History Page. Barracuda NextGen Firewall F

History Page. Barracuda NextGen Firewall F The Firewall > History page is very useful for troubleshooting. It provides information for all traffic that has passed through the Barracuda NG Firewall. It also provides messages that state why traffic

More information

II. Principles of Computer Communications Network and Transport Layer

II. Principles of Computer Communications Network and Transport Layer II. Principles of Computer Communications Network and Transport Layer A. Internet Protocol (IP) IPv4 Header An IP datagram consists of a header part and a text part. The header has a 20-byte fixed part

More information

TCP/IP Protocol Suite

TCP/IP Protocol Suite TCP/IP Protocol Suite Computer Networks Lecture 5 http://goo.gl/pze5o8 TCP/IP Network protocols used in the Internet also used in today's intranets TCP layer 4 protocol Together with UDP IP - layer 3 protocol

More information

Configuring attack detection and prevention 1

Configuring attack detection and prevention 1 Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack

More information

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12 TCP/IP Networking Training Details Training Time : 9 Hours Capacity : 12 Prerequisites : There are no prerequisites for this course. About Training About Training TCP/IP is the globally accepted group

More information

Networking Technologies and Applications

Networking Technologies and Applications Networking Technologies and Applications Rolland Vida BME TMIT Transport Protocols UDP User Datagram Protocol TCP Transport Control Protocol and many others UDP One of the core transport protocols Used

More information

ET4254 Communications and Networking 1

ET4254 Communications and Networking 1 Topic 9 Internet Protocols Aims:- basic protocol functions internetworking principles connectionless internetworking IP IPv6 IPSec 1 Protocol Functions have a small set of functions that form basis of

More information

Operation Manual IPv4 Routing H3C S3610&S5510 Series Ethernet Switches. Table of Contents

Operation Manual IPv4 Routing H3C S3610&S5510 Series Ethernet Switches. Table of Contents Table of Contents Table of Contents Chapter 1 Static Routing Configuration... 1-1 1.1 Introduction... 1-1 1.1.1 Static Route... 1-1 1.1.2 Default Route... 1-1 1.1.3 Application Environment of Static Routing...

More information

Internet Control Message Protocol (ICMP)

Internet Control Message Protocol (ICMP) Internet Control Message Protocol (ICMP) 1 Overview The IP (Internet Protocol) relies on several other protocols to perform necessary control and routing functions: Control functions (ICMP) Multicast signaling

More information

Configuring attack detection and prevention 1

Configuring attack detection and prevention 1 Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack

More information

TSIN02 - Internetworking

TSIN02 - Internetworking Lecture 2: Internet Protocol Literature: Forouzan: ch (4-6), 7-9 and ch 31 2004 Image Coding Group, Linköpings Universitet Lecture 2: IP Goals: Understand the benefits Understand the architecture IPv4

More information

Introduction to IPv6. IPv6 addresses

Introduction to IPv6. IPv6 addresses Introduction to IPv6 (Chapter4inHuitema) IPv6,Mobility-1 IPv6 addresses 128 bits long Written as eight 16-bit hexadecimal integers separated with colons E.g. 1080:0000:0000:0000:0000:0008:200C:417A = 1080::8:800:200C:417A

More information

MESSAGES error-reporting messages and query messages. problems processes IP packet specific information

MESSAGES error-reporting messages and query messages. problems processes IP packet specific information ICMP ICMP ICMP is mainly used by operating systems of networked computers to send error messages indicating that a requested service is not available or that host/ router could not be reached. ICMP MESSAGES

More information

Network Layer. The Network Layer. Contents Connection-Oriented and Connectionless Service. Recall:

Network Layer. The Network Layer. Contents Connection-Oriented and Connectionless Service. Recall: Network Layer The Network Layer Recall: The network layer is responsible for the routing of packets The network layer is responsible for congestion control 1 2 Contents 4.1.1 Connection-Oriented and Connectionless

More information

Network Layer. Recall: The network layer is responsible for the routing of packets The network layer is responsible for congestion control

Network Layer. Recall: The network layer is responsible for the routing of packets The network layer is responsible for congestion control The Network Layer 1 Network Layer Recall: The network layer is responsible for the routing of packets The network layer is responsible for congestion control 2 Contents Connection-Oriented (virtual circuit)

More information

User Datagram Protocol

User Datagram Protocol Topics Transport Layer TCP s three-way handshake TCP s connection termination sequence TCP s TIME_WAIT state TCP and UDP buffering by the socket layer 2 Introduction UDP is a simple, unreliable datagram

More information

Lecture 11: IP routing, IP protocols

Lecture 11: IP routing, IP protocols Lecture 11: IP routing, IP protocols Contents Routing principles Local datagram delivery ICMP Protocol UDP Protocol TCP/IP Protocol Assuring requirements for streaming TPC Building and terminating TCP

More information

Configuring TCP/IP Normalization and IP Reassembly Parameters

Configuring TCP/IP Normalization and IP Reassembly Parameters CHAPTER4 Configuring TCP/IP Normalization and IP Reassembly Parameters This chapter describes how to configure TCP/IP normalization and termination parameters to protect your Cisco Application Control

More information

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet Chapter 2 - Part 1 The TCP/IP Protocol: The Language of the Internet Protocols A protocol is a language or set of rules that two or more computers use to communicate 2 Protocol Analogy: Phone Call Parties

More information

SEN366 (SEN374) (Introduction to) Computer Networks

SEN366 (SEN374) (Introduction to) Computer Networks SEN366 (SEN374) (Introduction to) Computer Networks Prof. Dr. Hasan Hüseyin BALIK (12 th Week) The Internet Protocol 12.Outline Principles of Internetworking Internet Protocol Operation Internet Protocol

More information

H3C S5120-SI Switch Series

H3C S5120-SI Switch Series H3C S5120-SI Switch Series Layer 3 - IP Routing Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1505 Document version: 6W101-20111108 Copyright 2011,

More information

IPv6 Neighbor Discovery

IPv6 Neighbor Discovery The IPv6 neighbor discovery process uses Internet Control Message Protocol (ICMP) messages and solicited-node multicast addresses to determine the link-layer address of a neighbor on the same network (local

More information

Chapter 6 Global CONFIG Commands

Chapter 6 Global CONFIG Commands Chapter 6 Global CONFIG Commands aaa accounting Configures RADIUS or TACACS+ accounting for recording information about user activity and system events. When you configure accounting on an HP device, information

More information

Network Layer (4): ICMP

Network Layer (4): ICMP 1 Network Layer (4): ICMP Required reading: Kurose 4.4.3, 4.4.4 CSE 4213, Fall 2006 Instructor: N. Vlajic 2 1. Introduction 2. Network Service Models 3. Architecture 4. Network Layer Protocols in the Internet

More information

H3C S10500 Attack Protection Configuration Examples

H3C S10500 Attack Protection Configuration Examples H3C S10500 Attack Protection Configuration Examples Copyright 2015 Hangzhou H3C Technologies Co., Ltd. All rights reserved. No part of this manual may be reproduced or transmitted in any form or by any

More information

CPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer

CPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer 1 CPSC 826 Intering The Network Layer: Routing & Addressing Outline The Network Layer Michele Weigle Department of Computer Science Clemson University mweigle@cs.clemson.edu November 10, 2004 Network layer

More information

Introduction to Internetworking

Introduction to Internetworking Introduction to Internetworking Introductory terms Communications Network Facility that provides data transfer services An internet Collection of communications networks interconnected by bridges and/or

More information

Introduction to IPv6. IPv6 addresses

Introduction to IPv6. IPv6 addresses Introduction to IPv6 (Chapter 4 in Huitema) IPv6,Mobility-1 IPv6 addresses 128 bits long Written as eight 16-bit integers separated with colons E.g. 1080:0000:0000:0000:0000:0008:200C:417A = 1080::8:800:200C:417A

More information

Internet Control Message Protocol

Internet Control Message Protocol Internet Control Message Protocol The Internet Control Message Protocol is used by routers and hosts to exchange control information, and to inquire about the state and configuration of routers and hosts.

More information

Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path. Review of TCP/IP Internetworking

Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path. Review of TCP/IP Internetworking 1 Review of TCP/IP working Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path Frame Path Chapter 3 Client Host Trunk Link Server Host Panko, Corporate

More information

ARP attack protection commands

ARP attack protection commands Contents ARP attack protection commands 1 Unresolvable IP attack protection commands 1 arp resolving-route enable 1 arp source-suppression enable 1 arp source-suppression limit 2 display arp source-suppression

More information

Network Security. Introduction to networks. Radboud University, The Netherlands. Autumn 2015

Network Security. Introduction to networks. Radboud University, The Netherlands. Autumn 2015 Network Security Introduction to networks Radboud University, The Netherlands Autumn 2015 What is a (computer) network Definition A computer network is two or more computers that are connected, so that

More information

Packet Header Formats

Packet Header Formats A P P E N D I X C Packet Header Formats S nort rules use the protocol type field to distinguish among different protocols. Different header parts in packets are used to determine the type of protocol used

More information

Chapter 4 Network Layer

Chapter 4 Network Layer Sungkyunkwan University Chapter 4 Network Layer Prepared by H. Choo 2018-Fall Computer Networks Copyright 2000-2014 2000-2018 Networking Laboratory 1/52 Presentation Outline 4.1 Introduction 4.2 Network-Layer

More information

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Layer 4: UDP, TCP, and others based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Concepts application set transport set High-level, "Application Set" protocols deal only with how handled

More information

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link. Internet Layers Application Application Transport Transport Network Network Network Network Link Link Link Link Ethernet Fiber Optics Physical Layer Wi-Fi ARP requests and responses IP: 192.168.1.1 MAC:

More information

H3C SecPath Series High-End Firewalls

H3C SecPath Series High-End Firewalls H3C SecPath Series High-End Firewalls Attack Protection Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: SECPATHF1000SAI&F1000AEI&F1000ESI-CMW520-R3721 SECPATH5000FA-CMW520-F3210

More information

Interconnecting Networks with TCP/IP

Interconnecting Networks with TCP/IP Chapter 8 Interconnecting s with TCP/IP 1999, Cisco Systems, Inc. 8-1 Introduction to TCP/IP Internet TCP/IP Early protocol suite Universal 1999, Cisco Systems, Inc. www.cisco.com ICND 8-2 TCP/IP Protocol

More information

Extended ACL Configuration Mode Commands

Extended ACL Configuration Mode Commands Extended ACL Configuration Mode Commands To create and modify extended access lists on a WAAS device for controlling access to interfaces or applications, use the ip access-list extended global configuration

More information

IPv6. IPv4 & IPv6 Header Comparison. Types of IPv6 Addresses. IPv6 Address Scope. IPv6 Header. IPv4 Header. Link-Local

IPv6. IPv4 & IPv6 Header Comparison. Types of IPv6 Addresses. IPv6 Address Scope. IPv6 Header. IPv4 Header. Link-Local 1 v4 & v6 Header Comparison v6 Ver Time to Live v4 Header IHL Type of Service Identification Protocol Flags Source Address Destination Address Total Length Fragment Offset Header Checksum Ver Traffic Class

More information

ICMP (Internet Control Message Protocol)

ICMP (Internet Control Message Protocol) Today s Lecture ICMP (Internet Control Message Protocol) Internet Protocols CSC / C 573 I. ICMP Overview II. ICMP rror Reporting III. ICMP Query / Response Messages IV. ICMP Message Processing Fall, 2005

More information

Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing

Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing Network layer: Overview Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing 1 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every

More information

Configuring IP addressing

Configuring IP addressing Contents Configuring IP addressing 1 Overview 1 IP address classes 1 Special IP addresses 2 Subnetting and masking 2 Assigning an IP address to an interface 3 Configuration guidelines 3 Configuration procedure

More information

IPv6 Protocols and Networks Hadassah College Spring 2018 Wireless Dr. Martin Land

IPv6 Protocols and Networks Hadassah College Spring 2018 Wireless Dr. Martin Land IPv6 1 IPv4 & IPv6 Header Comparison IPv4 Header IPv6 Header Ver IHL Type of Service Total Length Ver Traffic Class Flow Label Identification Flags Fragment Offset Payload Length Next Header Hop Limit

More information

Network layer: Overview. Network Layer Functions

Network layer: Overview. Network Layer Functions Network layer: Overview Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing 1 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every

More information

Table of Contents 1 Static Routing Configuration RIP Configuration 2-1

Table of Contents 1 Static Routing Configuration RIP Configuration 2-1 Table of Contents 1 Static Routing Configuration 1-1 Introduction 1-1 Static Route 1-1 Default Route 1-1 Application Environment of Static Routing 1-1 Configuring a Static Route 1-2 Configuration Prerequisites

More information

Operation Manual ARP H3C S5500-SI Series Ethernet Switches. Table of Contents

Operation Manual ARP H3C S5500-SI Series Ethernet Switches. Table of Contents Table of Contents Table of Contents... 1-1 1.1 ARP Overview... 1-1 1.1.1 ARP Function... 1-1 1.1.2 ARP Message Format... 1-1 1.1.3 ARP Address Resolution Process... 1-2 1.1.4 ARP Mapping Table... 1-3 1.2

More information

CS 457 Lecture 11 More IP Networking. Fall 2011

CS 457 Lecture 11 More IP Networking. Fall 2011 CS 457 Lecture 11 More IP Networking Fall 2011 IP datagram format IP protocol version number header length (bytes) type of data max number remaining hops (decremented at each router) upper layer protocol

More information

Da t e: August 2 0 th a t 9: :00 SOLUTIONS

Da t e: August 2 0 th a t 9: :00 SOLUTIONS Interne t working, Examina tion 2G1 3 0 5 Da t e: August 2 0 th 2 0 0 3 a t 9: 0 0 1 3:00 SOLUTIONS 1. General (5p) a) Place each of the following protocols in the correct TCP/IP layer (Application, Transport,

More information

HP FlexFabric 5700 Switch Series

HP FlexFabric 5700 Switch Series HP FlexFabric 5700 Switch Series Layer 3 - IP Routing Configuration Guide Part number: 5998-6688 Software version: Release 2416 Document version: 6W100-20150130 Legal and notice information Copyright 2015

More information