Table of Contents 1 IP Address Configuration Commands IP Performance Configuration Commands 2-1

Similar documents
Command Manual (For Soliton) IP Address-IP Performance. Table of Contents

Table of Contents 1 IP Address Configuration Commands IP Performance Configuration Commands 2-1

IP Services Volume Organization

IP performance optimization

tcp ipv6 timer fin-timeout 40 tcp ipv6 timer syn-timeout 40 tcp ipv6 window 41

Contents. IP addressing configuration commands 1 display ip interface 1 display ip interface brief 3 ip address 5

Table of Contents 1 IP Addressing Configuration IP Performance Configuration 2-1

Operation Manual IP Addressing and IP Performance H3C S5500-SI Series Ethernet Switches. Table of Contents

Command Manual Network Protocol. Table of Contents

HP FlexFabric 5930 Switch Series

Table of Contents. 2 Static Route Configuration Commands 2-1 Static Route Configuration Commands 2-1 delete static-routes all 2-1 ip route-static 2-1

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

Operation Manual IPv6 H3C S3610&S5510 Series Ethernet Switches Table of Contents. Table of Contents

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

HPE FlexNetwork 5510 HI Switch Series

HPE 5920 & 5900 Switch Series

Table of Contents 1 IPv6 Basics Configuration 1-1

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

HPE FlexNetwork 5510 HI Switch Series

IPv4 and IPv6 Commands

HPE FlexFabric 7900 Switch Series

H3C S3100V2 Switch Series

Configuring IPv6 basics

K2289: Using advanced tcpdump filters

Configuring Routes on the ACE

H3C S3100V2-52TP Switch

H3C S5120-HI Switch Series

H3C SR6600 Routers. Layer 3 IP Services. Command Reference. Hangzhou H3C Technologies Co., Ltd.

ICS 451: Today's plan

H3C S5130-HI Switch Series

H3C S5500-HI Switch Series

Each ICMP message contains three fields that define its purpose and provide a checksum. They are TYPE, CODE, and CHECKSUM fields.

H3C S5500-HI Switch Series

Module 7 Internet And Internet Protocol Suite

TCP/IP Networking. Part 4: Network and Transport Layer Protocols

IP - The Internet Protocol. Based on the slides of Dr. Jorg Liebeherr, University of Virginia

H3C S12500 Series Routing Switches

CHAPTER-2 IP CONCEPTS

History Page. Barracuda NextGen Firewall F

II. Principles of Computer Communications Network and Transport Layer

IPv4. Christian Grothoff.

Internet Control Message Protocol (ICMP)

TCP /IP Fundamentals Mr. Cantu

TSIN02 - Internetworking

Internet Protocols (chapter 18)

TCP/IP Protocol Suite

CS 356: Computer Network Architectures. Lecture 10: IP Fragmentation, ARP, and ICMP. Xiaowei Yang

Introduction to IPv6. IPv6 addresses

User Datagram Protocol

Configuring IPv6 for Gigabit Ethernet Interfaces

Networking Technologies and Applications

TSIN02 - Internetworking

Portal configuration commands

Dongsoo S. Kim Electrical and Computer Engineering Indiana U. Purdue U. Indianapolis

Packet Header Formats

Configuring attack detection and prevention 1

ET4254 Communications and Networking 1

Configuring TCP/IP Normalization and IP Reassembly Parameters

Command Manual IPv4 Routing H3C S3610&S5510 Series Ethernet Switches. Table of Contents

Lecture 11: IP routing, IP protocols

Configuring attack detection and prevention 1

Network Layer (4): ICMP

IPv6 Neighbor Discovery

Operation Manual - Network and Routing Protocol. Table of Contents

ICMP (Internet Control Message Protocol)

Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path. Review of TCP/IP Internetworking

CPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer

Operation Manual IPv4 Routing H3C S3610&S5510 Series Ethernet Switches. Table of Contents

SEN366 (SEN374) (Introduction to) Computer Networks

Network Layer. The Network Layer. Contents Connection-Oriented and Connectionless Service. Recall:

Network Layer. Recall: The network layer is responsible for the routing of packets The network layer is responsible for congestion control

Problems of IP. Unreliable connectionless service. Cannot acquire status information from routers and other hosts

TSIN02 - Internetworking

Chapter 6 Global CONFIG Commands

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

H3C S5120-SI Switch Series

TSIN02 - Internetworking

MESSAGES error-reporting messages and query messages. problems processes IP packet specific information

Network Security. Introduction to networks. Radboud University, The Netherlands. Autumn 2015

Interconnecting Networks with TCP/IP

Your Name: Your student ID number:

Introduction to Internetworking

Introduction to IPv6. IPv6 addresses

(ICMP), RFC

Just enough TCP/IP. Protocol Overview. Connection Types in TCP/IP. Control Mechanisms. Borrowed from my ITS475/575 class the ITL

TSIN02 - Internetworking

CS 457 Lecture 11 More IP Networking. Fall 2011

Vorlesung Kommunikationsnetze

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.

Chapter 4 Network Layer

The Internet. The Internet is an interconnected collection of netw orks.

Troubleshooting Tools

Internet Control Message Protocol

Configuring IP Services

Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing

Introduction to IPv6. IPv6 addresses

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

ICMP (Internet Control Message Protocol)

Network layer: Overview. Network Layer Functions

Introduction to Networks and the Internet

Transcription:

Table of Contents 1 IP Address Configuration Commands 1-1 IP Address Configuration Commands 1-1 display ip interface 1-1 display ip interface brief 1-2 ip address 1-3 2 IP Performance Configuration Commands 2-1 IP Performance Configuration Commands 2-1 display fib 2-1 display fib ip-address 2-2 display fib acl 2-3 display fib 2-4 display fib statistics 2-4 display icmp statistics 2-5 display ip socket 2-6 display ip statistics 2-8 display tcp statistics 2-9 display tcp status 2-11 display udp statistics 2-12 icmp redirect send 2-13 icmp unreach send 2-14 reset ip statistics 2-14 reset tcp statistics 2-15 reset udp statistics 2-15 tcp timer fin-timeout 2-16 tcp timer syn-timeout 2-16 tcp window 2-17 i

1 IP Address Configuration Commands IP Address Configuration Commands display ip interface display ip interface [ interface-type interface-number ] interface-type interface-number: Specifies an interface by its type and number. Use the display ip interface command to display information about a specified or all Layer 3 interfaces. If no argument is specified, information about all Layer 3 interfaces is displayed. # Display information about VLAN-interface 1. <Sysname> display ip interface Vlan-interface 1 Vlan-interface1 current state :UP Line protocol current state :UP Internet Address is 192.168.0.39/24 Primary Broadcast address : 192.168.0.255 The Maximum Transmit Unit : 1500 bytes IP packets input number: 9678, bytes: 475001, multicasts: 7 IP packets output number: 8622, bytes: 391084, multicasts: 0 TTL invalid packet number: 0 ICMP packet input number: 0 Echo reply: 0 Unreachable: 0 Source quench: 0 Routing redirect: 0 Echo request: 0 Router advert: 0 Router solicit: 0 Time exceed: 0 IP header bad: 0 Timestamp request: 0 1-1

Timestamp reply: 0 Information request: 0 Information reply: 0 Netmask request: 0 Netmask reply: 0 Unknown type: 0 Table 1-1 on the fields of the display ip interface command Field Vlan-interface1 current state Current physical state of VLAN-interface 1 Line protocol current state Current state of the link layer protocol Internet Address IP address of the interface Broadcast address The Maximum Transmit Unit IP packets input number: 9678, bytes: 475001, multicasts: 7 IP packets output number: 8622, bytes: 391084, multicasts: 0 TTL invalid packet number ICMP packet input number: 0 Echo reply: 0 Unreachable: 0 Source quench: 0 Routing redirect: 0 Echo request: 0 Router advert: 0 Router solicit: 0 Time exceed: 0 IP header bad: 0 Timestamp request: 0 Timestamp reply: 0 Information request: 0 Information reply: 0 Netmask request: 0 Netmask reply: 0 Unknown type: 0 Directed broadcast address of the subnet attached to the interface Maximum transmission unit on the interface Total number of packets, bytes, and multicast packets forwarded and received on the interface Number of received invalid TTL packets Total number of received ICMP packets, including: Echo reply packet, unreachable packet, source quench packet, routing redirect packet, Echo request packet, router advert packet, router solicit packet, time exceed packet, IP header bad packet, timestamp request packet, timestamp reply packet, information request packet, information reply packet, netmask request packet, netmask reply packet, and unknown types of packets. display ip interface brief display ip interface brief [ interface-type [ interface-number ] ] 1-2

interface-type: Interface type. interface-number: Interface number. Use the display ip interface brief command to display brief information about a specified or all Layer 3 interfaces. With no argument included, the command displays information about all layer 3 interfaces; with only the interface type specified, it displays information about all layer 3 interfaces of the specified type; with both the interface type and interface number specified, it displays information about the specified interface. Related commands: display ip interface. # Display brief information about VLAN-interface 1. <Sysname> display ip interface brief vlan-interface 1 *down: administratively down (l): loopback (s): spoofing Interface IP Address Physical Protocol Vlan-interface1 192.168.0.39 up up Vlan-inte... Table 1-2 on the fields of the display ip interface brief command Field *down (s) Interface IP Address Physical Protocol The interface is administratively shut down with the shutdown command. Spoofing attribute of the interface. It indicates that the interface whose link layer protocol is displayed up may have no such a link present or the link is set up only on demand. Interface name IP address of the interface (If no IP address is configured, unassigned is displayed.) Physical state of the interface Link layer protocol state of the interface Interface description information. If the description has no more than 12 characters, the whole description can be displayed. If it has more than 12 characters, only the first nine characters are displayed. ip address ip address ip-address { mask mask-length } undo ip address [ ip-address { mask mask-length } ] 1-3

VLAN interface view, loopback interface view ip-address: IP address, in dotted decimal notation. mask: Subnet mask, in dotted decimal notation. mask-length: Subnet mask length, the number of consecutive ones in the mask. It is in the range of 0 to 32. Use the ip address command to specify an IP address and mask for a VLAN or loopback interface. Use the undo ip address command to remove an IP address and mask of a VLAN or loopback interface. By default, no IP address is configured for VLAN or loopback interface. A newly specified IP address overwrites the previous one if there is any. The IP address of a VLAN interface must not be in the same network segment as that of a loopback interface on a device. Related commands: display ip interface. # Assign the IP address 129.12.0.1 to VLAN interface 1 with subnet mask 255.255.255.0. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] interface Vlan-interface 1 [Sysname-Vlan-interface1] ip address 129.12.0.1 255.255.255.0 1-4

2 IP Performance Configuration Commands IP Performance Configuration Commands display fib display fib Use the display fib command to display all forwarding information base (FIB) information. # Display all FIB information. <Sysname> display fib Flag: U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static R:Reject E:Equal cost multi-path L:Generated by ARP or ESIS Destination/Mask Nexthop Flag TimeStamp Interface 10.153.17.0/24 10.153.17.99 U t[37] Vlan-interface1 10.153.18.88/32 127.0.0.1 GHU t[37] InLoopBack0 10.153.18.0/24 10.153.18.88 U t[37] LoopBack0 10.153.17.99/32 127.0.0.1 GHU t[37] InLoopBack0 127.0.0.0/8 127.0.0.1 U t[33] InLoopBack0 2-1

Table 2-1 on the fields of the display fib command Field Flag Destination/Mask Nexthop TimeStamp Interface Flags: U: A route is up and available. G: Gateway route H: Local host route B: Blackhole route D: Dynamic route S: Static route R: Rejected route E: Multi-path equal-cost route L: Route generated by ARP or ESIS Destination address/mask length Next hop address Timestamp Forwarding interface display fib ip-address display fib ip-address1 [ { mask1 mask-length1 } [ ip-address2 { mask2 mask-length2 } longer ] longer ] ip-address1, ip-address2: Destination IP addresses, in dotted decimal notation. ip-address1 and ip-address2 together define an address range. The FIB entries in this address range will be displayed. mask1, mask2: Subnet masks, in dotted decimal notation. mask-length1, mask-length2: Length of the subnet masks, the number of consecutive ones in the masks, in the range of 0 to 32. longer: Displays the FIB entries matching the specified address/mask and having masks longer than or equal to the specified mask. If no masks are specified, FIB entries that match the natural network address and have the masks longer than or equal to the natural mask will be displayed. Use the display fib ip-address command to view the FIB entries matching the specified destination IP address. If no mask or mask length is specified, the FIB entry that matches the destination IP address and has the longest mask will be displayed; if the mask is specified, the FIB entry that exactly matches the specified destination IP address and mask will be displayed. 2-2

# Display FIB entry information which matches destination 12.158.10.0 and has a mask length no less than eight. <Sysname> display fib 12.158.10.0 longer Route Entry Count: 1 Flag: U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static R:Reject E:Equal cost multi-path L:Generated by ARP or ESIS Destination/Mask Nexthop Flag TimeStamp Interface 12.158.10.0/24 12.158.10.1 U t[85391] Vlan-interface10 # Display FIB entry information which has a destination in the range of 12.158.10.0/24 to 12.158.10.6/24 and has a mask length of 24. <Sysname> display fib 12.158.10.0 255.255.255.0 12.158.10.6 255.255.255.0 Route Entry Count: 1 Flag: U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static R:Reject E:Equal cost multi-path L:Generated by ARP or ESIS Destination/Mask Nexthop Flag TimeStamp Interface 12.158.10.0/24 12.158.10.1 U t[85391] Vlan-interface10 For details about the displayed information, see Table 2-1. display fib acl display fib acl acl-number acl-number: Basic ACL number, in the range of 2000 to 2999. Use the display fib acl command to display the FIB entries matching a specific ACL. For ACL, refer to the part discussing ACL in this manual. # Configure and display ACL 2001. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] acl number 2001 [Sysname-acl-basic-2001] rule permit source 211.71.75.0 0.0.0.255 [Sysname-acl-basic-2001] display acl 2001 Basic ACL 2001, 1 rule Acl's step is 1 rule 0 permit source 211.71.75.0 0.0.0.255 2-3

# Display the FIB entries filtered by ACL 2001. <Sysname> display fib acl 2001 Route Entry matched by access-list 2001 Summary Counts :1 Flag: U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static R:Reject E:Equal cost multi-path L:Generated by ARP or ESIS Destination/Mask Nexthop Flag TimeStamp Interface 211.71.75.0/24 1.1.1.2 GSU t[250763] Vlan-interface2 For details about the displayed information, see Table 2-1. display fib display fib { begin exclude include } regular-expression : Uses a regular expression to match FIB entries. For detailed information about regular expression, refer to Configuration File Management Command. begin: Displays a specific FIB entry and all the FIB entries following it. The specific FIB entry is the first entry that matches the specified regular expression. exclude: Displays the FIB entries that do not match the specified regular expression. include: Displays the FIB entries that match the specified regular expression. regular-expression: A case-sensitive character string. Use the display fib command to display the FIB entries filtered by the specified regular expression. # Display the entries starting from the first one containing the string 169.254.0.0. <Sysname> display fib begin 169.254.0.0 169.254.0.0/16 2.1.1.1 U t[0] Vlan-interface1 2.0.0.0/16 2.1.1.1 U t[0] Vlan-interface1 For details about the displayed information, see Table 2-1. display fib statistics display fib statistics 2-4

Use the display fib statistics command to display the total number of FIB entries. # Display the total number of FIB entries. <Sysname> display fib statistics Route Entry Count : 8 display icmp statistics display icmp statistics Use the display icmp statistics command to display the statistics about ICMP packets. Related commands: display ip interface, reset ip statistics. # Display the statistics about ICMP packets. <Sysname> display icmp statistics Input: bad formats 0 bad checksum 0 echo 5 destination unreachable 0 source quench 0 redirects 0 echo reply 10 parameter problem 0 timestamp 0 information request 0 mask requests 0 mask replies 0 time exceeded 0 Output:echo 10 destination unreachable 0 source quench 0 redirects 0 echo reply 5 parameter problem 0 timestamp 0 information reply 0 mask requests 0 mask replies 0 time exceeded 0 2-5

Table 2-2 on the fields of the display icmp statistics command Input: Output: Field bad formats bad checksum echo destination unreachable source quench redirects echo reply parameter problem timestamp information request mask requests mask replies time exceeded echo destination unreachable source quench redirects echo reply parameter problem timestamp information reply mask requests mask replies time exceeded Number of received wrong format packets Number of received wrong checksum packets Number of received echo packets Number of received destination unreachable packets Number of received source quench packets Number of received redirection packets Number of received replies Number of received parameter problem packets Number of received time stamp packets Number of received information request packets Number of received mask requests Number of received mask replies Number of received expiration packets Number of sent echo packets Number of sent destination unreachable packets Number of sent source quench packets Number of sent redirection packets Number of sent replies Number of sent parameter problem packets Number of sent time stamp packets Number of sent information reply packets Number of sent mask requests Number of sent mask replies Number of sent expiration packets display ip socket display ip socket [ socktype sock-type ] [ task-id socket-id ] socktype sock-type: Displays the socket information of this type. The sock type is in the range 1 to 3, corresponding to TCP, UDP and raw IP respectively. 2-6

task-id: ID of a task, with the value ranging from 1 to 100. socket-id: ID of a socket, with the value ranging from 0 to 3072. Use the display ip socket command to display socket information. # Display the information about the socket of the TCP type. <Sysname> display ip socket socktype 1 SOCK_STREAM: Task = VTYD(18), socketid = 1, Proto = 6, LA = 0.0.0.0:23, FA = 0.0.0.0:0, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_ACCEPTCONN SO_KEEPALIVE SO_SENDVPNID SO_SETKEEPALIVE, socket state = SS_PRIV SS_ASYNC Task = VTYD(18), socketid = 2, Proto = 6, LA = 10.153.17.99:23, FA = 10.153.17.56:1161, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_KEEPALIVE SO_OOBINLINE SO_SENDVPNID SO_SETKEEPALIVE, socket state = SS_ISCONNECTED SS_PRIV SS_ASYNC Task = VTYD(18), socketid = 3, Proto = 6, LA = 10.153.17.99:23, FA = 10.153.17.82:1121, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_KEEPALIVE SO_OOBINLINE SO_SENDVPNID SO_SETKEEPALIVE, socket state = SS_ISCONNECTED SS_PRIV SS_ASYNC Table 2-3 on the fields of the display ip socket command Field SOCK_STREAM SOCK_DGRAM SOCK_RAW Task socketid Proto sndbuf rcvbuf sb_cc rb_cc socket option socket state Indicates the socket type is TCP Indicates the socket type is UDP Indicates the socket type is raw IP Task ID Socket ID Protocol number used by the socket Sending buffer size of the socket Receiving buffer size of the socket Current data size in the sending buffer. The value makes sense only for the socket of TCP type, because only TCP is able to cache data. Current data size in the receiving buffer Option of a socket State of a socket 2-7

display ip statistics display ip statistics Use the display ip statistics command to display the statistics about IP packets. Related commands: display ip interface, reset ip statistics. # Display the statistics about IP packets. <Sysname> display ip statistics Input: sum 7120 local 112 bad protocol 0 bad format 0 bad checksum 0 bad options 0 Output: forwarding 0 local 27 dropped 0 no route 2 compress fails 0 Fragment:input 0 output 0 dropped 0 fragmented 0 couldn't fragment 0 Reassembling:sum 0 timeouts 0 Table 2-4 on the fields of the display ip statistics command Input: Field sum local bad protocol bad format bad checksum bad options Total number of packets received Total number of packets with destination being local Total number of unknown protocol packets. Unknown protocol packets are destined to the local device, but the upper layer protocol specified in their IP header cannot be processed by the device. (For example, if a switch is not enabled with the Layer 3 multicast function, it considers IGMP packets as unknown protocol packets.) Total number of packets with incorrect header format that contains a wrong version, or has a header length less than 20 bytes. Total number of packets with incorrect checksum Total number of packets with incorrect option 2-8

Output: Fragment: Reassembling: Field forwarding local dropped no route compress fails input output dropped fragmented couldn't fragment sum timeouts Total number of IP packets forwarded by the local device Total number of IP packets initiated from the local device Total number of IP packets discarded Total number of IP packets for which no route is available Total number of IP packets failed to compress Total number of fragments received Total number of fragments sent Total number of fragments discarded Total number of IP packets successfully fragmented Total number of IP packets that cannot be fragmented Total number of IP packets reassembled Total number of reassembly timeout IP packets display tcp statistics display tcp statistics Use the display tcp statistics command to display the statistics about TCP packets. Related commands: display tcp status, reset tcp statistics. # Display the statistics about TCP connections. <Sysname> display tcp statistics Received packets: Total: 753 packets in sequence: 412 (11032 bytes) window probe packets: 0, window update packets: 0 checksum error: 0, offset error: 0, short error: 0 duplicate packets: 4 (88 bytes), partially duplicate packets: 5 (7 bytes) out-of-order packets: 0 (0 bytes) packets of data after window: 0 (0 bytes) 2-9

packets received after close: 0 ACK packets: 481 (8776 bytes) duplicate ACK packets: 7, too much ACK packets: 0 Sent packets: Total: 665 urgent packets: 0 control packets: 5 (including 1 RST) window probe packets: 0, window update packets: 2 data packets: 618 (8770 bytes) data packets retransmitted: 0 (0 bytes) ACK-only packets: 40 (28 delayed) Retransmitted timeout: 0, connections dropped in retransmitted timeout: 0 Keepalive timeout: 0, keepalive probe: 0, Keepalive timeout, so connections disconnected : 0 Initiated connections: 0, accepted connections: 0, established connections: 0 Closed connections: 0 (dropped: 0, initiated dropped: 0) Packets dropped with MD5 authentication: 0 Packets permitted with MD5 authentication: 0 Table 2-5 on the fields of the display tcp statistics command Received packets: Field Total packets in sequence window probe packets window update packets checksum error offset error short error duplicate packets partially duplicate packets out-of-order packets packets of data after window packets received after close ACK packets duplicate ACK packets too much ACK packets Total number of packets received Number of packets arriving in sequence Number of window probe packets received Number of window update packets received Number of checksum error packets received Number of offset error packets received Number of received packets with length being too small Number of completely duplicate packets received Number of partially duplicate packets received Number of out-of-order packets received Number of packets outside the receiving window Number of packets that arrived after connection is closed Number of ACK packets received Number of duplicate ACK packets received Number of ACK packets for data unsent 2-10

Sent packets: Field Total urgent packets control packets window probe packets window update packets data packets data packets retransmitted ACK-only packets: 40 Total number of packets sent Number of urgent packets sent Number of control packets sent; in brackets are retransmitted packets Number of window probe packets sent; in the brackets are resent packets Number of window update packets sent Number of data packets sent Number of data packets retransmitted Number of ACK packets sent; in brackets are delayed ACK packets Retransmitted timeout connections dropped in retransmitted timeout Keepalive timeout keepalive probe Keepalive timeout, so connections disconnected Initiated connections accepted connections established connections Closed connections Packets dropped with MD5 authentication Packets permitted with MD5 authentication Number of retransmission timer timeouts Number of connections broken due to retransmission timeouts Number of keepalive timer timeouts Number of keepalive probe packets sent Number of connections broken due to keepalive probe failures Number of connections initiated Number of connections accepted Number of connections established Number of connections closed; in brackets are connections closed accidentally (before receiving SYN from the peer) and connections closed initiatively (after receiving SYN from the peer) Number of packets dropped with MD5 authentication Number of packets permitted with MD5 authentication display tcp status display tcp status 2-11

Use the display tcp status command to display the state of all the TCP connections so that you can monitor TCP connections in real time. # Display the state of all the TCP connections. <Sysname> display tcp status *: TCP MD5 Connection TCPCB Local Add:port Foreign Add:port State 03e37dc4 0.0.0.0:4001 0.0.0.0:0 Listening 04217174 100.0.0.204:23 100.0.0.253:65508 Established Table 2-6 on the fields of the display tcp status command Field * TCPCB Local Add:port Foreign Add:port State If there is an asterisk before a connection, it means that the TCP connection is authenticated through the MD5 algorithm. TCP control block Local IP address and port number Remote IP address and port number State of the TCP connection display udp statistics display udp statistics Use the display udp statistics command to display the statistics about UDP packets. Related commands: reset udp statistics. # Display the statistics about UDP packets. <Sysname> display udp statistics Received packets: Total: 26320 checksum error: 0 shorter than header: 0, data length larger than packet: 0 no socket on port: 0 2-12

total broadcast or multicast packets : 25006 no socket broadcast or multicast packets: 24989 not delivered, input socket full: 0 input packets missing pcb cache: 1314 Sent packets: Total: 7187 Table 2-7 on the fields of the display udp statistics command Received packets: Sent packets: Total Field checksum error shorter than header data length larger than packet no socket on port total broadcast or multicast packets no socket broadcast or multicast packets not delivered, input socket full input packets missing pcb cache Total Total number of received UDP packets Total number of packets with incorrect checksum Number of packets with data shorter than header Number of packets with data longer than packet Number of unicast packets with no socket on port Total number of received broadcast or multicast packets Total number of broadcast or multicast packets without socket on port Number of not delivered packets due to a full socket cache Number of packets without matching PCB cache Total number of UDP packets sent icmp redirect send icmp redirect send undo icmp redirect send System view Use the icmp redirect send command to enable the device to send ICMP redirection packets. Use the undo icmp redirect send command to disable the device from sending ICMP redirection packets. By default, the device is enabled to send ICMP redirection packets. 2-13

# Disable the device from sending ICMP redirection packets. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] undo icmp redirect send icmp unreach send icmp unreach send undo icmp unreach send System view Use the icmp unreach send command to enable the device to send ICMP destination unreachable packets. After enabled with this feature, the switch, upon receiving a packet with an unreachable destination, discards the packet and then sends a destination unreachable packet to the source host. Use the undo icmp unreach send command to disable the device from sending ICMP destination unreachable packets. By default, the device is enabled to send ICMP destination unreachable packets. # Disable the device from sending ICMP destination unreachable packets. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] undo icmp unreach send reset ip statistics reset ip statistics User view 2-14

Use the reset ip statistics command to clear the statistics about IP packets. You can use the display ip statistics command to view the current IP packet statistics. Related commands: display ip interface. # Clear the statistics about IP packets. <Sysname> reset ip statistics reset tcp statistics reset tcp statistics User view Use the reset tcp statistics command to clear the statistics about TCP packets. You can use the display tcp statistics command to view the current TCP packet statistics. # Clear the statistics about TCP packets. <Sysname> reset tcp statistics reset udp statistics reset udp statistics User view Use the reset udp statistics command to clear the statistics about UDP packets. You can use the display udp statistics command to view the current UDP packet statistics. # Clear the statistics about UDP packets. <Sysname> reset udp statistics 2-15

tcp timer fin-timeout tcp timer fin-timeout time-value undo tcp timer fin-timeout System view time-value: TCP finwait timer, in seconds, with the value ranging from 76 to 3600. Use the tcp timer fin-timeout command to configure the TCP finwait timer. Use the undo tcp timer fin-timeout command to restore the default value of the TCP finwait timer. By default, the value of the TCP finwait timer is 675 seconds. When the TCP connection state changes from FIN_WAIT_1 to FIN_WAIT_2, the finwait timer is enabled. If the switch does not receive FIN packets before finwait timer times out, the TCP connection will be terminated. Related commands: tcp timer syn-timeout, tcp window. # Configure the value of the TCP finwait timer to 800 seconds. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] tcp timer fin-timeout 800 tcp timer syn-timeout tcp timer syn-timeout time-value undo tcp timer syn-timeout System view time-value: TCP synwait timer, in seconds, with the value ranging from 2 to 600. Use the tcp timer syn-timeout command to configure the TCP synwait timer. Use the undo tcp timer syn-timeout command to restore the default value of the TCP synwait timer. By default, the value of the TCP synwait timer is 75 seconds. 2-16

When sending the SYN packet, TCP starts the synwait timer. If the response packet is not received before synwait times out, the TCP connection will be terminated. Related commands: tcp timer fin-timeout, tcp window. # Configure the value of the TCP synwait timer to 80 seconds. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] tcp timer syn-timeout 80 tcp window tcp window window-size undo tcp window System view window-size: Size of the transmission and receiving buffers of the connection-oriented socket, measured in kilobytes (KB), in the range of 1 to 32. Use the tcp window command to configure the size of the transmission and receiving buffers of the connection-oriented socket. Use the undo tcp window command to restore the default size of the transmission and receiving buffers of the connection-oriented socket. By default, the size of the transmission and receiving buffers is 8 KB. Related commands: tcp timer fin-timeout, tcp timer syn-timeout. # Configure the size of the transmission and receiving buffers of the connection-oriented socket to 3 KB. <Sysname> system-view System : return to User with Ctrl+Z. [Sysname] tcp window 3 2-17

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback