496
Views
GDOI KS group view
Default command level
2: System level
Parameters
seconds
number-of-seconds
: Specifies a time-based lifetime for KEKs, in the range of 300 to 86400
seconds.
Usage guidelines
The TEK lifetime is the IPsec SA lifetime, which is determined by the IPsec SA lifetime configured in
the IPsec profile.
Examples
# Configure the KEK lifetime as 3600 seconds for the GDOI KS group
abc
.
<Sysname> system-view
[Sysname]gdoi ks group abc
[Sysname-gdoi-ks-group-abc] rekey lifetime seconds 3600
Related commands
gdoi ks group
rekey retransmit
Use
rekey retransmit
to specify the interval between rekey retransmissions and the maximum
number of retransmissions.
Syntax
rekey retransmit
{
interval
interval
|
number
number
} *
undo rekey retransmit
[
interval
|
number
]
Default
The retransmission interval is 10 seconds, and the maximum number of retransmissions is 2.
Views
GDOI KS group view
Default command level
2: System level
Parameters
interval
interval
: Specifies the rekey retransmission interval in the range of 10 to 60 seconds. The
default interval is 10 seconds.
number
number
: Specifies the maximum number of rekey retransmissions, in the range of 1 to 10.
The default value is 2.
Examples
# Specify the rekey retransmission interval as 30 seconds and the maximum number of
retransmissions as 3 for the GDOI KS group
abc
.
<Sysname> system-view
[Sysname] gdoi ks group abc
[Sysname-gdoi-ks-group-abc] rekey retransmit 30 number 3
