Table 58, Showing ipsec statistics – Brocade Communications Systems Layer 3 Routing Configuration ICX 6650 User Manual

Page 294

Advertising
background image

276

Brocade ICX 6650 Layer 3 Routing Configuration Guide

53-1002603-01

Displaying OSPF V3 Information

Showing IPsec statistics

The show ipsec statistics command displays the error and other counters for IPsec, as this example
shows.

Source

The source address consists of the IPv6 prefix and the TCP or UDP port
identifier.

Destination

The destination address consists of the IPv6 prefix. Certain logical elements
have a bearing on the meaning of the destination address and its format, as
follows:
For IPsec on an interface or area, the destination address is shown as a prefix
of 0xFE80 (link local). The solitary “::” (no prefix) indicates a “do not-care”
situation because the connection is multicast. In this case, the security policy
is enforced without regard for the destination address.
For a virtual link (SPDID = 0), the address is required.

TABLE 58

SA used by the policy

Field

Description

SA

This heading points at the SA-related headings for information used by the
security policy. Thereafter, on each line of this part of the IPsec entry (which
alternates with lines of policy information

Table 57

), “SA:” points at the fields

under those SA-related headings. The remainder of this table describes each
of the SA-related items.

SPDID

The Security policy database identifier (SPDID) consists of interface type and
Interface ID.

Dir

The Dir field is either ‘in” for inbound or “out” for outbound.

Encap

The type of encapsulation in the current release is ESP.

SPI

Security parameter index.

Destination

The IPv6 address of the destination endpoint. From the standpoint of the near
interface and the area, the destination is not relevant and therefore appears
as ::/0:any.
For a virtual link, both the inbound and outbound destination addresses are
relevant.

TABLE 57

IPsec policy information (Continued)

Field

Description

Brocade#show ipsec statistics

IPSecurity Statistics

secEspCurrentInboundSAs 1 ipsecEspTotalInboundSAs: 2

secEspCurrentOutboundSA 1 ipsecEspTotalOutboundSAs: 2

IPSecurity Packet Statistics

secEspTotalInPkts: 19 ipsecEspTotalInPktsDrop: 0

secEspTotalOutPkts: 83

IPSecurity Error Statistics

secAuthenticationErrors 0

secReplayErrors: 0 ipsecPolicyErrors: 13

secOtherReceiveErrors: 0 ipsecSendErrors: 0

secAuthenticationErrors 0

secReplayErrors: 0 ipsecPolicyErrors: 13

secOtherReceiveErrors: 0 ipsecSendErrors: 0

secUnknownSpiErrors: 0

Advertising
Popular Brands
Popular manuals