H3C Technologies H3C SecPath F1000-E User Manual
Page 385
360
Step Command
Remarks
3.
Configure the maximum
number of ECMP routes.
maximum load-balancing number
Optional.
By default, the maximum number of
ECMP routes depends on the
device model, as shown in the
following table.
All firewalls support the maximum load-balancing number command, and the number argument has
different default values:
Item F1000-A-EI/E-SI/S-AI
F1000-E
F5000-A5 Firewall
module
Default value
8
8
16
8
Enabling zero field check on incoming RIPv1 messages
Some fields in the RIPv1 message must be zero. These fields are called "zero fields". You can enable zero
field check on received RIPv1 messages. If such a field contains a non-zero value, the RIPv1 message will
not be processed. If you are sure that all messages are trusty, disable zero field check to save CPU
resources.
This feature does not apply to RIPv2 packets that have no zero fields.
To enable zero field check on incoming RIPv1 messages:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter RIP view.
rip [ process-id ] [ vpn-instance
vpn-instance-name ]
N/A
3.
Enable zero field check on
received RIPv1 messages.
checkzero
Optional.
Enabled by default.
Enabling source IP address check on incoming RIP updates
You can enable source IP address check on incoming RIP updates.
For a message received on an Ethernet interface, RIP compares the source IP address of the message with
the IP address of the interface. If they are not in the same network segment, RIP discards the message.
For a message received on a serial interface, RIP checks whether the source address of the message is the
IP address of the peer interface. If not, RIP discards the message.
To enable source IP address check on incoming RIP updates:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter RIP view.
rip [ process-id ] [ vpn-instance
vpn-instance-name ]
N/A
3.
Enable source IP address
check on incoming RIP
messages.
validate-source-address
Optional.
Enabled by default.