The ike heartbeat command sets heartbeat parameters.
The undo ike heartbeat command restores the default configuration.
By default, a heartbeat packet uses old type sequence number mechanism and does not carry the SPI list.
Parameter |
Description |
Value |
|---|---|---|
| seq-num { new | old } | Configures the sequence number mechanism for heartbeat packets.
|
- |
| spi-list | Configures heartbeat packets to carry the SPI list. |
- |
Usage Scenario
In IPSec communication, if the local end becomes faulty and the remote end does not detect the fault because of system failures, the remote end still sends IPSec packets to the local end, causing traffic loss. Heartbeat detection solves this problem. After heartbeat detection is enabled, the local end periodically sends detection packets to the remote end. If the remote end does not receive packets after the heartbeat timer expires, the remote end considers the local end faulty. IKE can send heartbeat packets to detect IKE peer faults and maintain the IKE SA link status.
Precautions
The two ends must use the same heartbeat parameters.
If you run the ike heartbeat { seq-num { new | old } | spi-list } command multiple times, only the latest configuration takes effect.