< Home

sequence enable

Function

The sequence enable command enables the E-Trunk sequence number check function.

The undo sequence enable command disables the E-Trunk sequence number check function.

By default, the E-Trunk sequence number check function is disabled.

Only the S5720-EI, S5720-HI, S5720I-SI, S5720S-SI, S5720-SI, S5735-S, S5735S-S, S5735-S-I, S5730-HI, S5730S-EI, S5730-SI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720-LI, S6720S-EI, S6720S-LI, S6720S-SI, S6720-SI, S6730-H, S6730S-H, S6730-S, and S6730S-S support this command.

Format

sequence enable

undo sequence enable

Parameters

None

Views

E-Trunk view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

If the master device in an E-Trunk fails, an attacker can obtain the E-Trunk packet sent by the master device and attack the backup device, causing service interruptions. To resolve this problem, run the sequence enable command to enable the E-Trunk sequence number check function.

Configuration Impact

After the E-Trunk sequence number check function is enabled, the E-Trunk sequence number of packets is checked to protect against attacks and enhance E-Trunk security.

Precautions

The sequence enable command must be run on both the master and backup devices in an E-Trunk. Otherwise, the E-Trunk sequence number check function fails, causing dual master devices in the E-Trunk.

Example

# Enable the E-Trunk sequence number check function on E-Trunk 1.

<HUAWEI> system-view
[HUAWEI] e-trunk 1
[HUAWEI-e-trunk-1] sequence enable
Parent Topic: Link Aggregation Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >