< Home

tcp-kind

Function

The tcp-kind command specifies the option type in the TCP enhanced authentication option.

The undo tcp-kind command restores the default TCP kind value.

By default, the default kind value is 254.

Format

tcp-kind kind-value

undo tcp-kind

Parameters

Parameter Description Value
kind-value Specifies the TCP kind value to be used for that keychain. The value ranges from 28 to 255.

Views

Keychain view

Default Level

2: Configuration Level

Usage Guidelines

Usage Scenario

A keychain ensures secure protocol packet transmission by dynamically changing the authentication algorithm and key string. Packets to be transmitted over non-TCP and TCP connections are authenticated using authentication and encryption algorithms and key string corresponding to a key. The TCP connection needs to be authenticated to enhance security.

TCP connection request packets carry enhanced authentication options and are authenticated by a specified authentication algorithm. Different vendors use different kind values to specify the enhanced authentication option. Kind values configured for the communicating parties must be the same.

Follow-up Procedure

After configuring the same TCP kind value for the communicating parties, run the tcp-algorithm-id command to specify TCP algorithm IDs for the communicating parties.

Precautions

Communicating parties using the keychain authentication must establish a TCP connection when configuring the kind value. Otherwise, the TCP authentication does not take effect.

If TCP connection request packets carry enhanced authentication options, the kind value must be specified in the packets.

Example

# Configure the TCP kind value as 252 for the keychain huawei.

<HUAWEI> system-view
[HUAWEI] keychain huawei mode absolute
[HUAWEI-keychain-huawei] tcp-kind 252
Parent Topic: Keychain Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >