tcp ao

Function

The tcp ao command creates a TCP-AO and displays the TCP-AO view, or directly displays the TCP-AO view if a TCP-AO has been created.

The undo tcp ao command deletes a TCP-AO.

By default, no TCP-AO is configured.

Format

tcp ao tcpaoname

undo tcp ao tcpaoname

Parameters

Parameter Description Value
tcpaoname

Specifies a TCP-AO name.

The value is a string of 1 to 47 case-sensitive characters without spaces.

Views

System view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
ip-stack write

Usage Guidelines

Usage Scenario

TCP-AO authentication is used to authenticate packets sent and received during TCP session establishment and data exchange. It supports packet integrity check to prevent TCP packet replay.

  • The TCP-AO authentication option uses the key derivation function (KDF)/MAC dual encryption, and both encryption methods can use the more advanced HMAC-SHA256 algorithm.
  • TCP-AO authentication covers not only IP addresses, TCP headers, and data payloads, but also TCP options.

Example

# Delete a TCP-AO.
<HUAWEI> system-view
[~HUAWEI] undo tcp ao exampleAO
# Create a TCP-AO and enter the TCP-AO view.
<HUAWEI> system-view
[~HUAWEI] tcp ao exampleAO
[*HUAWEI-tcp-ao-exampleAO]
Parent Topic: TCP-AO Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic