Login
- Table of Contents
-
- 09-Security Command Reference
- 00-Preface
- 01-AAA commands
- 02-802.1X commands
- 03-MAC authentication commands
- 04-Portal commands
- 05-Web authentication commands
- 06-Port security commands
- 07-User profile commands
- 08-Password control commands
- 09-Keychain commands
- 10-Public key management commands
- 11-PKI commands
- 12-IPsec commands
- 13-SSH commands
- 14-SSL commands
- 15-TCP attack prevention commands
- 16-IP source guard commands
- 17-ARP attack protection commands
- 18-ND attack defense commands
- 19-SAVI commands
- 20-MFF commands
- 21-Crypto engine commands
- 22-FIPS commands
- 23-802.1X client commands
- 24-Attack detection and prevention commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 19-SAVI commands | 47.65 KB |
SAVI commands
ipv6 savi down-delay
Use ipv6 savi down-delay to set the entry deletion delay.
Use undo ipv6 savi down-delay to restore the default.
Syntax
ipv6 savi down-delay delay-time
undo ipv6 savi down-delay
Default
The entry deletion delay is 30 seconds.
Views
System view
Predefined user roles
network-admin
Parameters
delay-time: Specifies the entry deletion delay in the range of 0 to 21474836 seconds.
Usage guidelines
The entry deletion delay is the period of time that the device waits before deleting the DHCPv6 snooping entries and ND snooping entries for a down port.
Examples
# Set the entry deletion delay to 100 seconds.
<Sysname> system-view
[Sysname] ipv6 savi down-delay 100
ipv6 savi log enable
Use ipv6 savi log enable to enable filtering entry logging.
Use undo ipv6 savi log enable to disable filtering entry logging.
Syntax
ipv6 savi log enable filter-entry
undo ipv6 savi log enable filter-entry
|
|
IMPORTANT: This command is supported only by Release 1107 and later. |
Default
Filtering entry logging is disabled.
Views
System view
Predefined user roles
network-admin
Parameters
filter-entry: Specifies filtering entry logging.
Usage guidelines
Filtering entries are effective bindings used for filtering IPv6 packets by the source IPv6 address. Filtering entry logging enables the device to generate log messages for filtering entries. A log message contains the IPv6 address, MAC address, VLAN, and interface of a filtering entry.
The device sends filtering entry log messages to the information center. With the information center, you can set log message filtering and output rules, including output destinations. For more information about using the information center, see Network Management and Monitoring Configuration Guide.
Examples
# Enable filtering entry logging.
<Sysname> system-view
[Sysname] ipv6 savi log enable filter-entry
ipv6 savi strict
Use ipv6 savi strict to enable Source Address Validation Improvement (SAVI).
Use undo ipv6 savi strict to disable SAVI.
Syntax
ipv6 savi strict
undo ipv6 savi strict
Default
SAVI is disabled.
Views
System view
Predefined user roles
network-admin
Examples
# Enable SAVI.
<Sysname> system-view
[Sysname] ipv6 savi strict
Related commands
ipv6 verify source
