R3303-HP HSR6800 Routers Security Configuration Guide
69
Task Remarks
GDOI KS redundancy can be used to achieve KS high availability
and load sharing. The following describes GDOI KS redundancy
settings:
• UDP port number—Specifies the UDP port
number that a GDOI KS uses to send and
receive redundancy protocol packets to and
from other KSs. All KSs in the same GDOI KS
group must use the same UDP port number.
• Peer address—Specifies the IP address of a
peer KS.
• Local priority—Specifies the priority of the
local KS for primary KS election. A greater
value indicates a higher priority. If multiple KSs
have the same priority, the KS with the highest
IP address is elected as the primary KS.
• Redundancy enable—Enables GDOI KS
redundancy.
• Redundancy hello—Configures the following
settings:
{ Redundancy hello packet sending interval
for the primary KS.
{ Maximum number of consecutive failures
allowed in receiving redundancy hello
packets before the secondary KS
considers itself to be disconnected from
the primary KS.
Configure the redundancy hello parameters
reasonably to make the secondary KS timely
know the primary KS keepalive status.
• Redundancy retransmit—Specifies
redundancy protocol packet (expect hello
packet) retransmission interval and the number
of retransmissions.
Follow these guidelines when you configure GDOI
KS redundancy:
• The KSs for KS redundancy must have the same
KS group configuration expect peer IP address,
local priority, and source address of outgoing
KS packets.
• In a GDOI KS group, you must specify the IP
addresses of all peer KSs that back up the local
KS.
• The IP address of a peer KS specified on the
local KS must be the same as the source
address that the peer KS uses to send
redundancy protocol packets.
To configure GDOI KS redundancy:
Ste
p
Command
3. Enter system view.
s
y
stem-vie
w
Required.