R0106-HP MSR Router Series Security Configuration Guide(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR4060 Router Chassis

391

392

393

394

395

396

397

398

399

400

381

• Time-based logging—The device outputs session logs at an interval.

• Traffic-based logging—The device outputs a session log when the traffic amount of a session

reaches a threshold. After outputting a session log, the device resets the traffic counter for the

session. The traffic-based thresholds can be byte-based and packet-based. If you set both thresholds,

the last configuration takes effect.

If you set both time-based and traffic-based logging, the device outputs a session log when whichever is

reached. After outputting a session log, the device resets the traffic counter and restarts the interval for the

session.

If you enable session logging but specify neither the traffic-based nor the time-based type, the device

outputs a session log when a session entry is created or removed.

To configure session logging:

Ste

Command

Remarks

1. Enter system view.

system-view

N/A

2. (Optional.) Set a

time-based logging type.

session log time-active time-value

By default, the device does not

output session logs.

3. (Optional.) Set a

traffic-based logging

type.

• Set the packet-based threshold:

session log packets-active packets-value

• Set the byte-based threshold:

session log bytes-active bytes-value

The device does not output

session logs based on the

packet-based or byte-based

threshold.

4. Enter interface view.

interface interface-type interface-number N/A

5. Enable session logging.

session log enable { ipv4 | ipv6 } [ acl

acl-number ] { inbound | outbound }

By default, session logging is

disabled.

NOTE:

Support for the session log packets-active and session log bytes-active commands depends on your

device model.

Displaying and maintaining session management

Execute display commands in any view and reset commands in user view.

Task Command

Display the aging time for sessions of

different application layer protocols.

display session aging-time application

Display the aging time for sessions in

different protocol states.

display session aging-time state

Display session table entries

(MSR2000/MSR3000).

display session table { ipv4 | ipv6 } [ source-ip source-ip ]

[ destination-ip destination-ip ] [ verbose ]

Display session table entries (MSR4000).

display session table { ipv4 | ipv6 } [ slot slot-number ]

[ source-ip source-ip ] [ destination-ip destination-ip ] [ verbose ]

Display session statistics

(MSR2000/MSR3000).

display session statistics