accept-tolerance
Use accept-tolerance to set a tolerance time for accept keys in a keychain.
Use undo accept-tolerance to restore the default.
Syntax
accept-tolerance { value | infinite }
undo accept-tolerance
Default
No tolerance time is configured for accept keys in a keychain.
Views
Keychain view
Predefined user roles
network-admin
mdc-admin
Parameters
value: Specifies a tolerance time in the range of 1 to 8640000 seconds.
infinite: Specifies that the accept keys never expires.
Usage guidelines
After a tolerance time is configured, the start time and the end time configured in the accept-lifetime utc command are extended for the period of the tolerance time.
If authentication information is changed, information mismatch occurs on the local and peer devices, and the service might be interrupted. Use this command to ensure continuous packet authentication.
Examples
# Set the tolerance time to 100 seconds for accept keys in keychain abc.
<Sysname> system-view [Sysname] keychain abc mode absolute [Sysname-keychain-abc] accept-tolerance 100
# Configure the accept keys in keychain abc to never expire.
<Sysname> system-view [Sysname] keychain abc mode absolute [Sysname-keychain-abc] accept-tolerance infinite