display ipsec statistics
Use display ipsec statistics to display IPsec packet statistics.
Syntax
display ipsec statistics [ tunnel-id tunnel-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
tunnel-id tunnel-id: Specifies an IPsec tunnel by its ID. The value range for the tunnel-id argument is 0 to 4294967295. You can use the display ipsec tunnel brief command to view the IDs of established IPsec tunnels.
Usage guidelines
If you do not specify any parameters, this command displays statistics for all IPsec packets.
Examples
# Display statistics for all IPsec packets.
<Sysname> display ipsec statistics
IPsec packet statistics:
Received/sent packets: 47/64
Received/sent bytes: 3948/5208
Dropped packets (received/sent): 0/45
Dropped packets statistics
No available SA: 0
Wrong SA: 0
Invalid length: 0
Authentication failure: 0
Encapsulation failure: 0
Decapsulation failure: 0
Replayed packets: 0
ACL check failure: 45
MTU check failure: 0
Loopback limit exceeded: 0
Crypto speed limit exceeded: 0
# Display statistics for the packets of IPsec tunnel 1.
<Sysname> display ipsec statistics tunnel-id 1
IPsec packet statistics:
Received/sent packets: 5124/8231
Received/sent bytes: 52348/64356
Dropped packets (received/sent): 0/0
Dropped packets statistics
No available SA: 0
Wrong SA: 0
Invalid length: 0
Authentication failure: 0
Encapsulation failure: 0
Decapsulation failure: 0
Replayed packets: 0
ACL check failure: 0
MTU check failure: 0
Loopback limit exceeded: 0
Crypto speed limit exceeded: 0
Table 43: Command output
Field | Description |
|---|---|
Received/sent packets | Number of received/sent IPsec-protected packets. |
Received/sent bytes | Number of bytes of received/sent IPsec-protected packets. |
Dropped packets (received/sent) | Number of dropped IPsec-protected packets (received/sent). |
No available SA | Number of packets dropped due to lack of available IPsec SA. |
Wrong SA | Number of packets dropped due to wrong IPsec SA. |
Invalid length | Number of packets dropped due to invalid packet length. |
Authentication failure | Number of packets dropped due to authentication failure. |
Encapsulation failure | Number of packets dropped due to encapsulation failure. |
Decapsulation failure | Number of packets dropped due to decapsulation failure. |
Replayed packets | Number of dropped replayed packets. |
ACL check failure | Number of packets dropped due to ACL check failure. |
MTU check failure | Number of packets dropped due to MTU check failure. |
Loopback limit exceeded | Number of packets dropped due to loopback limit exceeded. |
Crypto speed limit exceeded | Number of packets dropped due to crypto speed limit exceeded. |
Related commands
reset ipsec statistics