ipsec redundancy enable
Use ipsec redundancy enable to enable IPsec redundancy.
Use undo ipsec redundancy enable to disable IPsec redundancy.
Syntax
ipsec redundancy enable
undo ipsec redundancy enable
Default
IPsec redundancy is disabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
With IPsec redundancy enabled, the system synchronizes the following information from the active device to the standby device at configurable intervals:
Lower bound values of the IPsec anti-replay window for inbound packets.
IPsec anti-replay sequence numbers for outbound packets.
The synchronization ensures uninterrupted IPsec traffic forwarding and anti-replay protection when the active device fails.
To configure synchronization intervals, use the redundancy replay-interval command.
Examples
# Enable IPsec redundancy.
<Sysname> system-view [Sysname] ipsec redundancy enable
Related commands
redundancy replay-interval