tfc enable

Use tfc enable to enable Traffic Flow Confidentiality (TFC) padding.

Use undo tfc enable to disable TFC padding.

Syntax

tfc enable

undo tfc enable

Default

TFC padding is disabled.

Views

IPsec policy view

IPsec policy template view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

TFC padding can hide the length of the original packet, and might affect the packet encapsulation and de-encapsulation performance. This feature takes effect on UDP packets encapsulated by ESP in transport mode and on original IP packets encapsulated by ESP in tunnel mode.

Examples

# Enable TFC padding for IPsec policy policy1.

<Sysname> system-view
[Sysname] ipsec policy policy1 10 isakmp
[Sysname-ipsec-policy-isakmp-policy1-10] tfc enable

Related commands

display ipsec ipv6-policy

display ipsec policy