Configuring zero field check on ripng packets, Configuring the maximum number of ecmp routes, Applying ipsec policies for ripng – H3C Technologies H3C SecPath F1000-E User Manual

743

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter interface view.

interface interface-type
interface-number

N/A

3.

Enable the poison reverse
function.

ripng poison-reverse

Disabled by default.

Configuring zero field check on RIPng packets

Some fields in the RIPng packet must be zero, which are called "zero fields". With zero field check on
RIPng packets enabled, if such a field contains a non-zero value, the entire RIPng packet will be

discarded. If you are sure that all packets are reliable, disable the zero field check to reduce the CPU

processing time.
To configure RIPng zero field check:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter RIPng view.

ripng [ process-id ]

N/A

3.

Enable the zero field check.

checkzero

Optional.
Enabled by default.

Configuring the maximum number of ECMP routes

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter RIPng view.

ripng [ process-id ]

N/A

3.

Configure the maximum
number of ECMP routes for

load balancing.

maximum load-balancing number

Optional.
8 by default.

Applying IPsec policies for RIPng

To protect routing information and defend attacks, RIPng supports using an IPsec policy to authenticate
protocol packets.
Outbound RIPng packets carry the Security Parameter Index (SPI) defined in the relevant IPsec policy. A

device uses the SPI carried in a received packet to match against the configured IPsec policy. If they

match, the device accepts the packet; otherwise, it discards the packet and will not establish a neighbor
relationship with the sending device.
You can configure an IPsec policy for a RIPng process or interface. The IPsec policy configured for a

process applies to all packets in the process. The IPsec policy configured on an interface applies to