 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
Secure Neighbor Discovery supports several timestamp options, which are used to ensure that unsolicited solicitation and redirect messages are not being replayed. To configure timestamp parameters, include the following statements:
- protocols {
-
-
neighbor-discovery {
-
-
secure {
-
-
timestamp {
- new-peer-window seconds;
- known-peer-window seconds;
- clock-drift value;
- }
- }
- }
- }
Use the new-peer-window seconds statement to specify the maximum allowable difference in the amount of time between the timestamp of a SEND message from a new peer and when it can be accepted. The default is 300 seconds.
Use the known-peer-window seconds statement to specify the expected interval between subsequent incoming SEND messages. The default is 1 second. A message from a known peer that arrives after the specified interval is discarded.
Use the clock drift value statement to specify a fractional value of 100 for the allowable drift in time between the synchronization of peers. The default is 0.01, or 1 percent.
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |