Cisco Cisco ASR 5700
ACS Configuration Mode Commands
▀ p2p-detection attribute
▄ Command Line Interface Reference, StarOS Release 17
520
p2p-detection attribute
This command enables or disables the detection of SSL renegotiation flows.
Product
ADC
Privilege
Security Administrator, Administrator
Mode
Exec > ACS Configuration
active-charging service service_name
Entering the above command sequence results in the following prompt:
[local]host_name(config-acs)#
Syntax
[ no ] p2p-detection attribute { attribute_list [ sub_attribute_name sub_attribute_value
] }
] }
no
If previously enabled, disables detection of SSL renegotiation flows.
attribute_list
List of configurable P2P detection attributes populated from the currently loaded P2P plugin.
Supported attribute:
Supported attribute:
ssl-renegotiation
sub_attribute_name
List of configurable P2P detection sub-attributes related to the attribute selected from the attribute list. This
list is populated from the currently loaded P2P plugin.
Supported sub-attributes if selected attribute is
list is populated from the currently loaded P2P plugin.
Supported sub-attributes if selected attribute is
ssl-renegotiation
:
max-entry-per-sessmgr
: Specifies maximum SSL Session IDs tracked per session manager.
id-reduce-factor
: Specifies by how much factor the SSL ID is stored in the SSL Session ID tracker
table. Possible values are 1, 2, 4.
sub_attribute_value
Value of the selected sub-attribute. If sub-attribute is not specified, the default value set in the P2P plugin will
be used.
The value for
be used.
The value for
max-entry-per-sessmgr
must be an integer from 1 through 65535. Default: 20000
Possible values for
id-reduce-factor
are 1,2,4. Default: 4
Usage
Use this command to enable or disable the detection of SSL renegotiation flows.
Example
The following command enables SSL renegotiation with SSL session IDs as
40000
and factor as
4
: