IPsec statistics displayΒΆ

The IPsec module maintains statistics that can be displayed using the following command:

router{}show ipsec stats [static|ike]
static
List the statistics for static security associations
ike
List the statistics for ike negociated security associations

All security association statistics will be displayed by default.

Example

router{}show ipsec stats
10.53.7.207 10.53.7.107
        ah spi 223672829(0x0d54f9fd) reqid 16413 tunnel
        seq 0x00000009 replay-window 4 flags (0x00000100)
        A:md5 658ffffffdbffffffb6 62ffffffbd7a5c ffffffa9ffffffe07affffffa8
ffffff951d1bffffffbf
        sel:
          0.0.0.0/0[0] 0.0.0.0/0[0]
                upspec 0 dev (none) uid 0
        lifetime config:
          limit: soft (INF)(bytes), hard (INF)(bytes)
          limit: soft (INF)(packets), hard (INF)(packets)
          expire add: soft 23040(sec), hard 28800(sec)
          expire use: soft 0(sec), hard 0(sec)
        lifetime current:
          9188(bytes), 19(packets)
          add 2007/03/17 15:46:23 use 2007/03/17 15:46:26
        stats:
          replay-window 0 replay 0 failed 0
10.53.7.207 10.53.7.107
        esp spi 2200(0x00000898) reqid 0 tunnel
        seq 0x00000000 replay-window 0 flags (0x00000000)
        E:des 31323334 35363738
        sel:
          0.0.0.0/0[0] 0.0.0.0/0[0]
                upspec 0 dev (none) uid 0
        lifetime config:
          limit: soft (INF)(bytes), hard (INF)(bytes)
          limit: soft (INF)(packets), hard (INF)(packets)
          expire add: soft 0(sec), hard 0(sec)
          expire use: soft 0(sec), hard 0(sec)
        lifetime current:
          0(bytes), 0(packets)
          add 2007/03/17 15:44:38 use (undefined)
        stats:
          replay-window 0 replay 0 failed 0
10.53.7.107 10.53.7.207
        ah spi 7787428(0x0076d3a4) reqid 16412 tunnel
        seq 0x00000009 replay-window 4 flags (0x00000100)
        A:md5 7a126d1c ffffff82ffffff84ffffffcb71 41fffffff77372 58ffffffa11558
        sel:
          0.0.0.0/0[0] 0.0.0.0/0[0]
                upspec 0 dev (none) uid 0
        lifetime config:
          limit: soft (INF)(bytes), hard (INF)(bytes)
          limit: soft (INF)(packets), hard (INF)(packets)
          expire add: soft 23040(sec), hard 28800(sec)
          expire use: soft 0(sec), hard 0(sec)
        lifetime current:
          10888(bytes), 28(packets)
          add 2007/03/17 15:46:23 use 2007/03/17 15:46:26
        stats:
          replay-window 0 replay 0 failed 0
10.53.7.107 10.53.7.207
        esp spi 2200(0x00000898) reqid 0 tunnel
        seq 0x00000000 replay-window 0 flags (0x00000000)
        E:des 31323334 35363738
        sel:
          0.0.0.0/0[0] 0.0.0.0/0[0]
                upspec 0 dev (none) uid 0
        lifetime config:
          limit: soft (INF)(bytes), hard (INF)(bytes)
          limit: soft (INF)(packets), hard (INF)(packets)
          expire add: soft 0(sec), hard 0(sec)
          expire use: soft 0(sec), hard 0(sec)
        lifetime current:
          0(bytes), 0(packets)
          add 2007/03/17 15:44:38 use (undefined)
        stats:
          replay-window 0 replay 0 failed 0

router{}show ipsec stats ike
10.53.7.207 10.53.7.107
        ah spi 223672829(0x0d54f9fd) reqid 16413 tunnel
        seq 0x00000009 replay-window 4 flags (0x00000100)
        A:md5 658ffffffdbffffffb6 62ffffffbd7a5c ffffffa9ffffffe07affffffa8
ffffff951d1bffffffbf
        sel:
          0.0.0.0/0[0] 0.0.0.0/0[0]
                upspec 0 dev (none) uid 0
        lifetime config:
          limit: soft (INF)(bytes), hard (INF)(bytes)
          limit: soft (INF)(packets), hard (INF)(packets)
          expire add: soft 23040(sec), hard 28800(sec)
          expire use: soft 0(sec), hard 0(sec)
        lifetime current:
          9188(bytes), 19(packets)
          add 2007/03/17 15:46:23 use 2007/03/17 15:46:26
        stats:
          replay-window 0 replay 0 failed 0
10.53.7.107 10.53.7.207
        ah spi 7787428(0x0076d3a4) reqid 16412 tunnel
        seq 0x00000009 replay-window 4 flags (0x00000100)
        A:md5 7a126d1c ffffff82ffffff84ffffffcb71 41fffffff77372 58ffffffa11558
        sel:
          0.0.0.0/0[0] 0.0.0.0/0[0]
                upspec 0 dev (none) uid 0
        lifetime config:
          limit: soft (INF)(bytes), hard (INF)(bytes)
          limit: soft (INF)(packets), hard (INF)(packets)
          expire add: soft 23040(sec), hard 28800(sec)
          expire use: soft 0(sec), hard 0(sec)
        lifetime current:
          10888(bytes), 28(packets)
          add 2007/03/17 15:46:23 use 2007/03/17 15:46:26
        stats:
          replay-window 0 replay 0 failed 0

router{}show ipsec stats static
10.53.7.207 10.53.7.107
        esp spi 2200(0x00000898) reqid 0 tunnel
        seq 0x00000000 replay-window 0 flags (0x00000000)
        E:des 31323334 35363738
        sel:
          0.0.0.0/0[0] 0.0.0.0/0[0]
                upspec 0 dev (none) uid 0
        lifetime config:
          limit: soft (INF)(bytes), hard (INF)(bytes)
          limit: soft (INF)(packets), hard (INF)(packets)
          expire add: soft 0(sec), hard 0(sec)
          expire use: soft 0(sec), hard 0(sec)
        lifetime current:
          0(bytes), 0(packets)
          add 2007/03/17 15:44:38 use (undefined)
        stats:
          replay-window 0 replay 0 failed 0
10.53.7.107 10.53.7.207
        esp spi 2200(0x00000898) reqid 0 tunnel
        seq 0x00000000 replay-window 0 flags (0x00000000)
        E:des 31323334 35363738
        sel:
          0.0.0.0/0[0] 0.0.0.0/0[0]
                upspec 0 dev (none) uid 0
        lifetime config:
          limit: soft (INF)(bytes), hard (INF)(bytes)
          limit: soft (INF)(packets), hard (INF)(packets)
          expire add: soft 0(sec), hard 0(sec)
          expire use: soft 0(sec), hard 0(sec)
        lifetime current:
          0(bytes), 0(packets)
          add 2007/03/17 15:44:38 use (undefined)
        stats:
          replay-window 0 replay 0 failed 0
router{}