Secure GSLB | 1 |
The
Consider issuing the command gslb
The never option, after the initial public key exchange, configures the peer public keys to never automatically expire. They are assumed to be valid until and unless the administrators manually intervene and perform the public key exchange. The keys will be saved and reused for new TCP connections. Network administrators do not need to be involved after initial key exchange.
The <timeout> parameter configures the peer public keys to be valid for a specific duration of seconds independent of how many TCP connection setup and tear down events occur during this time. If the TCP connection is not established for the
Regenerating the session keys
To prevent the encryption key and authentication keys from being compromised, the system supports dynamic or manual session key regeneration.
Manually regenerating the session keys
To manually clear the session keys and force the regeneration of session keys, enter the following command.
Syntax: clear gslb session-keys
Dynamically regenerating the session keys
The system dynamically regenerates the encryption and authentication keys (session keys) either at a specified
The configure the system to dynamically regenerate the session keys at a specified interval, enter commands such as the following:
To configure the system to randomly decide when to regenerate the key within
Syntax: [no] si
ServerIron ADX Global Server Load Balancing Guide | 63 |
|