The source command configures the source address used in TCP connection setup.
The undo source command restores the default setting.
By default, the device uses an outbound interface's IP address as the source IP address used in TCP connection setup.
| Parameter | Description | Value |
|---|---|---|
| interface interface-type interface-number | Specifies an interface's IP address as the source IP address used in TCP connection setup.
|
- |
| ip-address | Specifies the source address used in TCP connection setup. |
An IPv4 address is in dotted decimal notation, whereas an IPv6 address is in colon-separated hexadecimal notation.
NOTE:
The CMP session view does not support the configuration of an IPv6 address. |
Usage Scenario
If the device needs to establish a TCP connection with an SCEP or OCSP server, you must run the source command to specify the source IP address used in TCP connection setup.
In the multi-output scenario, if the interfaces for sending and receiving a TCP packet are different, the IP address in the received TCP packet is different from the IP address of the receiving interface. Then the TCP packet is dropped, and the TCP connection is torn down. In this situation, you can run this command to specify the loopback interface address.
Precautions
If the source interface used in TCP connection setup has been specified, the source interface must be a Layer 3 interface with an IP address configured.
The VPN instance bound to the interface specified by the source interface command in the CMP session view must be the same as the VPN instance configured in the vpn-instance. If they are inconsistent, either source interface or vpn-instance, which is configured later, cannot be executed successfully.
<sysname> system-view [sysname] interface GigabitEthernet 0/0/1 [sysname-GigabitEthernet0/0/1] ip address 10.136.2.25 24 [sysname-GigabitEthernet0/0/1] quit [sysname] pki realm abc [sysname-pki-realm-abc] source interface GigabitEthernet 0/0/1