a3IPsecureParamCtl
1.3.6.1.4.1.43.2.12.3.1.2
This object controls a number of parameters associated
with IP security. Each parameter is represented by
a specific bit. If the bit is set, the parameter is
turned on. If the bit is not set, the parameter is
turned off. The state of all the parameters is represented
by a sum of all the bits, the value of each bit being
multiplied by 2 raised to the power of the position
of the bit in the integer.
With bit 0 being the least significant bit, the table
below defines the mapping of security parameters to bits.
bit # Parameter
0 Extended
1 BasicFirst
2 LabelAdd
3 LabelStrip
If bit 0 is set, the Extended parameter is turned on.
This allows datagrams with extended security options to be
received and/or transmitted from this port.
If bit 1 is set, the BasicFirst parameter is turned on. This
indicates that the basic security option is always transmitted
as the first option in the datagram, even if the packet
has to be rearranged. If this bit is not set, the datagram
options are sent as is.
If bit 2 is set, the LabelAdd parameter is turned on. This
ensures that all datagrams leaving this port have a label
attached to them. If an outgoing datagram does not have
a label, the default label, computed for the datagram
on receipt, is attached to it before transmission. If this
parameter is turned off, then datagrams without labels are
allowed to be transmitted, and the default label is not
attached to the datagram.
If bit 3 is set, the LabelStrip parameter is turned on. In
this case, any basic security option present in the datagram
is stripped before transmission through this port. The
stripping is done after all the security processing has been
done. If this parameter is turned off, the label is transmitted
as is.