Index Index for
Section 5
Index Alphabetical
listing for S
Bottom of page Bottom of
page		 

sys_attrs_ipsec(5)


NAME

  sys_attrs_ipsec - ipsec subsystem attributes


DESCRIPTION

  This reference page lists and describes attributes for the Internet
  Protocol Security (ipsec) kernel subsystem. Refer to the sys_attrs(5)
  reference page for an introduction to the topic of kernel subsystem
  attributes.

  ip_secured
      A value that enables (1) or disables (0) the ability of IPsec to
      intercept packets when ipsecd is not running. If ipsecd is not running
      and the attribute is enabled, packets will be dropped. By default, this
      attribute is enabled when IPsec is started by using the normal startup
      procedures.

      Default value: 1 (enabled)

      Do not modify this attribute unless you understand the security
      consequences for your system. If you disable this attribute, you might
      send sensitive traffic without IPsec protection or receive traffic that
      should be blocked.

  passby_cluif_traffic
      A value that enables (1) or disables (0) a system's ability to pass
      traffic to and receive traffic from a cluster interconnect interface
      without Internet Protocol Security (IPsec) processing.

      Default value: 1 (enabled)

      We recommend that this attribute remain enabled. If you disable this
      attribute, you must then configure an IPsec policy to include the
      cluster interconnect addresses. However, even with an IPsec policy
      configured, it is not possible to secure all cluster interconnect
      traffic with IPsec as the cluster generates traffic before the security
      policy is started. See the Network Administration: Connections manual
      for more information about configuring IPsec.

  stats_update_interval
      The time interval between updates of IPsec Security Association (SA)
      statistics by the kernel. If you have a very large number of SAs,
      increase the stats_update_interval value to reduce the overhead of
      maintaining the statistics.

      Default value: 5 (seconds)

      Minimum value: 1

      Maximum value: 60


SEE ALSO

  sys_attrs(5)

  Network Administration: Connections

  System Configuration and Tuning

Index Index for
Section 5
Index Alphabetical
listing for S
Top of page Top of
page