17c478bd9Sstevel@tonic-gate# 274e20cfeSnh# Copyright 2007 Sun Microsystems, Inc. All rights reserved. 37c478bd9Sstevel@tonic-gate# Use is subject to license terms. 47c478bd9Sstevel@tonic-gate# 57c478bd9Sstevel@tonic-gate# CDDL HEADER START 67c478bd9Sstevel@tonic-gate# 77c478bd9Sstevel@tonic-gate# The contents of this file are subject to the terms of the 874e20cfeSnh# Common Development and Distribution License (the "License"). 974e20cfeSnh# You may not use this file except in compliance with the License. 107c478bd9Sstevel@tonic-gate# 117c478bd9Sstevel@tonic-gate# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 127c478bd9Sstevel@tonic-gate# or http://www.opensolaris.org/os/licensing. 137c478bd9Sstevel@tonic-gate# See the License for the specific language governing permissions 147c478bd9Sstevel@tonic-gate# and limitations under the License. 157c478bd9Sstevel@tonic-gate# 167c478bd9Sstevel@tonic-gate# When distributing Covered Code, include this CDDL HEADER in each 177c478bd9Sstevel@tonic-gate# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 187c478bd9Sstevel@tonic-gate# If applicable, add the following below this CDDL HEADER, with the 197c478bd9Sstevel@tonic-gate# fields enclosed by brackets "[]" replaced with your own identifying 207c478bd9Sstevel@tonic-gate# information: Portions Copyright [yyyy] [name of copyright owner] 217c478bd9Sstevel@tonic-gate# 227c478bd9Sstevel@tonic-gate# CDDL HEADER END 237c478bd9Sstevel@tonic-gate# 247c478bd9Sstevel@tonic-gate# ident "%Z%%M% %I% %E% SMI" 257c478bd9Sstevel@tonic-gate# 267c478bd9Sstevel@tonic-gate# TCP_STRONG_ISS sets the TCP initial sequence number generation parameters. 277c478bd9Sstevel@tonic-gate# Set TCP_STRONG_ISS to be: 287c478bd9Sstevel@tonic-gate# 0 = Old-fashioned sequential initial sequence number generation. 297c478bd9Sstevel@tonic-gate# 1 = Improved sequential generation, with random variance in increment. 307c478bd9Sstevel@tonic-gate# 2 = RFC 1948 sequence number generation, unique-per-connection-ID. 317c478bd9Sstevel@tonic-gate# 32*680047a5SDan McDonaldTCP_STRONG_ISS=2 337c478bd9Sstevel@tonic-gate# 347c478bd9Sstevel@tonic-gate# ACCEPT6TO4RELAY sets the policy for 6to4 tunnels communicating with 6to4 357c478bd9Sstevel@tonic-gate# Relay Routers as defined in RFC 3056. Traffic sent from a 6to4 site to a 367c478bd9Sstevel@tonic-gate# native IPv6 host will be tunneled over the IPv4 Internet to a 6to4 Relay 377c478bd9Sstevel@tonic-gate# Router before being delivered to the native IPv6 host. Enabling support 387c478bd9Sstevel@tonic-gate# for sending/receiving traffic to/from a 6to4 Relay Router can create a 397c478bd9Sstevel@tonic-gate# security risk for a 6to4 site, since there is no default trust 407c478bd9Sstevel@tonic-gate# mechanism for communicating with Relay Routers. Communication support 417c478bd9Sstevel@tonic-gate# with 6to4 Relay Routers has been disabled by default. ACCEPT6TO4RELAY 427c478bd9Sstevel@tonic-gate# can be set to the following values: 437c478bd9Sstevel@tonic-gate# NO = Disables communication with 6to4 Relay Routers 447c478bd9Sstevel@tonic-gate# YES = Enables communication with 6to4 Relay Routers and thus native 457c478bd9Sstevel@tonic-gate# IPv6 hosts through a 6to4 tunnel. 467c478bd9Sstevel@tonic-gate# 477c478bd9Sstevel@tonic-gate# When ACCEPT6TO4RELAY=YES, RELAY6TO4ADDR will be used to determine the 487c478bd9Sstevel@tonic-gate# destination IPv4 address to be used as a tunnel endpoint when communicating 497c478bd9Sstevel@tonic-gate# with 6to4 Relay Routers. 192.88.99.1 is the well-known 6to4 Relay Router 507c478bd9Sstevel@tonic-gate# Anycast address as defined in RFC 3068. This value may be changed to 517c478bd9Sstevel@tonic-gate# the IPv4 unicast address of a particular 6to4 Relay Router, if desired. 527c478bd9Sstevel@tonic-gate# 537c478bd9Sstevel@tonic-gateACCEPT6TO4RELAY=NO 547c478bd9Sstevel@tonic-gateRELAY6TO4ADDR="192.88.99.1" 55