Trusted Extensions hosts offer the highest degree of trust as routers. Other types of routers might not recognize Trusted Extensions security attributes. Without administrative action, packets can be routed through routers that do not provide MAC security protection.
Labeled routers drop packets when they do not find the correct type of information in the IP options section of the packet. For example, a labeled router drops a packet if it does not find a labeled option in the IP options when the option is required, or when the DOI in the IP options is not consistent with the destination's accreditation.
Other types of routers that are not running Trusted Extensions software can be configured to either pass the packets or drop the packets that include a labeled option. Only label-aware gateways such as Trusted Extensions can use the contents of the CALIPSO or CIPSO IP option to enforce MAC.
To support trusted routing, the routing tables are extended to include Trusted Extensions security attributes. The attributes are described in Routing Table Entries in Trusted Extensions. Trusted Extensions supports static routing, in which the administrator creates routing table entries manually. For details, see the –p option in the route(1M) man page.
The routing software tries to find a route to the destination host in the routing tables. When the host is not explicitly named, the routing software looks for an entry for the subnet where the host resides. When neither the host nor the subnet is defined, the host sends the packet to a default gateway, if defined. Multiple default gateways can be defined, and each is treated equally.
In this release of Trusted Extensions, the security administrator sets up routes manually, and then manually changes the routing table when conditions change. For example, many sites have a single gateway that communicates with the outside world. In these cases, the single gateway can be statically defined as the default on each host on the network.