For IPv6, Trusted Extensions uses the Common Architecture Label IPv6 Security Option (CALIPSO) as the security labeling protocol. No configuration is required. If you must communicate with systems that run the obsolete Trusted Extensions IPv6 CIPSO protocol, perform this procedure. To communicate with other CALIPSO systems, do not perform this procedure.
Caution - A system that uses the CALIPSO for IPv6 protocol cannot communicate with any systems that use the obsolete TX IPv6 CIPSO protocol because these protocols are incompatible.
The obsolete Trusted Extensions IPv6 CIPSO options do not have an Internet Assigned Numbers Authority (IANA) number to use in the IPv6 Option Type field of a packet. The entry that you set in this procedure supplies a number to use on the local network.
Before You Begin
Perform this procedure if you must communicate with systems that use the proprietary yet obsolete Trusted Extensions IPv6 CIPSO security labeling option.
You are in the root role in the global zone.
set ip:ip6opt_ls = 0x0a
If error messages during boot indicate that your IPv6 CIPSO configuration is incorrect, correct the entry. For example, a misspelled entry produces the following message: sorry, variable 'ip6opt_1d' is not defined in the 'ip' module. Verify that the entry is spelled correctly.
Correct the entry.
Verify that the system has been rebooted after adding the correct entry to the /etc/system file.
You must reboot the system before configuring LDAP or creating labeled zones.