Index |
A unique index for this entry. |
PeerIndex |
The index of the peer for which this bundle was created. |
TrafficIndex |
The index of the traffic entry for which this bundle was created. |
State |
The current state of the bundle
Possible values:
established(1), -- The bundle is alive
expired(2), -- The bundle is expired
delete (3), -- Mark this bundle for deletion
negotiating(4), -- This bundle is currently negotiated
rekeyed(5), -- Rekeying of bundle succeeded
heartbeat-lost(6), -- Heartbeat receive timeout
failed(7) -- The negotiation failed. Enumerations: - established (1)
- expired (2)
- delete (3)
- negotiating (4)
- rekeyed (5)
- heartbeat-lost (6)
- failed (7)
|
NumSas |
The number of SAs contained in this bundle. |
Role |
This object specifies by which side the SA bundle
negotiation was initiated.
Possible values:
initiator(1), -- this end initiated the negotiation
responder(2) -- the remote end initiated the negotiation. Enumerations: - initiator (1)
- responder (2)
|
RekeyedBundle |
This object indicates upon rekeying, which bundle (actually
its BundleIndex) is going to be replaced by that one. |
RekeyingBundle |
This object indicates upon rekeying, which bundle (actually
its BundleIndex) is going to replace that one. |
LastStateChange |
This object indicates the time in time ticks from system start
by which the state of this bundle entry was changed last.
To determine the absolute time, the current sysUpTime must be
subtracted from this value. |
HeartbeatsEnabled |
This object specifies whether heartbeats are sent and/or
expected over this bundle.
Possible values:
none(1), -- neither sending nor expecting heartbeats
expect(2), -- expecting heartbeats
send(3), -- sending heartbeats
both(4) -- sending and expecting heartbeats. Enumerations: - none (1)
- expect (2)
- send (3)
- both (4)
|
Creator |
This object specifies how the SA was created
Possible values:
manual(1),-- A manually keyed IPSec SA bundle
ike(2) -- An automatically keyed SA bundle created by IKE. Enumerations: |
TunnelRemote |
The remote IP address of the outer packet header. For
transport mode SAs, this address is the same as the
ipsecBundleRemoteAddress. |
PmtuDiscovery |
This object specifies the initialization of the DF bit in
outgoing IPSec packets for this bundle. It decides whether
PMTU discovery is propagated over the IPSec tunnel or not.
Possible values:
enabled(1), -- copy DF bit from original packet; propagate PMTU
disabled(2) -- clear DF bit in IPSec packet;
-- fragment if necessary. Enumerations: |
TunnelLocal |
The local IP address of the outer packet header. For
transport mode SAs, this address is the same as the
ipsecBundleLocalAddress. |
KeepAlive |
This object specifies the circumstances under which this SA
bundle will be rekeyed.
Possible values:
true(1), -- rekey even if no traffic was processed
false(2) -- rekey only if at least one packet was processed. Enumerations: |
LifeSeconds |
The period in seconds after which this bundle will be destroyed. |
LifeKBytes |
The amount of data allowed to be protected by this bundle until
it is destroyed (ipsecBundleOutBytes or ipecBundleOutBytes). |
VerifyPad |
This object specifies the kind of padding expected for ESP SAs
within this bundle.
Possible values:
true(1), -- normal, self-describing ESP padding
false(2) -- old style ESP padding. Enumerations: |
RekeySeconds |
The period in seconds after which this bundle will be rekeyed. |
LocalAddress |
The local address (host or network or range start address)
of the traffic selectors,
source for outbound, destination for inbound. |
Proto |
The protocol of the traffic selectors. Enumerations: - icmp (1)
- igmp (2)
- ggp (3)
- ipip (4)
- st (5)
- tcp (6)
- cbt (7)
- egp (8)
- igp (9)
- bbn (10)
- nvp (11)
- pup (12)
- argus (13)
- emcon (14)
- xnet (15)
- chaos (16)
- udp (17)
- mux (18)
- dcn (19)
- hmp (20)
- prm (21)
- xns (22)
- trunk1 (23)
- trunk2 (24)
- leaf1 (25)
- leaf2 (26)
- rdp (27)
- irtp (28)
- isotp4 (29)
- netblt (30)
- mfe (31)
- merit (32)
- sep (33)
- pc3 (34)
- idpr (35)
- xtp (36)
- ddp (37)
- idprc (38)
- tp (39)
- il (40)
- ipv6 (41)
- sdrp (42)
- ipv6route (43)
- ipv6frag (44)
- idrp (45)
- rsvp (46)
- gre (47)
- mhrp (48)
- bna (49)
- esp (50)
- ah (51)
- inlsp (52)
- swipe (53)
- narp (54)
- mobile (55)
- tlsp (56)
- skip (57)
- ipv6icmp (58)
- ipv6nonxt (59)
- ipv6opts (60)
- ipproto-61 (61)
- cftp (62)
- local (63)
- sat (64)
- kryptolan (65)
- rvd (66)
- ippc (67)
- distfs (68)
- satmon (69)
- visa (70)
- ipcv (71)
- cpnx (72)
- cphb (73)
- wsn (74)
- pvp (75)
- brsatmon (76)
- sunnd (77)
- wbmon (78)
- wbexpak (79)
- isoip (80)
- vmtp (81)
- securevmtp (82)
- vines (83)
- ttp (84)
- nsfnet (85)
- dgp (86)
- tcf (87)
- eigrp (88)
- ospfigp (89)
- sprite (90)
- larp (91)
- mtp (92)
- ax25 (93)
- ipwip (94)
- micp (95)
- scc (96)
- etherip (97)
- encap (98)
- encrypt (99)
- gmtp (100)
- ifmp (101)
- pnni (102)
- pim (103)
- aris (104)
- scps (105)
- qnx (106)
- an (107)
- ippcp (108)
- snp (109)
- compaq (110)
- ipxip (111)
- vrrp (112)
- pgm (113)
- hop0 (114)
- l2tp (115)
- ipproto-116 (116)
- ipproto-117 (117)
- ipproto-118 (118)
- ipproto-119 (119)
- ipproto-120 (120)
- ipproto-121 (121)
- ipproto-122 (122)
- ipproto-123 (123)
- ipproto-124 (124)
- ipproto-125 (125)
- ipproto-126 (126)
- ipproto-127 (127)
- ipproto-128 (128)
- ipproto-129 (129)
- ipproto-130 (130)
- ipproto-131 (131)
- ipproto-132 (132)
- ipproto-133 (133)
- ipproto-134 (134)
- ipproto-135 (135)
- ipproto-136 (136)
- ipproto-137 (137)
- ipproto-138 (138)
- ipproto-139 (139)
- ipproto-140 (140)
- ipproto-141 (141)
- ipproto-142 (142)
- ipproto-143 (143)
- ipproto-144 (144)
- ipproto-145 (145)
- ipproto-146 (146)
- ipproto-147 (147)
- ipproto-148 (148)
- ipproto-149 (149)
- ipproto-150 (150)
- ipproto-151 (151)
- ipproto-152 (152)
- ipproto-153 (153)
- ipproto-154 (154)
- ipproto-155 (155)
- ipproto-156 (156)
- ipproto-157 (157)
- ipproto-158 (158)
- ipproto-159 (159)
- ipproto-160 (160)
- ipproto-161 (161)
- ipproto-162 (162)
- ipproto-163 (163)
- ipproto-164 (164)
- ipproto-165 (165)
- ipproto-166 (166)
- ipproto-167 (167)
- ipproto-168 (168)
- ipproto-169 (169)
- ipproto-170 (170)
- ipproto-171 (171)
- ipproto-172 (172)
- ipproto-173 (173)
- ipproto-174 (174)
- ipproto-175 (175)
- ipproto-176 (176)
- ipproto-177 (177)
- ipproto-178 (178)
- ipproto-179 (179)
- ipproto-180 (180)
- ipproto-181 (181)
- ipproto-182 (182)
- ipproto-183 (183)
- ipproto-184 (184)
- ipproto-185 (185)
- ipproto-186 (186)
- ipproto-187 (187)
- ipproto-188 (188)
- ipproto-189 (189)
- ipproto-190 (190)
- ipproto-191 (191)
- ipproto-192 (192)
- ipproto-193 (193)
- ipproto-194 (194)
- ipproto-195 (195)
- ipproto-196 (196)
- ipproto-197 (197)
- ipproto-198 (198)
- ipproto-199 (199)
- ipproto-200 (200)
- ipproto-201 (201)
- ipproto-202 (202)
- ipproto-203 (203)
- ipproto-204 (204)
- ipproto-205 (205)
- ipproto-206 (206)
- ipproto-207 (207)
- ipproto-208 (208)
- ipproto-209 (209)
- ipproto-210 (210)
- ipproto-211 (211)
- ipproto-212 (212)
- ipproto-213 (213)
- ipproto-214 (214)
- ipproto-215 (215)
- ipproto-216 (216)
- ipproto-217 (217)
- ipproto-218 (218)
- ipproto-219 (219)
- ipproto-220 (220)
- ipproto-221 (221)
- ipproto-222 (222)
- ipproto-223 (223)
- ipproto-224 (224)
- ipproto-225 (225)
- ipproto-226 (226)
- ipproto-227 (227)
- ipproto-228 (228)
- ipproto-229 (229)
- ipproto-230 (230)
- ipproto-231 (231)
- ipproto-232 (232)
- ipproto-233 (233)
- ipproto-234 (234)
- ipproto-235 (235)
- ipproto-236 (236)
- ipproto-237 (237)
- ipproto-238 (238)
- ipproto-239 (239)
- ipproto-240 (240)
- ipproto-241 (241)
- ipproto-242 (242)
- ipproto-243 (243)
- ipproto-244 (244)
- ipproto-245 (245)
- ipproto-246 (246)
- ipproto-247 (247)
- ipproto-248 (248)
- ipproto-249 (249)
- ipproto-250 (250)
- ipproto-251 (251)
- ipproto-252 (252)
- ipproto-253 (253)
- ipproto-254 (254)
- dont-verify (255)
|
RekeyKBytes |
The amount of data allowed to be protected by this bundle until
it is rekeyed (ipsecBundleOutBytes or ipecBundleOutBytes). |
LocalMaskLen |
The local network masklen of the traffic selectors,
source for outbound, destination for inbound. |
LocalRange |
The local address range end address of the traffic selectors,
source for outbound, destination for inbound. |
RemoteAddress |
The remote address (host or network or range start address)
of the traffic selectors
source for outbound, destination for inbound. |
LocalPort |
The local port of the traffic selectors,
source for outbound, destination for inbound. |
RemoteMaskLen |
The remote network masklen of the traffic selectors
source for outbound, destination for inbound. |
RemotePort |
The remote port of the traffic selectors
source for outbound, destination for inbound. |
InPkt |
The total number of inbound packets processed by this bundle. |
RemoteRange |
The remote address range end address of the traffic selectors
source for outbound, destination for inbound. |
InHb |
The number of heartbeat packets received over this bundle. |
InKBytes |
The number of inbound Kbytes (including IPSec overhead)
processed by this bundle. |
InBytesNetto |
The number of inbound bytes (netto: IPSec headers excluded)
processed by this bundle. |
InBytes |
The number of inbound bytes (including IPSec overhead)
processed by this bundle. |
InKBytesNetto |
The number of inbound Kbytes (netto: IPSec headers excluded)
processed by this bundle. |
OutHb |
The number of heartbeat packets sent for this bundle. |
OutBytes |
The number of outbound bytes (including IPSec overhead)
processed by this bundle. |
OutPkt |
The total number of outbound packets processed by this bundle. |
OutKBytes |
The number of outbound Kbytes (including IPSec overhead)
processed by this bundle. |
OutBytesNetto |
The number of outbound bytes (netto: IPSec headers excluded)
processed by this bundle. |
OutKBytesNetto |
The number of outbound Kbytes (netto: IPSec headers excluded)
processed by this bundle. |