IP option 2, Security

Description:

This option provides a way for hosts to send security, compartmentation, handling restrictions, and TCC (closed user group) parameters.

Must be copied on fragmentation. This option appears at most once in a datagram.

MAC header IP header IP option 2 Data :::

IP Option 2:

0001020304050607 0809101112131415 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Type Length Security
Compartments Handling restrictions
Transmission Control Code  

Type. 8 bits. Set to 130.

00 01 02 03 04 05 06 07
C Class Option

C, Copy flag. 1 bit. Always set to 1.
The option is to be copied into all fragments.

Class. 2 bits. Always cleared to 0.
This is a control option.

Option. 5 bits. Always set to 2.
The IP option number.

Length. 8 bits. Set to 11.

Security. 16 bits.
Specifies one of 16 levels of security.

Compartments. 16 bits.
An all zero value is used when the information transmitted is not compartmented. Other values for the compartments field may be obtained from the Defense Intelligence Agency.

Handling restrictions. 16 bits.
The values for the control and release markings are alphanumeric digraphs and are defined in the Defense Intelligence Agency Manual DIAM 65-19, "Standard Security Markings".

Transmission Control Code. 24 bits.
Provides a means to segregate traffic and define controlled communities of interest among subscribers. The TCC values are trigraphs, and are available from HQ DCA Code 530.

Host Implementation:

Router Implementation:

RFCs:

[RFC 791] Internet Protocol.

[RFC 1108] U.S. Department of Defense Security Options for the Internet Protocol.

Obsolete RFCs:

[RFC 1038] Draft Revised IP Security Option.