[ds6] ipsec on ipv6

Peter Bieringer pb at bieringer.de
Wed Oct 20 23:29:21 CEST 2004

Previous message: [ds6] ipsec on ipv6
Next message: [ds6] ipv6 on kernel24
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


--On Wednesday, October 20, 2004 10:13:09 PM +0200 Lionel Elie Mamane
<lionel at mamane.lu> wrote:

> On Wed, Oct 13, 2004 at 01:13:19PM -0300, José de Figueiredo wrote:
> 
>> I need to setup a security way bettwen two hosts using ipv6. The
>> USAGI project provide ipsec using PLUTO software.
> 
>> Anybody can provide more information about this pluto ?

pluto is the IKE daemon of FreeSwan/OpenSwan/stronSwan

racoon is the IKE daemon ported from BSD (KAME)

> Isn't this the FreeSwan / OpenSwan implementation?
> 
>> Anybody know another method of ipsec ?
> 
> I'm using the Linux port of Racoon: http://packages.debian.org/racoon;
> other possiblities include the port of the OpenBSD IKE deamon.
> 
> These are meant to be used with the Linux 2.6 IPSEC stack, rather than
> the FreeSwan / OpenSwan one; I *think* the Linux 2.6 IPSEC stack
> actually comes from USAGI, doesn't it? Pluto works on that stack with
> some patches, but that information might be outdated.

Always: pluto or racoon only handle IKE and set the IPsec SA into the kernel

For 2.6 and 2.4 backport: IPsec implementation is already built-in
For other 2.4: *Swan also contain code for IPsec enabling of the kernel

Major earlier work on the IPsec implementation of 2.6 was done by USAGI,
but nowadays other people are working here, too (see netdev maillist
archive for more).

        Peter
-- 
Dr. Peter Bieringer                     http://www.bieringer.de/pb/
GPG/PGP Key 0x958F422D               mailto: pb at bieringer dot de 
Deep Space 6 Co-Founder and Core Member  http://www.deepspace6.net/

Previous message: [ds6] ipsec on ipv6
Next message: [ds6] ipv6 on kernel24
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the ds6 mailing list