ipsec
NetBSD IPsec FAQ
Skip to main content.
»
The Guide |
Manual pages |
Mailing lists and
Archives |
CVS repository |
Report
or
query a bug |
Software Packages
Navigation:
Home |
About |
Download |
Documentation |
Support |
Community |
Ports
NetBSD IPsec FAQ
This page is developing, and we welcome any
comments or suggestions.
IPsec FAQ
Getting Started
IPsec = AH + ESP + IPcomp + IKE
Transport mode and tunnel mode
IPsec policy management
Configuring IPsec kernel
Configuration examples: host-to-host encryption
Configuration examples: host-to-host authentication
Configuration examples: host-to-host encryption+authentication
Configuration examples: IPsec VPN
Configuration examples: Leaf-node tunnel
Configuring AH/ESP keys by using IKE
Setting up IPsec manual keys and policies on bootstrap
Interaction with ipfilter
Common pitfalls, and debugging techniques
Known issues
Conformance to standard, interoperability
API compatibility with other IPsec stacks
Books and other reading materials?
Other links
Miscellaneous links
IPsec FAQ
Getting Started (top)
IPsec (IP security protocol) is part of the NetBSD distributions,
it provides per-packet authenticity/confidentiality guarantees between
peers communicate using IPsec.
IPsec is available for both IPv6 and IPv4.
Note that, however, kernel re-configuration is necessary to use IPsec.
It is not turned on for default GENERIC kernel.
Userland code includes IPsec support where possible, by default,
so no rebuild of userland is necessary even if you switch between kernel
with IPsec, and without IPsec.
Note
We sometimes use the word “IP security” in more broader sense,
like IP firewalls, packet filtering, and so forth.
IPsec = AH + ESP + IPcomp + IKE (top)
IPsec consists of a couple of separate protocols, listed below:
Authentication Header (AH): provides authenticity guarantee for packets,
by attaching strong crypto checksum to packets.
If you receive a packet with AH and the checksum operation was
successful, you can be sure about two things if you and the
peer share a secret key, and no other party knows the key:
The packet was originated by the expected peer.
The packet was not generated by impersonator.
The packet was not modified in transit.
Unlike other protocols, AH covers the whole packet, from the IP header
to the end of the packet.
Encapsulating Security Payload (ESP): provides confidentiality guarantee
for packets, by encrypting packets with encryption algorithms.
If you receive a packet with ESP and successfully decrypted it,
you can be sure that the packet was not wiretapped in the middle,
if you and the peer share a secret key, and no other party
knows the key.
IP payload compression (IPcomp): ESP provides encryption service to the
packets.
However, encryption tend to give negative impact to compression on
the wire (such as ppp compression).
IPcomp provides a way to compress packet before encryption by ESP
(Of course, you can use IPcomp alone if you wish to).
Internet Key Exchange (IKE): As noted above, AH and ESP needs shared
secret key between peers.
For communication between distant location, we need to provide ways
to negotiate keys in secrecy.
IKE will make it possible.
AH, ESP and IPcomp are implemented in the kernel code.
IKE is implemented as daemon process in the userland.
Kernel part and userland part will cooperate by using key management table
in between.
IKE is actually optional, you can configure secret keys manually for AH/ESP.
However, please understand it: you cannot use the same secret key forever.
If you use the same secret key for a long period of time,
your traffic become more and more likely to get compromised.
Note
security of IPsec protocols depend on the secrecy of secret keys.
If secret keys are compromised, IPsec protocols can no longer be secure.
Take caution about permission mode of configuration files,
key database files, or whatever they may lead to information leakage.
There two set of RFCs published; old IPsec suite starts from RFC1825,
and new IPsec suite starts from RFC2401.
Though NetBSD implements both, it is recommended to use new IPsec suite.
userland programs IKE daemon
^ | AF_INET{,6} socket ^ | PF_KEY socket
========= | | =========================== | | ======== Kernel/user boundary
| v | v
transport layer, TCP/UDP key management table
^ | ^ | key information
| | | |
| v | v
IP input/output logic <-------> AH/ESP/IPcomp logic
^ |
| v
Network drivers (ethernet)
Transport mode and tunnel mode (top)
AH, ESP and IPcomp have two modes of operation: transport mode and tunnel mode.
Transport mode encrypts normal communication between peers.
Tunnel mode will encapsulate packet into new IPv4/v6 header.
Tunnel mode is designed to be used by VPN gateways.
[[transport mode]]
my host ======== peer's host
transport
mode
packets: [IP: me->peer] ESP payload
<---------> encrypted
[[tunnel mode]]
(a) (b) (c)
my host ---- my VPN gateway ======== peer's VPN gateway ---- peer's host
tunnel mode
packets on (a): [IP: me->peer] payload
packets on (b): [IP: mygw->peergw] ESP [IP: me->peer] payload
<------------------------> encrypted
packets on (c): [IP: me->peer] payload
IPsec “policy” management (top)
Though the kernel knows how to secure packets, it does not know
which packet requires security.
We need to tell kernel about which packet needs to be secured.
IPsec “policy” configuration allows us to specify it.
IPsec policy can be configured in per-packet, or per-socket manner:
Per-packet: configured into the kernel just like packet filters.
You can specify like “encrypt outgoing packets if I'm sending
to 10.1.1.0/24”.
This works well when you are running an IPsec router.
Per-socket: configured via setsockopt(2) for a certain socket.
You can specify like “encrypt outgoing packets from this socket”.
This works well when you would like to run IPsec-aware server program.
IPsec policy decides which IPsec protocols (AH, ESP or IPcomp) to be used
against a packet.
You can configure kernel to use any combination of
AH, ESP and IPcomp against a packet.
You can even apply same protocol multiple times, like multiple ESP operation
against single packet.
It is questionable if multiple ESP operation has any benefit, but certainly
interesting for test/debug use.
Configuring IPsec kernel (top)
Refer to tracking NetBSD-current
for more details of the build process.
In your kernel configuration file, enable the following portion
and build a new kernel.
options IPSEC
options IPSEC_ESP
Build a new kernel as usual.
Replace the kernel and reboot.
Userland tools include IPsec support by default,
and no userland rebuild is necessary.
Additionally, you may want to use racoon(8), which comes with NetBSD or
install security/isakmpd.
Configuration examples: host-to-host encryption (top)
If you would like to run host-to-host (transport mode) encryption with
manually configured secret keys, the following configuration should be enough.
We use setkey(8) to configure the manual keys.
#! /bin/sh
#
# packet will look like this: IPv4 ESP payload
# the node is on 10.1.1.1, peer is on 20.1.1.1
setkey -c </etc/racoon/psk.txt
B spamspamspam
^D
A# chmod 600 /etc/racoon/psk.txt
B# cat >/etc/racoon/psk.txt
A spamspamspam
^D
B# chmod 600 /etc/racoon/psk.txt
Run racoon.
If you wish see the debug trace, arguments would be like below:
# racoon -f /etc/racoon/racoon.conf -dddddd
Try to exchange packet between A and B.
You will see some messages from racoon to console,
and key will be established.
A# ping -n B
(with some delay, you will start seeing replies)
^C
A# setkey -D
(you will see keys exchanged by racoon)
racoon will negotiate keys based on the policy definition.
By changing policy definition, we can easily configure for other cases.
Next example configure keys for the following situation:
A is a mail server.
A wishes to enforce the use of transport mode AH, to everyone contacts
A with POP protocol (TCP port 110).
B is a client which wishes to contact A.
The policy configuration on A avoids of AH for local
traffic (note that racoon cannot negotiate keys with itself).
The order of the policy is highly important.
If you reorder them, the configuration will not work.
A# setkey -c
spdadd A[110] A tcp -P out none;
spdadd A A[110] tcp -P in none;
spdadd A[110] 0.0.0.0/0 tcp -P out ipsec ah/transport//require;
spdadd 0.0.0.0/0 A[110] tcp -P in ipsec ah/transport//require;
^D
B# setkey -c
spdadd B A[110] tcp -P out ipsec ah/transport//require;
spdadd A[110] B tcp -P in ipsec ah/transport//require;
^D
Other than policy configuration part, configure just like the previous
example.
If you have any problem in configuring it, be sure to look at full debug
logs (racoon -dddddd) and see where it chokes.
Every configuration difference leads to unsuccessful negotiation.
Setting up IPsec manual keys and policies on bootstrap (top)
rc.conf(5) has an entry for IPsec, named “ipsec”.
ipsec=YES will run the following command at bootstrap time,
before any of the network activities:
/sbin/setkey -f /etc/ipsec.conf
For example, you can perform encrypted NFS mount for /usr.
/etc/ipsec.conf should contain valid commands to setkey(8);
similar to the configuration examples above without the
setkey -c < AH/ESP/IPcomp logic
v ^ ^ |
tunnel | +----------------------+ decapsulated IPsec packets
devices |
| ipfilter rules
| ^
+------>|
|
Network drivers (ethernet)
outbound processing:
userland programs IKE daemon
| AF_INET{,6} socket ^ | PF_KEY socket
=========== | =========================== | | ======== Kernel/user boundary
v | v
transport layer, TCP/UDP key management table
| ^ | key information
| | |
v | v
+---->IP input/output logic <-------> AH/ESP/IPcomp logic
| | (incl. IPsec tunnel encapsulation)
tunnel |
devices |
| ipfilter rules
| |
+---------+
v
Network drivers (ethernet)
Common pitfalls, and debugging techniques (top)
Some people mix up the following three items.
Take caution if you try to interoperate with other implementations.
If you mix them up, you will never be able to make a interoperable
configuration.
Documentations may be using different words for them (sigh).
IPsec with manual key
In NetBSD case, this way uses setkey(8) to configure IPsec
secret key.
IPsec secret key will not change over time.
IPsec with IKE, with pre-shared secret
In NetBSD case, this uses racoon(8).
We authenticate peer with pre-shared secret.
racoon(8) will negotiate IPsec keys dynamically
and installs it into the kernel.
IPsec secret key changes over time.
IPsec with IKE, with certificates
In NetBSD case, this uses racoon(8).
We authenticate peer with certificate files.
racoon(8) will negotiate IPsec keys dynamically
and installs it into the kernel.
IPsec secret key changes over time.
The configuration of IPsec is NOT EASY.
There are way too many knobs to play with, and debugging is very hard
due to wiretap-resistant nature of IPsec. Basically, we can't guess
what is going on from packet trace.
Try reading some books and standard documents/RFCs, hire consultants
or whatever, before you try to configure it.
Always run tcpdump while you debug the network.
Even though the traffic is encrypted, you can get some idea if the
packet is really on the wire or not.
netstat(1) is your friend.
Run netstat -sn and check the IPsec packet counters.
If you have trouble running racoon(8), try running
it with maximum debugging output and look at the output.
(command line argument -dddddd)
You really really need to configure your NetBSD device with peer's device
exactly the same to make them interoperate.
Your packet needs to be generated by using exactly the same protocol,
and encryption algorithm, as the other end is expecting.
By failing to do so, you will experience very hard-to-track errors.
In IPsec, encryption/authentication failures are modelled as packet
drops.
So configuration failures will make your packets to be dropped onto
the floor with no error indications.
tcpdump(8) will not help you much,
since the content of packet is now not de-cipherable.
Make very very sure that you configure carefully with the other end.
On slow machines, you may not be able to negotiate keys with racoon IKE
daemon, as IKE negotiation has to finish within net.key.larval_lifetime
sysctl MIB, which is 30 seconds by default.
Try raising the value if you got a really-slow machines.
Known issues (top)
Tunnel mode AH does not work as you might expect, due to restrictions
in kernel IPsec policy engine.
Do not try to use tunnel mode AH.
IPsec and ipf(4) code do not play nicely together.
See "Interaction with ipfilter"
for detail.
IPsec policy rule is not tested enough for explicit protocol
specification other than tcp/udp. Use protocol “any” (= address match
only) if you would like to take a safer side. The issue here is
generic to any packet filters - normal packet filter descriptions do
not play nicely with header chains.
Conformance to standard, interoperability (top)
KAME IPsec implementation (which is included in NetBSD tree)
conforms to latest set of IPsec standards.
KAME's
NetBSD Implementation Note
has comprehensive list of standard documents to which the implementation
conforms.
Interoperability with other implementation has been confirmed in various
occasions.
KAME's
NetBSD Implementation Note
includes list of implementations which we have confirmed interoperability
in the past.
Note that, however, it is possible for both sides to change the code
after interoperability tests, and it is possible that they no longer
interoperate.
It is also possible that NetBSD device and peer's device interoperate in
certain configuration only.
If you try to configure NetBSD device with other implementation,
please note that IPsec specifications/implementations
have too many knobs to play with.
You need to configure your NetBSD device with peer's device
exactly the same to make them interoperate.
API compatibility with other IPsec stacks (top)
If you write userland code that is aware of IPsec,
you may become curious about API compatibility across IPsec platforms.
We have RFC2367 PF_KEY API for manipulating secret key database in the kernel.
Basic portion of this API is available on other UNIX-based IPsec stacks as well,
and may be compatible to certain degree
(for example, OpenBSD implements PF_KEY API as well).
KAME IPsec stack extends this in certain way, just like other parties do.
Extended portion is not compatible with other (non-KAME) IPsec stacks.
There is no document that specifies IPsec policy management API.
Therefore, we can expect no compatibility with (non-KAME) IPsec stacks
in IPsec policy management API.
There is no standard for configuration file syntax.
You will need to convert them if you would like to copy configuration from/to
non-NetBSD IPsec devices.
Since NetBSD and FreeBSD share IPsec codebase from the same origin (KAME),
there is a good chance for API compatibility.
Note that, however, there are differences in NetBSD IPsec code
and FreeBSD IPsec code, since they merged in KAME code of different date.
As of writing, normal userland applications do not need to worry about the
difference.
However, if you plan to implement IPsec key management daemons,
you will need to worry about differences in PF_KEY API.
NetBSD 1.5 incorporates KAME IPsec stack of early June 2000.
FreeBSD 4.0-RELEASE incorporates KAME IPsec stack of early November 1999.
There is no difference in manual ipsec key configuration,
kernel behavior on AH/ESP operation, or ipsec_set_policy(3) API.
There are differences in behavior of PF_KEY socket, libipsec
API for PF_KEY wrapper functions and several other locations.
The difference may bite you if you want to implement application
that manipulates PF_KEY socket directly (i.e. IKE daemon like
racoon(8) or key config program like setkey(8)).
During NetBSD-current development between NetBSD 1.4 to NetBSD 1.5,
we have imported KAME IPsec portion three times.
Those imports contain backward-incompatible changes in the API.
Please make sure to use the latest code, if you are on NetBSD-current
between 1.4 and 1.5.
with NetBSD 1.5 shipped,
we will provide complete binary compatibility,
or API version number check, to the API present in NetBSD 1.5.
Books and other reading materials? (top)
There are literally tons of books available.
Search Barnes & Noble for books on “IPsec”
(NOTE: we are not making any particular recommendation about bookstore)
Other links
Miscellaneous links (top)
How to build a remote user access VPN with Racoon
FreeBSD IPsec mini-HOWTO, including interoperation with Windows 2000
KAME project,
where the IPv6 and IPsec implementations come from
KAME's
NetBSD Implementation Note
KAME's
Implementation Note - portions may not be applicable to NetBSD
implementation differences between KAME platforms
Exportability of NetBSD crypto code
Back to NetBSD Documentation: Network
Contact |
Disclaimer |
Copyright © 1994-2008 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.NetBSD® is a registered trademark of The NetBSD
Foundation, Inc.
разделы
оркестр креольский танго
регестрация пбоюл
штукатурка фасадный
любимый цвет
купить конвертер
купить каболка
доставка санкт
подводный гидромассаж
кулер винчестер
уличный барбекю
уничтожитель
intex
слоеный изделие
hi-fi
вилатерм
купить мобильник
мужчина выходной
электропечь dimplex model lee rc
вагонка половой доска
snr roulements
экстракт корень лопух сух.
контейнерный автозаправка
электрокардиограф
kyiv apartaments service
купить блендер
красный площадь васильевский спуск
купить каболка
купить широкоугольник
управление кострома
холодильный агрегат
рассылка база данный
сборщик долг
редизайн кострома
эрозия шейка матка
билет задорнов
inerta краска
мини пекарня
купить 6131
sikkens краска
выведение бородавка
глюкозамин-хондроитиновый комплекс
сервис альфа лаваль
билет балет
масло форма
шелковый ковры
ливнесборные решетка
решетка ливнесборная
антигололедные реагент
эмжс
лидо пекарня
софт автошкола
дэнас
бордюр обоев
терапевтический гидромассаж
газонокосилка dolmar
басейны intex
организация видеоконференция
программа шифрование
мва
фейрверк праздник
растворитель 646
банковский сейфовые ячейка
нестандартный коробка
мистер бин
винный холодильник
плата видеозахвата
агат кристи билет
i`m o.k./герои гроб
откачка туалет
детский мир wow
классический аэробика
промышленный аккумулятор
северный корона
цепной конвейер
урок охота
электрический прочность
курьерский почта
поставщик вина
сборщик долг
вышитый герб
телематические служба
knauf гипсокартон
холодильный централь
гидрант
герб вышивка
производственный тара
инвертор
флагшток внутренний использование
стеклянный перегородка
стальной топкий spartherm
лечение зарубежом
футбольный тотализатор
nokia 3230 купить
система дымоудаления
билет ммдм
пионовая беседка
танго кэш
бестраншейный облицовка
затенение витрина
корпоративный иностранный
5440.11 (крышка)
промывка инжектор
вино роза
datamax
силикон
отбеливание белье
промышленый альпинизм
холодильник neff
затенение витрина
купить хлебопечку
поставка тройник перех
нард онлайн
цвет ламината класс 32
шумок дмитрий владимирович
стелажи
банковский сейфовые ячейка
огнезащитный состав
raymond weil
omega
купить нипель
съемный зубной протез
облицовка электрокамин
k610 купить
мрт коленный сустав
напыление ппу
люминисцентная краска
трансперсональный психология
iridium motorola
автоматический отправка писем outlook
фейрверк вечеринка
снегоуборочный машина
российский флаг
луковичный цвет
тонировка стекол
центр консультирование
сервис alfa laval
маска косметический
красный площадь собор
icq купить
асбест
snr
рак щитовидный железа
цвет ламината класс 32
вакуумный упаковочный
ipsec